Chyba 0x800704cf

[Morf]

Dobrý den, potřeboval bych poradit s chybou měl jsem nějakou havěť v PC kterou se mi povedlo nějak odstranit částečně

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Roman-PC (15-02-2018 15:25:41)
Running from C:\Users\Roman-PC\Downloads
Windows 10 Pro Version 1709 16299.125 (X64) (2018-02-15 12:39:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-487683678-2576461091-207145408-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-487683678-2576461091-207145408-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-487683678-2576461091-207145408-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-487683678-2576461091-207145408-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-487683678-2576461091-207145408-1003 - Limited - Enabled)
metri (S-1-5-21-487683678-2576461091-207145408-1004 - Limited - Disabled)
Roman-PC (S-1-5-21-487683678-2576461091-207145408-1001 - Administrator - Enabled) => C:\Users\Roman-PC
WDAGUtilityAccount (S-1-5-21-487683678-2576461091-207145408-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
Aktualizace NVIDIA 31.0.11.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.11.0 - NVIDIA Corporation) Hidden
Any Video Converter 6.1.4 (HKLM-x32\...\Any Video Converter) (Version: 6.1.4 - Anvsoft)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Aslain's WoT Modpack verze 9.21.0.3.10 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 9.21.0.3.10 - Aslain)
Assassin's Creed Origins (HKLM-x32\...\{DAC281DD-7006-49D4-905B-E8BDA474A230}_is1) (Version: - Ubisoft)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.2.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.2.2 - ASUSTek COMPUTER INC.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Auta 2 (HKLM-x32\...\{FF10D622-7BFE-48C6-8DF6-40D8CB1D3C1B}) (Version: 1.00.0000 - Disney Interactive Studios)
Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bus Simulator 16 (HKLM\...\YnVzc2ltdWxhdG9yMTY_is1) (Version: 1 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{D61C8E6E-A4F3-4CD8-8568-51CEB5660C89}) (Version: 63.0.3239.32 - Google Inc.)
CMS Pro version 5.0.2.16 (HKLM-x32\...\{0FC09093-71CB-418D-B1DD-9B20737A7BAD}_is1) (Version: 5.0.2.16 - CMS Pro, Inc.)
Construction Simulator - Gold Edition (HKLM-x32\...\Construction Simulator - Gold Edition_is1) (Version: - )
Core Temp 1.11 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.11 - ALCPU)
CPUID CPU-Z MSI 1.78 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.78 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.77 - NVIDIA Corporation) Hidden
Dolní Kounice v2.1 (HKLM-x32\...\{B997EA27-ADE2-47BC-B4A9-A9187FD8A49E}) (Version: 2.1 - Dyk, Vačice, Bajou)
Driver Booster 4.5 (HKLM-x32\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
DS502 GAMING Headset (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006620}) (Version: 1.00.0019 - MSI Co., LTD)
Epic Games Launcher (HKLM-x32\...\{AAA3417F-FEAD-4AF7-9C01-9FAE1BB44E3D}) (Version: 1.1.134.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GX GAMING CAVIMANUS HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0019 - )
HP Deskjet 3510 series Nápověda (HKLM-x32\...\{01D55832-B40C-45C3-A8B4-17923394FDF6}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
Intel Extreme Tuning Utility (HKLM-x32\...\{79E98F35-0524-446C-8EF5-4E863C4D87E2}) (Version: 6.2.0.24 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{55669453-883A-4F15-9D3B-BC990F5C9A32}) (Version: 6.0.6 - Intel Corporation)
IPCSearch version 2.4 (HKLM-x32\...\IPCSearch_is1) (Version: 2.4 - PCamera)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Kodi (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Kodi) (Version: - XBMC-Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30637.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 3.0.0.26 - MSI)
MSI DPC Latency Tuner (HKLM-x32\...\{1AAC56F3-3F60-47DB-BE6B-088F36ADFDC5}_is1) (Version: 1.0.0.12 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.15 - MSI)
MSI Gaming Lan Manager (HKLM-x32\...\{3318282C-D4D6-4B29-BBD5-95FC34B54FF0}_is1) (Version: 1.0.0.38 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.10 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.22 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.11 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.12 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.18 - MSI)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenIV (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\OpenIV) (Version: 2.9.1.926 - .black/OpenIV Team)
OpenIV Package Creator (HKLM-x32\...\{50B3A226-83FA-4EAE-8C21-1E2471E52765}) (Version: 1.0.2 - Felix Bartling (Reditec)) Hidden
OpenIV Package Creator (HKLM-x32\...\OpenIV Package Creator 1.0.2) (Version: 1.0.2 - Felix Bartling (Reditec))
Opera Stable 51.0.2830.26 (HKLM-x32\...\Opera 51.0.2830.26) (Version: 51.0.2830.26 - Opera Software)
Oracle VM VirtualBox 5.1.30 (HKLM\...\{2F7790B1-72FA-426F-91B3-EBEAA30B1ABA}) (Version: 5.1.30 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
QPST 2.7 (HKLM-x32\...\{3D54F56A-BBB4-4D10-BAE8-6762FB2701F7}) (Version: 2.7.411 - Qualcomm)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.37 - QUALCOMM Incorporated)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QXDM Professional (HKLM-x32\...\{F366AA55-7277-4503-A62E-C67359309EA3}) (Version: 3.12.714 - Qualcomm)
RAGE - Complete Edition (HKLM-x32\...\{85FAF34D-ACFE-44A3-B81D-34FCCD5BF535}) (Version: 1.0.0 - Bethesda Softworks) Hidden
RAGE - Complete Edition (HKLM-x32\...\RAGE - Complete Edition 1.0.0) (Version: 1.0.0 - Bethesda Softworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8216 - Realtek Semiconductor Corp.)
ReliView PC_4.7_20150420_001 (HKLM-x32\...\UC) (Version: 4.7_20150420_001 - Relicam Co., Ltd. )
ROBLOX Player for Roman-PC (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.7.5.203 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Scratch 2 Offline Editor (HKLM-x32\...\{797A7277-09F9-015D-C2BE-38BC66E24253}) (Version: 255.0.1 - Massachusetts Institute of Technology) Hidden
Scratch 2 Offline Editor (HKLM-x32\...\edu.media.mit.Scratch2Editor) (Version: 456.0.1 - Massachusetts Institute of Technology)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Spotify) (Version: 1.0.72.117.g6bd7cc73 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamLabels 0.2.8 (only current user) (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\8000d50a-fcb7-5b38-8a3b-a02a0ec79daa) (Version: 0.2.8 - Streamlabs)
Studie vylepšování produktu HP Deskjet 3510 series (HKLM\...\{4847C986-125C-4C78-BF9D-56A99C2FFA29}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terela (HKLM-x32\...\{E2F7C535-0785-4C2D-B56F-016BFD02B010}) (Version: 1.1.6 - Terela)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
TreeSize Free V4.1.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.1.1 - JAM Software)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Twitch (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Unity (HKLM-x32\...\Unity) (Version: 5.6.0f3 - Unity Technologies ApS)
Update for Skype for Business 2016 (KB4011662) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D8CEB754-14AC-425F-A513-CBEE01FA8E78}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4011662) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{D8CEB754-14AC-425F-A513-CBEE01FA8E78}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4011662) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{D8CEB754-14AC-425F-A513-CBEE01FA8E78}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 29.1 - Ubisoft)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VirtualDJ 8 (HKLM-x32\...\{E1962904-0960-42F6-9072-3EC7D66A5495}) (Version: 8.2.3994.0 - Atomix Productions)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{195C52D1-CB09-4431-9CE5-F3A74DD60D05}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{AEB626E5-0CD4-4FA5-96C1-85178392A258}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WD SSD Dashboard (HKLM-x32\...\WD SSD Dashboard) (Version: 2.2.0.5 - Western Digital Corporation or its affiliates)
WD SSD Dashboard Service (HKLM-x32\...\{33FF4CF4-2BC4-488F-9020-74AC3243979A}) (Version: 1.1.0 - Western Digital Corporation or its affiliates)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WModem Driver Installer (HKLM-x32\...\HTC_WModemDriver) (Version: - HTC)
World of Tanks (HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Základní software zařízení HP Deskjet 3510 series (HKLM\...\{1719C693-20CF-4BC3-831F-B65E79268114}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2D10ABA8-90E1-4FF8-8BE9-B9786FEA159B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {4E6920EB-D95B-4F5C-94E0-B9A6085FBFBA} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [2017-01-19] (Micro-Star INT'L CO., LTD.)
Task: {7659A16B-FC0E-4D79-AAC1-CABA57161AA5} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {7BD47152-E60C-4C67-A0D2-DF54521F984A} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {888430E0-240A-4C05-B52E-EAEEE9F6561B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {ABBF4EF2-26C4-4AEC-B1BE-B408142CEF4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {B7BF50F7-09D4-4BB7-904E-ABCD35903076} - System32\Tasks\S-1-5-21-487683678-2576461091-207145408-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {BD3435B0-4610-4C2A-887F-165C47A0E383} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-24] (Google Inc.)
Task: {BD92E804-B37A-4B43-A736-F0F66BDA4A38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {C6C8ED40-0449-4817-B539-EC885A8B79EE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CA7125FC-ECEE-4A55-95FC-CB83298B3B22} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {E67EDDBC-190D-42DD-912D-FB7BADE7F185} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-24] (Google Inc.)
Task: {E8840F74-866B-4FEC-A04C-A58A94F25448} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {F3527782-C488-4455-A7F5-16BE1ECB56C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {F673DD87-EF57-48E3-9186-BA3DAA0274C8} - System32\Tasks\Opera scheduled Autoupdate 1494609104 => C:\Program Files\Opera\launcher.exe [2018-02-06] (Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-01-09 15:27 - 2018-01-24 01:23 - 000544240 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-06-27 18:08 - 2016-06-27 18:08 - 000048640 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-10-05 12:15 - 2016-10-05 12:15 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 12:15 - 2016-10-05 12:15 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-03-16 17:50 - 2018-01-10 15:33 - 001268024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 000166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2017-04-15 16:41 - 2017-11-15 20:49 - 000076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-10-07 15:48 - 2016-10-07 15:48 - 000282168 ____R () C:\Program Files\Intel\NCS2\Agent\AdapterAgnt.DLL
2017-05-04 17:23 - 2016-06-14 15:35 - 000187392 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\D3D11FontDraw.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:34 - 2017-12-14 02:34 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-30 02:02 - 2018-01-30 02:02 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-30 02:02 - 2018-01-30 02:02 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-30 02:02 - 2018-01-30 02:02 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-30 02:02 - 2018-01-30 02:02 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-30 02:02 - 2018-01-30 02:02 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-10-19 18:47 - 2014-11-10 03:52 - 002836992 ____N () C:\Program Files\DS502 GAMING Headset\CPL\DS_502_Headset.exe
2018-01-29 12:42 - 2018-01-29 12:42 - 041100328 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2017-06-17 19:00 - 2017-12-17 08:43 - 001780712 _____ () D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
2017-10-26 18:13 - 2017-10-26 18:13 - 012477600 _____ () C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
2017-06-17 19:00 - 2017-12-17 08:43 - 000839656 _____ () D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe
2017-07-16 20:34 - 2017-06-05 21:48 - 000648704 _____ () C:\Users\Roman-PC\Desktop\TranslucentTB.2017.3\TranslucentTB.exe
2016-10-04 17:09 - 2016-10-04 17:09 - 000253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2018-02-14 16:17 - 2018-02-13 05:25 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libglesv2.dll
2018-02-14 16:17 - 2018-02-13 05:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libegl.dll
2017-03-16 19:39 - 2005-07-18 13:43 - 000160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2017-05-04 17:23 - 2016-06-14 15:35 - 000163328 _____ () C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\D3D11FontDraw.dll
2018-02-15 15:10 - 2018-02-15 15:10 - 000088064 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\_ctypes.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000069120 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\bz2.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000920064 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\_hashlib.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000098816 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32api.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000110080 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\pywintypes27.dll
2018-02-15 15:10 - 2018-02-15 15:10 - 000364544 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\pythoncom27.dll
2018-02-15 15:10 - 2018-02-15 15:10 - 000686080 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\unicodedata.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000320512 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32com.shell.shell.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 001177088 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\wx._core_.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000806912 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\wx._gdi_.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000816640 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\wx._windows_.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 001067520 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\wx._controls_.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000733696 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\wx._misc_.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000736256 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\pysqlite2._sqlite.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000119808 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32file.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000108544 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32security.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000007168 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\hashobjs_ext.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000017920 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\thumbnails_ext.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000082432 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\usb_ext.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000013824 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\common.time34.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000018432 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32event.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000027648 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\windows.conditional.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000017408 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\windows.winwrap.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000089088 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\windows.volumes.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000167936 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32gui.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000046080 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\_socket.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 001311232 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\_ssl.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000135680 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\_elementtree.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000133632 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\pyexpat.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000038912 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32inet.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000077824 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\wx._html2.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000036864 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\_psutil_windows.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000524248 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\windows._lib_cacheinvalidation.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000010240 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\select.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000011264 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32crypt.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000218624 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\PIL._imaging.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000027648 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\_multiprocessing.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000020480 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\_yappi.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000035840 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32process.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000024064 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32pipe.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000025600 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32pdh.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000059392 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\windows.device_monitor.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000017408 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32profile.pyd
2018-02-15 15:10 - 2018-02-15 15:10 - 000022528 _____ () C:\Users\Roman-PC\AppData\Local\Temp\_MEI135162\win32ts.pyd
2016-05-04 10:15 - 2016-05-04 10:15 - 001289216 _____ () C:\Program Files (x86)\Samsung\SideSync4\cairo.dll
2017-10-26 18:26 - 2017-10-26 18:26 - 002661536 _____ () C:\Program Files (x86)\Samsung\SideSync4\NativeSideSyncFramework.dll
2016-05-04 10:15 - 2016-05-04 10:15 - 000230529 _____ () C:\Program Files (x86)\Samsung\SideSync4\libpng14-14.dll
2016-05-04 10:15 - 2016-05-04 10:15 - 000100352 _____ () C:\Program Files (x86)\Samsung\SideSync4\zlib1.dll
2017-10-26 18:28 - 2017-10-26 18:28 - 000861344 _____ () C:\Program Files (x86)\Samsung\SideSync4\SCommon.dll
2017-10-26 18:30 - 2017-10-26 18:30 - 005021344 _____ () C:\Program Files (x86)\Samsung\SideSync4\SLocales.dll
2016-05-04 10:15 - 2016-05-04 10:15 - 000091136 _____ () C:\Program Files (x86)\Samsung\SideSync4\ThoughtWorks.QRCode.dll
2017-06-17 19:00 - 2017-09-19 22:13 - 068210152 _____ () D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\libcef.dll
2017-12-21 20:50 - 2017-12-21 20:50 - 000064512 ____X () C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_1.5.2.0_x86__1sdd7yawvg6ne\EarTrumpet.Interop.dll
2017-06-17 19:00 - 2017-09-19 22:13 - 003110376 _____ () D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\libglesv2.dll
2017-06-17 19:00 - 2017-09-19 22:13 - 000087016 _____ () D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\libegl.dll
2018-02-05 16:12 - 2018-02-05 16:12 - 068214160 ____X () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\libcef.dll
2018-02-05 16:12 - 2018-02-05 16:12 - 003112848 ____X () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\libglesv2.dll
2018-02-05 16:12 - 2018-02-05 16:12 - 000089488 ____X () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\libegl.dll
2016-10-20 01:28 - 2016-10-20 01:28 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\bevtbdzl.sys:changelist [670]
AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [396]
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-487683678-2576461091-207145408-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman-PC\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{75af3ff3-78e1-4d0f-8d79-f6c0ea181605}.png
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSI Gaming Lan Manager"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "X_Boost"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{467F3EEA-A9E4-452E-A019-04310EE99830}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AE615624-528B-4586-8D1D-CD7D266AA704}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{2CC78E77-3CCC-4841-BFA3-50AED92ED9E6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8C1FD29B-ADE2-46AE-9CDA-819EFEC55E3D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{F9A6108E-4D8F-4923-BF35-383D3B555013}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{76D782D4-B100-4F67-BA17-801801CBE6A8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{34EA0496-30B7-4B28-B89D-8291E1FECB45}] => (Allow) C:\Program Files\Opera\51.0.2830.26\opera.exe
FirewallRules: [{E9922B3E-F3BA-4472-8C16-569F24F388E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{117E97A8-21F0-4FBC-B5A0-2B13F074D0B7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Battalion 1944\Launcher\BattalionLauncher.exe
FirewallRules: [{09A83AF2-1C79-41A7-B4AD-183C94879002}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Battalion 1944\Launcher\BattalionLauncher.exe
FirewallRules: [UDP Query User{DAA7455A-55FD-4787-BB66-39F5AE2E2273}D:\program files (x86)\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [TCP Query User{8B01548A-4421-4330-B12E-CF793829775C}D:\program files (x86)\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battalion 1944\launcher\battalionlauncher\binaries\win64\battalionlauncher-win64-shipping.exe
FirewallRules: [{8A88212C-BE60-4EBC-8B52-3485640928C9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{64CD4226-668A-450D-B262-3E107365815A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{E39E5FA6-421D-4B76-B49F-3463A38CE875}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{2CB1E89B-4488-4D5F-B335-4DB4CDB248AC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{CBAC5E6E-0B07-4E70-A250-28A1B72FA10F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{AB4A6EA5-EA40-496D-A4FE-4ABDB3C71FBA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [UDP Query User{885F902E-86EB-48BE-9A24-2AB854C06485}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [TCP Query User{6B4BA078-0B45-4B6B-A624-EB1C8928E196}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{6F65F69D-29C5-4045-8B15-E0A20897B78B}D:\windowsapps\spotifyab.spotifymusic_1.73.345.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) D:\windowsapps\spotifyab.spotifymusic_1.73.345.0_x86__zpdnekdrzrea0\spotify.exe
FirewallRules: [TCP Query User{4DC69A66-FED6-4C05-80CD-A7C8AA4F802C}D:\windowsapps\spotifyab.spotifymusic_1.73.345.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) D:\windowsapps\spotifyab.spotifymusic_1.73.345.0_x86__zpdnekdrzrea0\spotify.exe
FirewallRules: [{79A5A0A7-04EE-4AF7-A2E3-F5DE340298A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{488A09C5-E59A-4C99-8ECA-C9204703D3A8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{AD6DA4BA-3EC6-48FE-BC14-B5D934C5F4C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{50EFF84A-9F3F-4281-B14E-E9B16DA609BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CC621B05-9059-4B20-A5A0-3DFCE2FC69CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C98DD990-DC91-462B-ACFC-CB703C6E2D64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{462C9191-F100-4791-A111-CF353495A866}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{37F85E7D-4F94-4184-BCF0-F2E0620638F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DECD0157-535B-4AB4-B71F-584E229CD43F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9941ABAB-47B2-4130-9DD2-98877EE0B218}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [UDP Query User{CE385233-8AA7-488B-88DC-4DED18CADC7D}D:\program files (x86)\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [TCP Query User{97D99429-C55C-4BEB-9A3F-750D8C8720C5}D:\program files (x86)\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battalion 1944\battalion\binaries\win64\battalion.exe
FirewallRules: [{2E1DFDF1-31CD-4D58-AEE3-98B3D7656405}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3D33BD97-7CFA-42CB-B679-889CCAF50632}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90A332E0-8F90-4A06-BA47-BC01A3E904AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CCB2C5BB-7C6A-45A3-8F7A-D9E01B806977}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B33C34B7-AB78-4CAE-889D-6C1C4AACF1EB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{6ADBC80A-3CC0-4B28-AE96-B535CF8792AC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Iron Snout\IronSnout.exe
FirewallRules: [{1F5F8D49-24AE-453E-BD92-C619572E6A89}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Iron Snout\IronSnout.exe
FirewallRules: [{4D2A932A-7725-4739-95EB-3A3A158DC765}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{48994D1B-4577-47D6-87D6-942F791D529D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{30E7036F-8D8C-4B9E-9226-4C0281C47B28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8BB1162F-DA33-479E-9C37-4130A0A1AAF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0479BD76-D3AD-4232-9191-0A718A1AC1B7}] => (Allow) LPort=8085
FirewallRules: [UDP Query User{DBC26E6E-F53A-4295-BDF4-6B6AC8410D00}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{41B09E77-C6CF-492F-B4D5-6861C54CE5E1}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{F7B65246-95E7-42A7-BB82-6FF3BDADFC25}] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [{4E7A8DCF-CCA6-4D0E-835E-0B89F2C59953}] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{41A4C6A7-89A2-4851-8720-D7DC05987654}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{D23C26BE-1D15-4782-8DEF-7691A6879B01}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{229BFD85-C4BE-4F2C-9826-F8877A7DE4A7}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{D113F8D5-D0A5-45B1-BCDA-2C1FA50E9888}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{C1D9D444-74F2-4B98-8003-6961BD34B957}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{CD7C90E0-DB7D-4FB3-BD04-C9151CA8427D}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{27EFCC0C-2B5E-490A-8EB5-FD2D50F1C392}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{0A65EBFE-2765-40A8-9CBA-C3DAF2134998}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{D747DB5B-05A1-481F-AADE-290D50F595BB}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{D28C0868-8B31-4B55-83ED-3B4A90B65F45}] => (Allow) D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{A0E73833-BDF1-48CF-919D-E391E36A2C7C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [{B7068D4F-D439-4789-BD73-ECFB5F27AF5E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe
FirewallRules: [UDP Query User{16F5C51F-72EB-47B7-92FA-5C3E4DA02F46}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{C907E10F-A335-445B-9736-29BFCD28C4CD}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{71331206-B278-4A19-9723-F812E40BB298}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{9F8F22EC-A3AF-4BFB-BD51-03D0405D19BA}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{809B0208-48C4-47C1-A9FA-AE644DBC574D}] => (Allow) LPort=26789
FirewallRules: [UDP Query User{D6F6E7AE-FF5F-4BDA-9486-CE4A870C79B6}D:\program files\unity\editor\unity.exe] => (Allow) D:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{3C4BC420-9747-4252-B4D3-AC1F40496603}D:\program files\unity\editor\unity.exe] => (Allow) D:\program files\unity\editor\unity.exe
FirewallRules: [{FD7B8984-8B3F-4609-972D-46DBCCD90A74}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2AF2FD53-5972-4755-B619-D427869C53DF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB6FCFD6-A51F-4A6F-804A-CAC96C0F75A7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{35FB25A1-87DD-4F48-8446-C55860738E5A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{D76EADDB-295B-4C6F-92EF-ED9D5D634975}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{EE5B334D-CE4D-4CD4-83C5-89B90EB6A50F}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{2F3B8989-618A-458A-A44A-EF148F51093B}C:\program files\java\jre1.8.0_151\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\java.exe
FirewallRules: [TCP Query User{7A5E9DEF-629D-4214-B419-127825A52FA8}C:\program files\java\jre1.8.0_151\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\java.exe
FirewallRules: [{47E6D7A3-5330-4759-A545-96CC0513B9E4}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
FirewallRules: [UDP Query User{2DD567E9-BEB5-484A-B74B-A91AB3E993BB}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\samsung\sidesync4\sidesync.exe
FirewallRules: [TCP Query User{B682AC68-16A0-476B-9369-FCEE51E22C16}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\samsung\sidesync4\sidesync.exe
FirewallRules: [UDP Query User{D303FBA6-BB97-49BB-87AD-B2C59B5864C2}D:\program files (x86)\steam\steamapps\common\farming simulator 17\x64\farmingsimulator2017game.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [TCP Query User{248C456F-1909-407A-AC4E-755BF25865EF}D:\program files (x86)\steam\steamapps\common\farming simulator 17\x64\farmingsimulator2017game.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [{3D9F5728-74C1-4890-A971-1EDBB428DA8F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Hobo Tough Life\HoboRPG.exe
FirewallRules: [{51CA5A25-5660-49DB-BF51-310FC62DEB1E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Hobo Tough Life\HoboRPG.exe
FirewallRules: [TCP Query User{E672A342-A21D-4F44-91BB-E9EC78F99DCC}C:\users\roman-pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roman-pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{169DF3D4-1CFA-41CD-98E9-8D9755365C8E}C:\users\roman-pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roman-pc\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D99115DA-813C-452B-A2E4-FBD861E17371}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7C7106A-F2AA-4DDC-96CF-62F771E3FD28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87844484-DE84-4403-B288-1F6A6192F515}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{66C46113-9E54-4A34-88E4-FE6BE980488E}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{031B026A-252A-4863-B757-D135995E5D80}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E0E5065D-96F9-4177-A5DE-F9FAE5534FCD}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1AA126AE-C67A-4AD2-9B0C-F4B23940974A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2018\cms2018.exe
FirewallRules: [{27008F06-1400-4494-B598-2FBE2455D60A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Car Mechanic Simulator 2018\cms2018.exe
FirewallRules: [{4DAD0DC7-81D4-4FA7-A531-A155D0EEF00B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6CF2CC55-7591-45A8-828A-7704C194261B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{EB1ED8D9-4BAC-45B7-BAC7-835490AF6416}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{C2A5D777-0831-4F30-9440-58AA26A3ABF9}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{307BA476-782A-4D14-B141-D7C2AB47367D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{CBB168C8-9CAA-4A4F-9416-2AE7A88CFB72}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{12EC1BC5-0760-4DB2-996E-75A55E4E3087}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{CB7C7462-FB21-41D7-B24B-512B07654C69}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{4200DEC1-A9EF-44D2-8A7B-1C958AECDE64}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{1252AC6A-7A57-40EC-9058-011B26FA564F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{300F1C36-BC44-4BB7-953B-0A0A583EC504}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{AA0B032F-F5D4-4988-AFF6-3996F1DB52DD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [TCP Query User{A52F0453-AD8A-423B-94DC-527A92530A32}C:\users\roman-pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman-pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{4D88BC99-7BCD-4403-8700-55D5699320FC}C:\users\roman-pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\roman-pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{9CDAD1A5-9FF7-400D-B9F8-E33BA368AE4A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{FA79C685-2EF0-46CA-A6A1-6EFB5B9B0227}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{6C848CAE-4918-4609-8239-58FA007B29B3}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{4A83D051-442D-427E-8136-38164CD2CF3F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{1A2255F4-AD88-446D-A9B8-ECD9EA724BB5}] => (Allow) D:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{315870B7-D85D-4743-8FCD-692CE096E72F}] => (Allow) D:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{0920089C-0552-45DF-8E63-87E97674F64B}] => (Allow) D:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{E6FADB25-BAD7-4BB3-B4B6-BE041777EF50}] => (Allow) D:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{C84D0A06-57B0-472F-B217-032648DE799D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{9E181CC5-FA14-4BCE-8772-284958DBE062}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [TCP Query User{F19EBF81-E777-463A-9FBB-FB5D1E0E5AFC}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{459F0243-F70E-4430-91C0-61D5107B084B}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{3FD6C47E-0996-4241-9BC2-5999CE205FBE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E815823A-9760-44F6-ACD7-40401B931C9D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{74D3239C-D265-40BA-BE24-ECA67CE3A3FE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E6553C0D-F2F7-4F4C-940C-536115AD2516}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{66832598-DEC6-4CA1-A346-70B7BE82B237}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A7F4B4AC-0715-4EF4-9CD3-82BEA15FF507}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{3EFD883C-7B5F-45BB-BD34-867DEA28BC38}D:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{5650D54C-03C5-40E9-AB61-D168E970716B}D:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [{63E3353A-9ED9-432D-A771-3C63D34BEBBD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{47A9D300-1B44-4986-B9EA-9B29E543BBE3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{BA118E4C-B1D6-40AA-90E5-8CF03933587E}D:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe
FirewallRules: [UDP Query User{CCF65C97-C49F-4AFD-8BF7-9EB06937FC66}D:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe
FirewallRules: [TCP Query User{B4E5192A-D4BE-4DB9-B67F-C7EB32172D03}D:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{C53B5206-34A6-4320-9BDD-B5A7CF3CBF28}D:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [{CEE95CEC-E655-4F07-81F1-C82FCD97C282}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{B3ED7CBC-F00E-41D0-B092-43B2290674AA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{A4ADD8DB-3303-43DB-B251-9917E5404695}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{B0E39A71-2CA2-4217-99EB-AB50734A4875}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [{5B9EB2BB-B2EE-4FBB-956E-714C1F5E1869}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe
FirewallRules: [{A4FEF3CB-64A7-4552-8C1F-F356949F18B6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe
FirewallRules: [{8D04F5C5-DDD1-4DB2-8386-42EEABBA172A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{457B6A6C-A034-414D-8434-607FF5DF5FD8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{9EA17CD2-5863-4621-9463-97C04AA52BF6}] => (Allow) D:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{BABCE893-2372-451A-8B48-84DB1D19A897}] => (Allow) D:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{8835A5B9-4FC7-4B7F-9B7D-24056724DD5B}] => (Allow) D:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{D5EE00AC-1BAD-4426-B591-90B3248DD441}] => (Allow) D:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [TCP Query User{250E9CFD-0D96-46AC-9160-A7837F35EA83}D:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [UDP Query User{67186292-CA5F-42A5-8069-2306CA89799B}D:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [TCP Query User{44C5C5B7-AD25-43C3-91DF-A320041CECD5}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{64F64EE5-5765-45E0-8AAB-60CEFD3A119B}D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{5563BC9D-7817-476F-A57C-962252C96F62}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{22822FC7-ED6E-4800-BAE0-073BA058A0AB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{07C896FD-5189-4552-BEFA-BE635E967F13}C:\users\roman-pc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\roman-pc\appdata\local\fivem\fivem.exe
FirewallRules: [UDP Query User{15E94A1F-22EB-44C3-B1AB-F00E0E94344E}C:\users\roman-pc\appdata\local\fivem\fivem.exe] => (Allow) C:\users\roman-pc\appdata\local\fivem\fivem.exe
FirewallRules: [{6DDD1C46-400A-4607-A339-CB4CE7AF9416}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{D8FD0576-C6F6-4259-9902-5A16B12E56D8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\ConSim2015\ConSim2015.exe
FirewallRules: [TCP Query User{FDE60D9D-8C82-4C68-AF94-4EEBEAC66D5A}D:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [UDP Query User{ECCF38C7-A43E-4C89-99D9-56D397BEB948}D:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\launcher.exe
FirewallRules: [TCP Query User{CD1AB6ED-6516-4475-8099-CD382FB5C665}D:\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe] => (Allow) D:\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe
FirewallRules: [UDP Query User{C3AF2F37-DE8E-4EA3-AE31-AB9C5F66533A}D:\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe] => (Allow) D:\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe
FirewallRules: [TCP Query User{C0157D83-0807-4522-9709-00D8066C976A}D:\program files (x86)\reliview pc\reliview pc.exe] => (Allow) D:\program files (x86)\reliview pc\reliview pc.exe
FirewallRules: [UDP Query User{8B89553D-6596-4667-860B-B04BB5A3A2CD}D:\program files (x86)\reliview pc\reliview pc.exe] => (Allow) D:\program files (x86)\reliview pc\reliview pc.exe
FirewallRules: [{1909E1B7-B6D3-41D9-B297-C56A7502414E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{D6D00CF3-6801-4357-8E45-F6E3359E93D8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{7DB1699C-4B02-41C2-B94F-ACE92BAD5783}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{B980C1B3-507A-4CD8-AA8A-0DCA062D4A97}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: KabyLake PCI Express Root Port #10 - A2B1
Description: KabyLake PCI Express Root Port #10 - A2B1
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: INTEL
Service: pci
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2018 03:10:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/15/2018 03:10:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/15/2018 03:10:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/15/2018 03:10:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.125_none_15cbcf8893620c09.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.125_none_5d79065fa7de350f.manifest.

Error: (02/15/2018 03:10:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.125_none_15cbcf8893620c09.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.125_none_5d79065fa7de350f.manifest.

Error: (02/15/2018 02:55:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (02/15/2018 02:55:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (02/15/2018 02:55:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.125_none_15cbcf8893620c09.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.125_none_5d79065fa7de350f.manifest.


System errors:
=============
Error: (02/15/2018 03:22:52 PM) (Source: DCOM) (EventID: 10001) (User: ROMAN-PC)
Description: Nelze spustit server DCOM: Microsoft.OpusPG_1.0.101.2_x64__8wekyb3d8bbwe!OpusReleaseFinal jako Není k dispozici/Není k dispozici. Došlo k chybě:
1231
při provádění příkazu:
"C:\Program Files\WindowsApps\Microsoft.OpusPG_1.0.101.2_x64__8wekyb3d8bbwe\forza_x64_release_final.exe" -ServerName:OpusReleaseFinal.AppXhz3m1thxb88yczd2ax0k426vzefwnnmc.mca

Error: (02/15/2018 03:12:01 PM) (Source: DCOM) (EventID: 10016) (User: ROMAN-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli ROMAN-PC\Roman-PC (SID: S-1-5-21-487683678-2576461091-207145408-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/15/2018 03:11:27 PM) (Source: DCOM) (EventID: 10001) (User: ROMAN-PC)
Description: Nelze spustit server DCOM: Microsoft.OpusPG_1.0.101.2_x64__8wekyb3d8bbwe!OpusReleaseFinal jako Není k dispozici/Není k dispozici. Došlo k chybě:
1231
při provádění příkazu:
"C:\Program Files\WindowsApps\Microsoft.OpusPG_1.0.101.2_x64__8wekyb3d8bbwe\forza_x64_release_final.exe" -ServerName:OpusReleaseFinal.AppXhz3m1thxb88yczd2ax0k426vzefwnnmc.mca

Error: (02/15/2018 03:10:54 PM) (Source: DCOM) (EventID: 10016) (User: ROMAN-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli ROMAN-PC\Roman-PC (SID: S-1-5-21-487683678-2576461091-207145408-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/15/2018 03:10:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/15/2018 03:10:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/15/2018 03:10:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/15/2018 03:10:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-02-15 15:25:39.312
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálne nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Strední
Kategorie: Nástroj
Cesta: file:_C:\Users\Roman-PC\Downloads\KMSpico_setup.exe;webfile:_C:\Users\Roman-PC\Downloads\KMSpico_setup.exe|http://185.125.230.210/KMSpico_setup.exe|chrome.exe
Puvod zjištování: Internet
Typ zjištování: Konkrétní
Zdroj zjištování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Users\Roman-PC\Downloads\FRST64.exe
Verze podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-15 15:23:50.601
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálne nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Strední
Kategorie: Nástroj
Cesta: file:_C:\Users\Roman-PC\Downloads\KMSpico_setup.exe;webfile:_C:\Users\Roman-PC\Downloads\KMSpico_setup.exe|http://185.125.230.210/KMSpico_setup.exe|chrome.exe
Puvod zjištování: Internet
Typ zjištování: Konkrétní
Zdroj zjištování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-15 15:23:29.910
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálne nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dynamer!ac
ID: 2147684005
Závažnost: Vážné
Kategorie: Trojský kun
Cesta: file:_C:\Users\Roman-PC\Downloads\FRSTLauncher.exe;webfile:_C:\Users\Roman-PC\Downloads\FRSTLauncher.exe|http://viry.xf.cz/pro_usery/FRSTLauncher.exe|chrome.exe
Puvod zjištování: Internet
Typ zjištování: FastPath
Zdroj zjištování: Soubory ke stažení a prílohy
Uživatel: ROMAN-PC\Roman-PC
Název procesu: Unknown
Verze podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-15 15:10:50.683
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálne nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Strední
Kategorie: Nástroj
Cesta: file:_C:\Users\Roman-PC\Downloads\KMSpico_setup.exe;webfile:_C:\Users\Roman-PC\Downloads\KMSpico_setup.exe|http://185.125.230.210/KMSpico_setup.exe|chrome.exe
Puvod zjištování: Internet
Typ zjištování: Konkrétní
Zdroj zjištování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-15 15:07:52.979
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálne nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Strední
Kategorie: Nástroj
Cesta: file:_C:\Users\Roman-PC\Downloads\KMSpico_setup.exe;webfile:_C:\Users\Roman-PC\Downloads\KMSpico_setup.exe|http://185.125.230.210/KMSpico_setup.exe|chrome.exe
Puvod zjištování: Internet
Typ zjištování: Konkrétní
Zdroj zjištování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.261.1230.0, AS: 1.261.1230.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

CodeIntegrity:
===================================

Date: 2018-02-15 15:25:21.344
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-15 15:25:21.343
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-15 15:23:31.109
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-15 15:15:11.678
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-15 15:15:11.677
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-15 15:15:09.378
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-15 15:15:09.377
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-15 15:12:31.834
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 24%
Total physical RAM: 16347.11 MB
Available physical RAM: 12337.28 MB
Total Virtual: 18779.11 MB
Available Virtual: 13325.96 MB

==================== Drives ================================

Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
Drive c: () (Fixed) (Total:232.4 GB) (Free:101.65 GB) NTFS
Drive d: () (Fixed) (Total:1863 GB) (Free:853.79 GB) NTFS
Drive e: (ESD-USB) (Removable) (Total:7.46 GB) (Free:3.64 GB) FAT32

\\?\Volume{af570fad-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 7.5 GB) (Disk ID: 260AE2F9)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)

==================== End of Addition.txt ============================

[Rudy]

Zdravím
Potřeboval bych ještě vidět obsah souboru FRST.txt. Toto je pouze Additional.

[Morf]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Roman-PC (administrator) on ROMAN-PC (15-02-2018 15:24:55)
Running from C:\Users\Roman-PC\Downloads
Loaded Profiles: Roman-PC (Available Profiles: defaultuser0 & Roman-PC & Administrator)
Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
() C:\Windows\System32\PnkBstrA.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Western Digital Corporation or its affiliates) C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\DPC Latency Tuner\DPCLT_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files\DS502 GAMING Headset\CPL\DS_502_Headset.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
() C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
() D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe
(Spotify Ltd) C:\Users\Roman-PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(File-New-Project) D:\WindowsApps\40459File-New-Project.EarTrumpet_1.5.2.0_x86__1sdd7yawvg6ne\EarTrumpet.exe
() D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe
(Spotify Ltd) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
() C:\Users\Roman-PC\Desktop\TranslucentTB.2017.3\TranslucentTB.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe
(Spotify Ltd) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9231328 2017-07-19] (Realtek Semiconductor)
HKLM\...\Run: [Cm108BSound] => C:\Program Files\DS502 GAMING Headset\CPL\DS_502_Headset.exe [2836992 2014-11-10] ()
HKLM-x32\...\Run: [MSI Gaming Lan Manager] => C:\MSI\MSI Gaming Lan Manager\MSI_Gaming_Lan_Manager.exe [4471736 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [X_Boost] => C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe [4211128 2017-02-21] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2017-01-05] (MSI)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15371216 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [831584 2017-06-02] (MSI)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-12-08] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Roman-PC\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2268232 2017-12-18] (Gaijin Entertainment)
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [World of Tanks] => D:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net)
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [WallpaperEngine] => D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [1780712 2017-12-17] ()
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [uTorrent] => C:\Users\Roman-PC\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [12477600 2017-10-26] ()
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [Spotify Web Helper] => C:\Users\Roman-PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-17] (Spotify Ltd)
Startup: C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TranslucentTB.exe.lnk [2017-07-17]
ShortcutTarget: TranslucentTB.exe.lnk -> C:\Users\Roman-PC\Desktop\TranslucentTB.2017.3\TranslucentTB.exe ()
Startup: C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-08-20]
ShortcutTarget: Twitch.lnk -> C:\Users\Roman-PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM] => Proxy is enabled.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{277f2bc9-50d8-4951-9efc-ca43ea96873a}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131463573631749818&GUID=88AD2FB0-E24C-4129-8949-0AC94DCE8A2D
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-487683678-2576461091-207145408-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-01-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-08] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-08] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-01-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - D:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - D:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> about:start

FireFox:
========
FF DefaultProfile: 86fuzpx0.default
FF ProfilePath: C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\86fuzpx0.default [2018-02-15]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-08] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: @nsroblox.roblox.com/launcher -> C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy.dll [No File]
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy64.dll [No File]
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: ajvision.com/webconfig -> C:\WINDOWS\system32\WEBConfig2\npwebconfig.dll [No File]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default [2018-02-15]
CHR Extension: (Prezentace) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (BetterTTV) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (Dokumenty) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-05]
CHR Extension: (YouTube) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-05]
CHR Extension: (Social Blade) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2018-01-27]
CHR Extension: (FrankerFaceZ) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2018-01-10]
CHR Extension: (Tabulky) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-11-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-05]
CHR Extension: (AdBlock) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-14]
CHR Extension: (IE Tab) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2018-02-14]
CHR Extension: (BitGo) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgeogaipkoajobchncghcojanffjfhl [2017-08-05]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-08-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Unfriend Finder) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\olljnkilmblncgcghhaodkpdcnokhpah [2017-08-05]
CHR Extension: (Moje IP adresa) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2017-08-05]
CHR Extension: (Gmail) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-05]
CHR Extension: (Chrome Media Router) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-06]
CHR Profile: C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-02-14]
CHR Profile: C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-14]
CHR HKU\S-1-5-21-487683678-2576461091-207145408-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Footjane\Application\chrome.exe <==== ATTENTION

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2016-06-27] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-02-08] ()
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe [71512 2017-11-02] (Google Inc.)
S3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-02-01] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2108000 2017-06-12] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2212448 2017-05-22] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4051552 2017-06-09] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2108000 2017-06-09] (MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2455648 2017-06-09] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2134624 2017-06-09] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [4785248 2017-06-09] (MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [75192 2017-04-12] (Micro-Star INT'L CO., LTD.)
R2 MSI_DPCLTSERVICE; C:\Program Files (x86)\MSI\DPC Latency Tuner\DPCLT_Service.exe [2133968 2017-03-31] (Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [70608 2016-12-02] (Micro-Star Int'l Co., Ltd.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [164304 2017-01-05] (MSI)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2017-12-19] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3025224 2017-12-19] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-11-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-11-15] ()
R2 qcmtusvc; C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [83456 2015-07-09] (QUALCOMM, Inc.) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
R2 WD SSD Dashboard Service; C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-20] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-02-23] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CMUAC; C:\WINDOWS\system32\DRIVERS\CMUAC.sys [613888 2014-10-09] (C-MEDIA)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2017-03-17] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2017-03-17] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-16] (Disc Soft Ltd)
R3 e1dexpress; C:\WINDOWS\System32\drivers\e1d65x64.sys [555592 2017-10-19] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-15] (REALiX(tm))
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MSI)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-01-27] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-27] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-27] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-27] (Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 NTIOLib_DPC; C:\Program Files (x86)\MSI\DPC Latency Tuner\NTIOLib_X64.sys [14288 2017-03-29] (MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-03-08] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
S3 Phosgene; C:\WINDOWS\system32\DRIVERS\Phosgene.sys [34136 2015-09-02] (Adoriasoft LLC)
R2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
S3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-20] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-20] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-20] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-15 15:24 - 2018-02-15 15:25 - 000032968 _____ C:\Users\Roman-PC\Downloads\FRST.txt
2018-02-15 15:24 - 2018-02-15 15:24 - 000000000 ____D C:\FRST
2018-02-15 15:23 - 2018-02-15 15:23 - 002405376 _____ (Farbar) C:\Users\Roman-PC\Downloads\FRST64.exe
2018-02-15 15:10 - 2018-02-15 15:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-15 13:45 - 2018-02-15 13:45 - 000000000 ____D C:\ProgramData\USOShared
2018-02-15 13:41 - 2018-02-15 13:41 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-02-15 13:40 - 2018-02-15 13:40 - 000000020 ___SH C:\Users\Roman-PC\ntuser.ini
2018-02-15 13:38 - 2018-02-15 15:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-15 13:38 - 2018-02-15 13:44 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BD5397A8-45E5-47C2-9631-61CA3D0CA536}
2018-02-15 13:38 - 2018-02-15 13:38 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-15 13:38 - 2018-02-15 13:38 - 000003350 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08F3BCB1-E426-40F6-A85D-89CF7BD73AAC}
2018-02-15 13:38 - 2018-02-15 13:38 - 000003288 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1494609104
2018-02-15 13:38 - 2018-02-15 13:38 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-15 13:38 - 2018-02-15 13:38 - 000002848 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-487683678-2576461091-207145408-500
2018-02-15 13:38 - 2018-02-15 13:38 - 000002540 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2018-02-15 13:38 - 2018-02-15 13:38 - 000002280 _____ C:\WINDOWS\System32\Tasks\MSIGH_Host
2018-02-15 13:38 - 2018-02-15 13:38 - 000002222 _____ C:\WINDOWS\System32\Tasks\MSIOSDx86_Host
2018-02-15 13:38 - 2018-02-15 13:38 - 000002222 _____ C:\WINDOWS\System32\Tasks\MSIOSDx64_Host
2018-02-15 13:38 - 2018-02-15 13:38 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-15 13:38 - 2018-02-15 13:38 - 000002148 _____ C:\WINDOWS\System32\Tasks\MSISW_Host
2018-02-15 13:38 - 2018-02-15 13:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-487683678-2576461091-207145408-1001
2018-02-15 13:38 - 2018-02-15 13:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2018-02-15 13:38 - 2018-02-15 13:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\cFos
2018-02-15 13:37 - 2018-02-15 13:38 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2018-02-15 13:37 - 2018-02-15 13:38 - 000015243 _____ C:\WINDOWS\diagerr.xml
2018-02-15 13:36 - 2018-02-15 15:14 - 001923818 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-15 13:36 - 2018-02-15 13:36 - 000000252 ____H C:\WINDOWS\Tasks\MSISW_Host.job
2018-02-15 13:34 - 2018-02-15 13:34 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-02-15 13:33 - 2018-02-15 13:51 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\Packages
2018-02-15 13:33 - 2018-02-15 13:40 - 000000000 ____D C:\Users\Roman-PC
2018-02-15 13:33 - 2018-02-15 13:37 - 000000000 ____D C:\Users\defaultuser0
2018-02-15 13:33 - 2018-02-15 13:37 - 000000000 ____D C:\Users\Administrator
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Soubory cookie
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Šablony
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Poslední
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Okolní tiskárny
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Okolní síť
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Nabídka Start
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Dokumenty
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Documents\Obrázky
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Documents\Hudba
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Documents\Filmy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\AppData\Local\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Soubory cookie
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Šablony
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Poslední
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Okolní tiskárny
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Okolní síť
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Nabídka Start
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Dokumenty
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Obrázky
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Hudba
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Filmy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Šablony
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Poslední
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2018-02-15 13:33 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-02-15 13:32 - 2018-01-24 01:23 - 000532040 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-02-15 13:32 - 2018-01-23 23:42 - 000137712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-02-15 13:31 - 2018-02-15 14:54 - 005755552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-15 13:31 - 2018-02-15 13:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-15 13:29 - 2018-02-15 13:39 - 000000000 ____D C:\Windows.old
2018-02-15 13:29 - 2018-02-15 13:29 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2018-02-15 13:25 - 2018-02-15 13:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-02-15 13:25 - 2018-01-27 17:56 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-02-15 13:25 - 2018-01-27 17:56 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-02-15 13:25 - 2018-01-27 17:56 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-02-15 13:25 - 2018-01-27 17:43 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-02-15 13:25 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-02-15 13:24 - 2018-02-15 13:25 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-02-15 13:23 - 2018-02-15 13:29 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-02-15 13:23 - 2018-02-15 13:23 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-02-15 13:23 - 2018-02-15 13:23 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-02-15 13:23 - 2018-02-15 13:23 - 000000000 ____D C:\Program Files\MSBuild
2018-02-15 13:23 - 2018-02-15 13:23 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-02-15 13:23 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-02-15 13:23 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-02-15 13:23 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-02-15 13:22 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-02-15 13:22 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-02-15 13:22 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-02-15 13:17 - 2018-02-15 13:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-02-15 13:00 - 2018-02-15 14:33 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-15 12:51 - 2018-02-15 12:51 - 000002445 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ___RD C:\Users\Administrator\OneDrive
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2018-02-15 12:50 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2018-02-15 12:50 - 2018-02-15 12:50 - 000002328 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ___RD C:\Users\Administrator\3D Objects
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2018-02-15 12:50 - 2017-09-12 10:48 - 000000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2018-02-15 12:50 - 2017-07-13 11:18 - 000000153 _____ C:\Users\Administrator\BullseyeCoverageError.txt
2018-02-15 12:50 - 2017-06-19 15:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2018-02-15 12:50 - 2017-05-26 23:37 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2018-02-14 21:25 - 2018-02-14 21:25 - 000001291 _____ C:\Users\Roman-PC\Desktop\Google Chrome.lnk
2018-02-14 20:39 - 2018-02-14 20:39 - 000000000 ___HD C:\$Windows.~WS
2018-02-14 20:29 - 2018-02-14 20:29 - 000000000 ___HD C:\$SysReset
2018-02-14 19:12 - 2018-02-14 19:13 - 008222496 _____ (Malwarebytes) C:\Users\Roman-PC\Downloads\adwcleaner_7.0.8.0.exe
2018-02-14 18:58 - 2018-02-14 18:58 - 001393080 _____ (Opera Software) C:\Users\Roman-PC\Downloads\OperaSetup.exe
2018-02-14 18:48 - 2018-02-14 18:53 - 000000000 _____ C:\Recovery.txt
2018-02-14 18:33 - 2018-02-14 20:46 - 000000000 ____D C:\AdwCleaner
2018-02-14 16:47 - 2018-02-14 16:47 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\ESET
2018-02-14 16:46 - 2018-02-15 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-02-14 16:46 - 2018-02-14 16:46 - 000000000 ____D C:\ProgramData\ESET
2018-02-14 16:46 - 2018-02-14 16:46 - 000000000 ____D C:\Program Files\ESET
2018-02-14 15:19 - 2018-02-15 15:10 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 15:19 - 2018-02-14 15:19 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Google
2018-02-14 15:00 - 2002-08-29 18:33 - 000319488 _____ () C:\WINDOWS\SysWOW64\MafiaSetup.exe
2018-02-14 14:56 - 2018-02-14 20:46 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-02-14 14:46 - 2018-02-14 14:47 - 007306280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Roman-PC\Downloads\avg_antivirus_free_setup.exe
2018-02-14 14:28 - 2018-02-14 14:28 - 001129816 _____ (Google Inc.) C:\Users\Roman-PC\Downloads\ChromeSetup.exe
2018-02-12 00:05 - 2018-02-12 00:05 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\gegl-0.3
2018-02-11 23:55 - 2018-02-14 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2018-02-11 23:55 - 2018-02-11 23:55 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2018-02-11 23:55 - 2018-02-11 23:55 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll
2018-02-11 23:55 - 2010-12-06 03:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2018-02-11 23:54 - 2018-02-11 23:54 - 003866984 _____ (@ByELDI ) C:\Users\Roman-PC\Downloads\KMSpico_setup.exe
2018-02-11 23:31 - 2018-02-11 23:31 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\BattalionLauncher
2018-02-09 18:02 - 2018-02-12 19:45 - 000000000 ____D C:\Users\Roman-PC\Desktop\převodovk
2018-02-09 00:44 - 2018-02-09 00:44 - 000000221 _____ C:\Users\Roman-PC\Desktop\Saints Row The Third.url
2018-02-08 09:46 - 2017-04-22 17:45 - 009444532 _____ (hackphoenix.com) C:\Users\Roman-PC\Desktop\FTBLauncher_64bit.exe
2018-02-06 19:25 - 2018-02-06 00:23 - 000000234 _____ C:\Users\Public\Libraries.ini
2018-02-05 23:03 - 2018-02-05 23:03 - 000000782 _____ C:\Users\Roman-PC\Desktop\Aslains WoT Logs Archiver.lnk
2018-02-05 22:52 - 2018-02-05 22:54 - 135597392 _____ (Aslain ) C:\Users\Roman-PC\Downloads\Aslains_WoT_Modpack_Installer_v.9.21.0.3_10.exe
2018-02-05 11:44 - 2018-02-14 20:46 - 000000000 ____D C:\Users\Roman-PC\Documents\Assassin's Creed Origins
2018-02-05 11:33 - 2018-02-15 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2018-02-05 11:33 - 2018-02-05 11:33 - 000000986 _____ C:\Users\Public\Desktop\Assassin's Creed Origins.lnk
2018-02-02 12:04 - 2018-02-14 20:46 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\CrashReportClient
2018-02-01 22:39 - 2018-02-01 22:40 - 000926208 _____ (Slimm Solutions) C:\Users\Roman-PC\Downloads\Slimm Bat to Exe.exe
2018-02-01 21:43 - 2018-02-14 20:46 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-02-01 21:43 - 2018-02-01 21:43 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\Battalion
2018-02-01 21:15 - 2018-02-01 21:15 - 000000222 _____ C:\Users\Roman-PC\Desktop\BATTALION 1944.url
2018-01-29 18:53 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001334808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001325384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001049480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001043128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000795928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000740336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000599352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-01-29 18:53 - 2018-01-24 01:23 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-01-29 18:53 - 2018-01-24 01:23 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-29 18:53 - 2018-01-24 01:23 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-01-24 21:34 - 2018-01-24 21:34 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\Steel Crate Games
2018-01-24 21:31 - 2018-01-24 21:32 - 000000005 _____ C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2018-01-22 15:31 - 2018-01-22 15:31 - 000000000 ____D C:\Program Files\Bonjour
2018-01-22 15:31 - 2018-01-22 15:31 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-01-21 17:40 - 2018-01-21 17:40 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\dgVoodoo
2018-01-21 17:38 - 2018-01-21 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Community Modpack for Mafia The City of Lost Heaven
2018-01-21 14:50 - 2017-03-12 09:55 - 3545667174 _____ C:\Users\Roman-PC\Desktop\20170312_094006A.mp4
2018-01-21 14:46 - 2017-03-12 10:09 - 3390042588 _____ C:\Users\Roman-PC\Desktop\20170312_095506A.mp4
2018-01-21 14:41 - 2018-01-21 14:41 - 000000222 _____ C:\Users\Roman-PC\Desktop\Iron Snout.url
2018-01-21 14:41 - 2018-01-21 14:41 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\IronSnout
2018-01-21 00:01 - 2017-12-15 03:03 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-01-16 19:49 - 2018-01-16 19:49 - 000000000 ____D C:\Program Files\Malwarebytes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-15 15:20 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-15 15:14 - 2017-09-30 15:30 - 000821550 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-15 15:14 - 2017-09-30 15:30 - 000172056 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-15 15:10 - 2017-07-16 18:43 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-15 15:10 - 2017-06-09 20:38 - 000000000 ___RD C:\Users\Roman-PC\Disk Google
2018-02-15 15:09 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-15 15:06 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-15 15:02 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-15 13:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-15 13:57 - 2017-03-16 17:55 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\TS3Client
2018-02-15 13:51 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-02-15 13:40 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-02-15 13:40 - 2017-04-19 18:05 - 000000000 ___RD C:\Users\Roman-PC\3D Objects
2018-02-15 13:40 - 2016-11-21 05:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-15 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-02-15 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2018-02-15 13:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-02-15 13:38 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-02-15 13:37 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2018-02-15 13:37 - 2017-03-22 22:56 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-02-15 13:37 - 2017-03-16 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-15 13:35 - 2017-12-03 16:34 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2018-02-15 13:35 - 2017-11-04 22:04 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2018-02-15 13:35 - 2017-09-12 14:10 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2018-02-15 13:35 - 2017-07-22 17:23 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vector Magic
2018-02-15 13:34 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-15 13:34 - 2017-03-16 17:07 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2018-02-15 13:33 - 2017-10-29 18:41 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModManager
2018-02-15 13:33 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-02-15 13:32 - 2017-07-16 18:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-15 13:32 - 2017-07-16 18:42 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-02-15 13:32 - 2017-07-16 18:42 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-02-15 13:32 - 2017-07-16 18:42 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-02-15 13:32 - 2017-04-02 14:30 - 000000000 ____D C:\Temp
2018-02-15 13:32 - 2017-03-20 19:48 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-15 13:31 - 2017-07-16 18:43 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-15 13:30 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-02-15 13:29 - 2017-11-25 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2018-02-15 13:29 - 2017-11-05 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2018-02-15 13:29 - 2017-10-19 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro-Star
2018-02-15 13:29 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-02-15 13:29 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-02-15 13:29 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\System
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-15 13:29 - 2017-09-15 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-02-15 13:29 - 2017-08-07 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2018-02-15 13:29 - 2017-07-20 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2018-02-15 13:29 - 2017-07-16 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2018-02-15 13:29 - 2017-07-16 18:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-15 13:29 - 2017-07-15 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2018-02-15 13:29 - 2017-06-19 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QPST
2018-02-15 13:29 - 2017-06-12 16:22 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2018-02-15 13:29 - 2017-06-12 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2018-02-15 13:29 - 2017-05-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2018-02-15 13:29 - 2017-05-13 21:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.6.0f3 (64-bit)
2018-02-15 13:29 - 2017-05-04 16:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WEBConfig2
2018-02-15 13:29 - 2017-05-04 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCSearch
2018-02-15 13:29 - 2017-05-04 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2018-02-15 13:29 - 2017-05-04 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReliView PC
2018-02-15 13:29 - 2017-05-04 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CMS Pro
2018-02-15 13:29 - 2017-04-22 18:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-02-15 13:29 - 2017-04-22 18:39 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-02-15 13:29 - 2017-04-15 19:57 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2018-02-15 13:29 - 2017-04-13 11:45 - 000000000 ____D C:\Program Files\UNP
2018-02-15 13:29 - 2017-04-02 17:19 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-02-15 13:29 - 2017-04-02 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QXDM Professional
2018-02-15 13:29 - 2017-04-01 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6
2018-02-15 13:29 - 2017-03-24 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-02-15 13:29 - 2017-03-22 21:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-02-15 13:29 - 2017-03-21 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-02-15 13:29 - 2017-03-17 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2018-02-15 13:29 - 2017-03-16 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-15 13:29 - 2017-03-16 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-02-15 13:29 - 2017-03-16 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2018-02-15 13:29 - 2017-03-16 21:53 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-02-15 13:29 - 2017-03-16 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-02-15 13:29 - 2017-03-16 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-15 13:29 - 2017-03-16 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-02-15 13:29 - 2017-03-16 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
2018-02-15 13:29 - 2017-03-16 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-02-15 13:29 - 2017-03-16 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-15 13:29 - 2017-03-16 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-02-15 13:29 - 2017-03-16 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KYE SYSTEMS CORP
2018-02-15 13:29 - 2017-03-16 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-15 13:29 - 2017-03-16 17:35 - 000000000 ____D C:\Program Files\Intel
2018-02-15 13:29 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-02-15 13:27 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-02-15 13:25 - 2018-01-09 15:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-02-15 13:25 - 2017-12-01 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2018-02-15 13:25 - 2017-10-12 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2018-02-15 13:25 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\OCR
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-02-15 13:25 - 2017-08-05 23:24 - 000000000 ____D C:\Program Files\Realtek
2018-02-15 13:25 - 2017-06-12 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2018-02-15 13:25 - 2017-05-13 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2018-02-15 13:25 - 2017-04-15 19:57 - 000000000 ___RD C:\WINDOWS\WebManagement
2018-02-15 13:25 - 2017-04-02 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2018-02-15 13:25 - 2017-03-19 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2018-02-15 13:25 - 2017-03-16 22:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\astragon Entertainment GmbH
2018-02-15 13:25 - 2017-03-16 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-02-15 13:25 - 2017-03-16 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2018-02-15 13:23 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-02-15 13:23 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-02-15 13:23 - 2017-09-29 14:41 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2018-02-15 13:23 - 2017-09-29 14:41 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2018-02-15 13:23 - 2017-09-29 14:41 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2018-02-15 13:23 - 2017-09-29 14:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2018-02-15 12:39 - 2017-08-20 20:34 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Twitch
2018-02-14 21:29 - 2017-05-12 18:11 - 000000000 ____D C:\Program Files\Opera
2018-02-14 20:54 - 2017-03-16 21:07 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\Mozilla
2018-02-14 20:46 - 2017-11-04 22:04 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-02-14 20:46 - 2017-10-21 21:17 - 000000000 ____D C:\Users\Roman-PC\Desktop\FTB_Pack_Install
2018-02-14 20:46 - 2017-10-19 18:47 - 000000000 ____D C:\ProgramData\FaceLift
2018-02-14 20:46 - 2017-07-15 16:54 - 000000000 ____D C:\ProgramData\ProductData
2018-02-14 20:46 - 2017-07-15 16:52 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\IObit
2018-02-14 20:46 - 2017-07-15 16:51 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\IObit
2018-02-14 20:46 - 2017-07-15 16:51 - 000000000 ____D C:\ProgramData\IObit
2018-02-14 20:46 - 2017-07-14 21:08 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\Heroes and Generals
2018-02-14 20:46 - 2017-05-28 11:59 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\Daybreak Game Company
2018-02-14 20:46 - 2017-04-11 20:54 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\FiveM
2018-02-14 20:46 - 2017-03-24 09:59 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\vlc
2018-02-14 20:46 - 2017-03-16 22:45 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\obs-studio
2018-02-14 20:46 - 2017-03-16 19:53 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\uTorrent
2018-02-14 20:46 - 2017-03-16 19:32 - 000000000 ____D C:\MSI
2018-02-14 20:46 - 2017-03-16 19:08 - 000000000 ____D C:\Users\Roman-PC\Documents\Euro Truck Simulator 2
2018-02-14 20:40 - 2017-03-16 17:30 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\CrashDumps
2018-02-14 20:10 - 2017-03-16 17:34 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\ElevatedDiagnostics
2018-02-14 18:55 - 2017-06-09 17:12 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-14 18:54 - 2017-05-04 16:32 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\IE Tab
2018-02-14 18:54 - 2017-03-16 17:40 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-14 18:40 - 2017-03-16 21:07 - 000000000 ____D C:\WINDOWS\system32\log
2018-02-14 15:08 - 2017-04-21 11:02 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\Avg
2018-02-14 15:08 - 2017-04-21 11:02 - 000000000 ____D C:\ProgramData\Avg
2018-02-14 14:25 - 2017-03-16 19:59 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\DAEMON Tools Lite
2018-02-14 13:25 - 2017-11-06 16:23 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\PlaceholderTileLogoFolder
2018-02-14 10:50 - 2017-10-11 15:12 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 10:50 - 2017-03-16 21:32 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-14 10:49 - 2016-07-16 12:47 - 000000167 _____ C:\WINDOWS\win.ini
2018-02-10 17:39 - 2017-12-12 12:40 - 000000000 ____D C:\Users\Roman-PC\Desktop\train simulator 2k17
2018-02-08 09:55 - 2018-01-09 21:34 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\.technic
2018-02-04 23:13 - 2017-03-16 19:57 - 000001004 _____ C:\Users\Roman-PC\Desktop\µTorrent.lnk
2018-02-02 21:51 - 2017-03-16 17:51 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\NVIDIA
2018-02-01 22:30 - 2017-08-19 19:12 - 000000000 ____D C:\Program Files (x86)\Audacity
2018-02-01 21:43 - 2017-07-06 13:11 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\UnrealEngine
2018-02-01 21:43 - 2017-03-31 18:56 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\EasyAntiCheat
2018-01-31 09:45 - 2017-07-16 19:00 - 000002410 _____ C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-31 09:45 - 2017-03-16 17:10 - 000000000 ___RD C:\Users\Roman-PC\OneDrive
2018-01-28 08:28 - 2017-12-10 21:40 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\Spotify
2018-01-28 07:05 - 2017-03-17 13:03 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Spotify
2018-01-24 21:33 - 2017-06-10 20:36 - 000000000 ____D C:\Users\Roman-PC\VirtualBox VMs
2018-01-24 21:33 - 2017-03-16 22:55 - 000000000 ____D C:\Users\Roman-PC\.VirtualBox
2018-01-24 21:32 - 2017-04-02 14:31 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\HTC
2018-01-24 21:32 - 2017-04-02 14:30 - 000000000 ____D C:\ProgramData\HTC
2018-01-24 09:19 - 2017-03-16 21:32 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 01:23 - 2017-09-30 15:32 - 000438768 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2018-01-24 00:11 - 2017-07-16 18:43 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-23 23:57 - 2017-07-16 18:43 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-22 15:31 - 2017-10-02 17:49 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-01-22 06:46 - 2017-07-16 18:43 - 007947791 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-21 00:01 - 2017-03-16 17:51 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-01-20 20:04 - 2017-03-16 22:07 - 000000000 ____D C:\ProgramData\TruckersMP
2018-01-16 21:44 - 2017-05-26 22:48 - 000002106 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-01-16 19:58 - 2017-04-18 09:55 - 000000000 ____D C:\WINDOWS\Update
2018-01-16 19:58 - 2017-04-01 07:41 - 000000000 ____D C:\Update

==================== Files in the root of some directories =======

2017-11-24 22:39 - 2017-11-24 22:39 - 000000087 _____ () C:\ProgramData\Uninstaller.bat
2017-08-05 00:19 - 2017-08-05 00:23 - 007649280 _____ () C:\Program Files (x86)\GUT7F62.tmp
2017-04-06 19:47 - 2017-04-06 20:07 - 000000132 _____ () C:\Users\Roman-PC\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2017-08-07 22:58 - 2017-08-07 22:58 - 000000132 _____ () C:\Users\Roman-PC\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2017-04-19 18:15 - 2018-01-10 14:49 - 000000132 _____ () C:\Users\Roman-PC\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2017-09-11 16:41 - 2017-09-12 09:12 - 000000000 _____ () C:\Users\Roman-PC\AppData\Roaming\FileIn.cns
2017-09-11 16:41 - 2017-09-12 09:12 - 000000000 _____ () C:\Users\Roman-PC\AppData\Roaming\FileOut.cns
2017-08-07 23:02 - 2017-08-07 23:06 - 000001480 _____ () C:\Users\Roman-PC\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-06-11 11:48 - 2017-08-04 19:33 - 000007602 _____ () C:\Users\Roman-PC\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-15 13:31

==================== End of FRST.txt ============================

[Morf]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Roman-PC (administrator) on ROMAN-PC (15-02-2018 15:24:55)
Running from C:\Users\Roman-PC\Downloads
Loaded Profiles: Roman-PC (Available Profiles: defaultuser0 & Roman-PC & Administrator)
Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
() C:\Windows\System32\PnkBstrA.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Western Digital Corporation or its affiliates) C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\DPC Latency Tuner\DPCLT_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files\DS502 GAMING Headset\CPL\DS_502_Headset.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe
() C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
() D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe
(Spotify Ltd) C:\Users\Roman-PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(File-New-Project) D:\WindowsApps\40459File-New-Project.EarTrumpet_1.5.2.0_x86__1sdd7yawvg6ne\EarTrumpet.exe
() D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe
(Spotify Ltd) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
() C:\Users\Roman-PC\Desktop\TranslucentTB.2017.3\TranslucentTB.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\webwallpaper32.exe
(Spotify Ltd) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.73.345.0_x86__zpdnekdrzrea0\Spotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9231328 2017-07-19] (Realtek Semiconductor)
HKLM\...\Run: [Cm108BSound] => C:\Program Files\DS502 GAMING Headset\CPL\DS_502_Headset.exe [2836992 2014-11-10] ()
HKLM-x32\...\Run: [MSI Gaming Lan Manager] => C:\MSI\MSI Gaming Lan Manager\MSI_Gaming_Lan_Manager.exe [4471736 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [X_Boost] => C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe [4211128 2017-02-21] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2017-01-05] (MSI)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15371216 2017-03-07] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [831584 2017-06-02] (MSI)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-12-08] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Roman-PC\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2268232 2017-12-18] (Gaijin Entertainment)
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [World of Tanks] => D:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139872 2018-01-05] (Wargaming.net)
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [WallpaperEngine] => D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [1780712 2017-12-17] ()
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [uTorrent] => C:\Users\Roman-PC\AppData\Roaming\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [12477600 2017-10-26] ()
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\Run: [Spotify Web Helper] => C:\Users\Roman-PC\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-01-17] (Spotify Ltd)
Startup: C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TranslucentTB.exe.lnk [2017-07-17]
ShortcutTarget: TranslucentTB.exe.lnk -> C:\Users\Roman-PC\Desktop\TranslucentTB.2017.3\TranslucentTB.exe ()
Startup: C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-08-20]
ShortcutTarget: Twitch.lnk -> C:\Users\Roman-PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM] => Proxy is enabled.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{277f2bc9-50d8-4951-9efc-ca43ea96873a}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131463573631749818&GUID=88AD2FB0-E24C-4129-8949-0AC94DCE8A2D
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-487683678-2576461091-207145408-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-01-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-08] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-08] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-01-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - D:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - D:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> about:start

FireFox:
========
FF DefaultProfile: 86fuzpx0.default
FF ProfilePath: C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\86fuzpx0.default [2018-02-15]
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-08] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: @nsroblox.roblox.com/launcher -> C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy.dll [No File]
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy64.dll [No File]
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: ajvision.com/webconfig -> C:\WINDOWS\system32\WEBConfig2\npwebconfig.dll [No File]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default [2018-02-15]
CHR Extension: (Prezentace) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (BetterTTV) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (Dokumenty) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-05]
CHR Extension: (YouTube) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-05]
CHR Extension: (Social Blade) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2018-01-27]
CHR Extension: (FrankerFaceZ) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2018-01-10]
CHR Extension: (Tabulky) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-11-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-05]
CHR Extension: (AdBlock) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-14]
CHR Extension: (IE Tab) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2018-02-14]
CHR Extension: (BitGo) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgeogaipkoajobchncghcojanffjfhl [2017-08-05]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-08-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Unfriend Finder) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\olljnkilmblncgcghhaodkpdcnokhpah [2017-08-05]
CHR Extension: (Moje IP adresa) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhoeoiodcebkkigjiooibeccnfmmkoe [2017-08-05]
CHR Extension: (Gmail) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-05]
CHR Extension: (Chrome Media Router) - C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-06]
CHR Profile: C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-02-14]
CHR Profile: C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-14]
CHR HKU\S-1-5-21-487683678-2576461091-207145408-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Footjane\Application\chrome.exe <==== ATTENTION

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [48640 2016-06-27] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-02-08] ()
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe [71512 2017-11-02] (Google Inc.)
S3 Disc Soft Lite Bus Service; D:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [610464 2018-02-01] (EasyAntiCheat Ltd)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [47056 2017-02-17] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-10-13] (Micro-Star INT'L CO., LTD.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2108000 2017-06-12] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2212448 2017-05-22] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4051552 2017-06-09] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2108000 2017-06-09] (MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2455648 2017-06-09] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2134624 2017-06-09] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [4785248 2017-06-09] (MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [75192 2017-04-12] (Micro-Star INT'L CO., LTD.)
R2 MSI_DPCLTSERVICE; C:\Program Files (x86)\MSI\DPC Latency Tuner\DPCLT_Service.exe [2133968 2017-03-31] (Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [70608 2016-12-02] (Micro-Star Int'l Co., Ltd.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [164304 2017-01-05] (MSI)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2155328 2017-12-19] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3025224 2017-12-19] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2017-11-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-11-15] ()
R2 qcmtusvc; C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [83456 2015-07-09] (QUALCOMM, Inc.) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
R2 WD SSD Dashboard Service; C:\Program Files (x86)\Western Digital\SSD Dashboard\WDSSDDashboardService.exe [1706496 2016-11-15] (Western Digital Corporation or its affiliates) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-20] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-20] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-02-23] (Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CMUAC; C:\WINDOWS\system32\DRIVERS\CMUAC.sys [613888 2014-10-09] (C-MEDIA)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2017-03-17] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2017-03-17] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-16] (Disc Soft Ltd)
R3 e1dexpress; C:\WINDOWS\System32\drivers\e1d65x64.sys [555592 2017-10-19] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-07-15] (REALiX(tm))
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MSI)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-01-27] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-27] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-27] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-27] (Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [13776 2016-04-12] (MSI)
R3 NTIOLib_DPC; C:\Program Files (x86)\MSI\DPC Latency Tuner\NTIOLib_X64.sys [14288 2017-03-29] (MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-03-08] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a39871618b19f06\nvlddmkm.sys [17493824 2018-01-24] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
S3 Phosgene; C:\WINDOWS\system32\DRIVERS\Phosgene.sys [34136 2015-09-02] (Adoriasoft LLC)
R2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [86936 2016-03-10] (Micro-Star Int'l Co., Ltd.)
S3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-20] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-20] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-20] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-15 15:24 - 2018-02-15 15:25 - 000032968 _____ C:\Users\Roman-PC\Downloads\FRST.txt
2018-02-15 15:24 - 2018-02-15 15:24 - 000000000 ____D C:\FRST
2018-02-15 15:23 - 2018-02-15 15:23 - 002405376 _____ (Farbar) C:\Users\Roman-PC\Downloads\FRST64.exe
2018-02-15 15:10 - 2018-02-15 15:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-15 13:45 - 2018-02-15 13:45 - 000000000 ____D C:\ProgramData\USOShared
2018-02-15 13:41 - 2018-02-15 13:41 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-02-15 13:40 - 2018-02-15 13:40 - 000000020 ___SH C:\Users\Roman-PC\ntuser.ini
2018-02-15 13:38 - 2018-02-15 15:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-15 13:38 - 2018-02-15 13:44 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BD5397A8-45E5-47C2-9631-61CA3D0CA536}
2018-02-15 13:38 - 2018-02-15 13:38 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-15 13:38 - 2018-02-15 13:38 - 000003350 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08F3BCB1-E426-40F6-A85D-89CF7BD73AAC}
2018-02-15 13:38 - 2018-02-15 13:38 - 000003288 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1494609104
2018-02-15 13:38 - 2018-02-15 13:38 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-15 13:38 - 2018-02-15 13:38 - 000002848 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-487683678-2576461091-207145408-500
2018-02-15 13:38 - 2018-02-15 13:38 - 000002540 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2018-02-15 13:38 - 2018-02-15 13:38 - 000002280 _____ C:\WINDOWS\System32\Tasks\MSIGH_Host
2018-02-15 13:38 - 2018-02-15 13:38 - 000002222 _____ C:\WINDOWS\System32\Tasks\MSIOSDx86_Host
2018-02-15 13:38 - 2018-02-15 13:38 - 000002222 _____ C:\WINDOWS\System32\Tasks\MSIOSDx64_Host
2018-02-15 13:38 - 2018-02-15 13:38 - 000002216 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-15 13:38 - 2018-02-15 13:38 - 000002148 _____ C:\WINDOWS\System32\Tasks\MSISW_Host
2018-02-15 13:38 - 2018-02-15 13:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-487683678-2576461091-207145408-1001
2018-02-15 13:38 - 2018-02-15 13:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2018-02-15 13:38 - 2018-02-15 13:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\cFos
2018-02-15 13:37 - 2018-02-15 13:38 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2018-02-15 13:37 - 2018-02-15 13:38 - 000015243 _____ C:\WINDOWS\diagerr.xml
2018-02-15 13:36 - 2018-02-15 15:14 - 001923818 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-15 13:36 - 2018-02-15 13:36 - 000000252 ____H C:\WINDOWS\Tasks\MSISW_Host.job
2018-02-15 13:34 - 2018-02-15 13:34 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-02-15 13:33 - 2018-02-15 13:51 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\Packages
2018-02-15 13:33 - 2018-02-15 13:40 - 000000000 ____D C:\Users\Roman-PC
2018-02-15 13:33 - 2018-02-15 13:37 - 000000000 ____D C:\Users\defaultuser0
2018-02-15 13:33 - 2018-02-15 13:37 - 000000000 ____D C:\Users\Administrator
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Soubory cookie
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Šablony
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Poslední
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Okolní tiskárny
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Okolní síť
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Nabídka Start
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Dokumenty
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Documents\Obrázky
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Documents\Hudba
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Documents\Filmy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Roman-PC\AppData\Local\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Soubory cookie
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Šablony
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Poslední
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Okolní tiskárny
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Okolní síť
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Nabídka Start
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Dokumenty
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Obrázky
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Hudba
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Filmy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Šablony
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Poslední
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2018-02-15 13:33 - 2018-02-15 13:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2018-02-15 13:33 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-02-15 13:32 - 2018-01-24 01:23 - 000532040 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-02-15 13:32 - 2018-01-23 23:42 - 000137712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-02-15 13:31 - 2018-02-15 14:54 - 005755552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-15 13:31 - 2018-02-15 13:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-15 13:29 - 2018-02-15 13:39 - 000000000 ____D C:\Windows.old
2018-02-15 13:29 - 2018-02-15 13:29 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2018-02-15 13:25 - 2018-02-15 13:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-02-15 13:25 - 2018-01-27 17:56 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-02-15 13:25 - 2018-01-27 17:56 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-02-15 13:25 - 2018-01-27 17:56 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-02-15 13:25 - 2018-01-27 17:43 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-02-15 13:25 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-02-15 13:24 - 2018-02-15 13:25 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-02-15 13:23 - 2018-02-15 13:29 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-02-15 13:23 - 2018-02-15 13:23 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-02-15 13:23 - 2018-02-15 13:23 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-02-15 13:23 - 2018-02-15 13:23 - 000000000 ____D C:\Program Files\MSBuild
2018-02-15 13:23 - 2018-02-15 13:23 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-02-15 13:23 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-02-15 13:23 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-02-15 13:23 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-02-15 13:22 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-02-15 13:22 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-02-15 13:22 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-02-15 13:17 - 2018-02-15 13:17 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-02-15 13:00 - 2018-02-15 14:33 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-15 12:51 - 2018-02-15 12:51 - 000002445 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ___RD C:\Users\Administrator\OneDrive
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2018-02-15 12:51 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2018-02-15 12:50 - 2018-02-15 12:51 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2018-02-15 12:50 - 2018-02-15 12:50 - 000002328 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ___RD C:\Users\Administrator\3D Objects
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2018-02-15 12:50 - 2018-02-15 12:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2018-02-15 12:50 - 2017-09-12 10:48 - 000000000 ____D C:\Users\Administrator\AppData\Local\LogMeIn Hamachi
2018-02-15 12:50 - 2017-07-13 11:18 - 000000153 _____ C:\Users\Administrator\BullseyeCoverageError.txt
2018-02-15 12:50 - 2017-06-19 15:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2018-02-15 12:50 - 2017-05-26 23:37 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2018-02-14 21:25 - 2018-02-14 21:25 - 000001291 _____ C:\Users\Roman-PC\Desktop\Google Chrome.lnk
2018-02-14 20:39 - 2018-02-14 20:39 - 000000000 ___HD C:\$Windows.~WS
2018-02-14 20:29 - 2018-02-14 20:29 - 000000000 ___HD C:\$SysReset
2018-02-14 19:12 - 2018-02-14 19:13 - 008222496 _____ (Malwarebytes) C:\Users\Roman-PC\Downloads\adwcleaner_7.0.8.0.exe
2018-02-14 18:58 - 2018-02-14 18:58 - 001393080 _____ (Opera Software) C:\Users\Roman-PC\Downloads\OperaSetup.exe
2018-02-14 18:48 - 2018-02-14 18:53 - 000000000 _____ C:\Recovery.txt
2018-02-14 18:33 - 2018-02-14 20:46 - 000000000 ____D C:\AdwCleaner
2018-02-14 16:47 - 2018-02-14 16:47 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\ESET
2018-02-14 16:46 - 2018-02-15 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-02-14 16:46 - 2018-02-14 16:46 - 000000000 ____D C:\ProgramData\ESET
2018-02-14 16:46 - 2018-02-14 16:46 - 000000000 ____D C:\Program Files\ESET
2018-02-14 15:19 - 2018-02-15 15:10 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-14 15:19 - 2018-02-14 15:19 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Google
2018-02-14 15:00 - 2002-08-29 18:33 - 000319488 _____ () C:\WINDOWS\SysWOW64\MafiaSetup.exe
2018-02-14 14:56 - 2018-02-14 20:46 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-02-14 14:46 - 2018-02-14 14:47 - 007306280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Roman-PC\Downloads\avg_antivirus_free_setup.exe
2018-02-14 14:28 - 2018-02-14 14:28 - 001129816 _____ (Google Inc.) C:\Users\Roman-PC\Downloads\ChromeSetup.exe
2018-02-12 00:05 - 2018-02-12 00:05 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\gegl-0.3
2018-02-11 23:55 - 2018-02-14 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2018-02-11 23:55 - 2018-02-11 23:55 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2018-02-11 23:55 - 2018-02-11 23:55 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll
2018-02-11 23:55 - 2010-12-06 03:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2018-02-11 23:54 - 2018-02-11 23:54 - 003866984 _____ (@ByELDI ) C:\Users\Roman-PC\Downloads\KMSpico_setup.exe
2018-02-11 23:31 - 2018-02-11 23:31 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\BattalionLauncher
2018-02-09 18:02 - 2018-02-12 19:45 - 000000000 ____D C:\Users\Roman-PC\Desktop\převodovk
2018-02-09 00:44 - 2018-02-09 00:44 - 000000221 _____ C:\Users\Roman-PC\Desktop\Saints Row The Third.url
2018-02-08 09:46 - 2017-04-22 17:45 - 009444532 _____ (hackphoenix.com) C:\Users\Roman-PC\Desktop\FTBLauncher_64bit.exe
2018-02-06 19:25 - 2018-02-06 00:23 - 000000234 _____ C:\Users\Public\Libraries.ini
2018-02-05 23:03 - 2018-02-05 23:03 - 000000782 _____ C:\Users\Roman-PC\Desktop\Aslains WoT Logs Archiver.lnk
2018-02-05 22:52 - 2018-02-05 22:54 - 135597392 _____ (Aslain ) C:\Users\Roman-PC\Downloads\Aslains_WoT_Modpack_Installer_v.9.21.0.3_10.exe
2018-02-05 11:44 - 2018-02-14 20:46 - 000000000 ____D C:\Users\Roman-PC\Documents\Assassin's Creed Origins
2018-02-05 11:33 - 2018-02-15 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2018-02-05 11:33 - 2018-02-05 11:33 - 000000986 _____ C:\Users\Public\Desktop\Assassin's Creed Origins.lnk
2018-02-02 12:04 - 2018-02-14 20:46 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\CrashReportClient
2018-02-01 22:39 - 2018-02-01 22:40 - 000926208 _____ (Slimm Solutions) C:\Users\Roman-PC\Downloads\Slimm Bat to Exe.exe
2018-02-01 21:43 - 2018-02-14 20:46 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-02-01 21:43 - 2018-02-01 21:43 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\Battalion
2018-02-01 21:15 - 2018-02-01 21:15 - 000000222 _____ C:\Users\Roman-PC\Desktop\BATTALION 1944.url
2018-01-29 18:53 - 2018-01-24 01:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001682288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001334808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001325384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001049480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 001043128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000795928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000740336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000635248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000599352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-01-29 18:53 - 2018-01-24 01:23 - 000226760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-01-29 18:53 - 2018-01-24 01:23 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-01-29 18:53 - 2018-01-24 01:23 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-01-29 18:53 - 2018-01-24 01:23 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-01-24 21:34 - 2018-01-24 21:34 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\Steel Crate Games
2018-01-24 21:31 - 2018-01-24 21:32 - 000000005 _____ C:\WINDOWS\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2018-01-22 15:31 - 2018-01-22 15:31 - 000000000 ____D C:\Program Files\Bonjour
2018-01-22 15:31 - 2018-01-22 15:31 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-01-21 17:40 - 2018-01-21 17:40 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\dgVoodoo
2018-01-21 17:38 - 2018-01-21 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Community Modpack for Mafia The City of Lost Heaven
2018-01-21 14:50 - 2017-03-12 09:55 - 3545667174 _____ C:\Users\Roman-PC\Desktop\20170312_094006A.mp4
2018-01-21 14:46 - 2017-03-12 10:09 - 3390042588 _____ C:\Users\Roman-PC\Desktop\20170312_095506A.mp4
2018-01-21 14:41 - 2018-01-21 14:41 - 000000222 _____ C:\Users\Roman-PC\Desktop\Iron Snout.url
2018-01-21 14:41 - 2018-01-21 14:41 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\IronSnout
2018-01-21 00:01 - 2017-12-15 03:03 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-01-16 19:49 - 2018-01-16 19:49 - 000000000 ____D C:\Program Files\Malwarebytes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-15 15:20 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-15 15:14 - 2017-09-30 15:30 - 000821550 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-15 15:14 - 2017-09-30 15:30 - 000172056 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-15 15:10 - 2017-07-16 18:43 - 000000000 ____D C:\ProgramData\NVIDIA
2018-02-15 15:10 - 2017-06-09 20:38 - 000000000 ___RD C:\Users\Roman-PC\Disk Google
2018-02-15 15:09 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-15 15:06 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-15 15:02 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-15 13:57 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-15 13:57 - 2017-03-16 17:55 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\TS3Client
2018-02-15 13:51 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-02-15 13:40 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-02-15 13:40 - 2017-04-19 18:05 - 000000000 ___RD C:\Users\Roman-PC\3D Objects
2018-02-15 13:40 - 2016-11-21 05:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-15 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-02-15 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2018-02-15 13:38 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-02-15 13:38 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-02-15 13:37 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2018-02-15 13:37 - 2017-03-22 22:56 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-02-15 13:37 - 2017-03-16 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-02-15 13:35 - 2017-12-03 16:34 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2018-02-15 13:35 - 2017-11-04 22:04 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2018-02-15 13:35 - 2017-09-12 14:10 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2018-02-15 13:35 - 2017-07-22 17:23 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vector Magic
2018-02-15 13:34 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-15 13:34 - 2017-03-16 17:07 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2018-02-15 13:33 - 2017-10-29 18:41 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModManager
2018-02-15 13:33 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-02-15 13:32 - 2017-07-16 18:43 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-02-15 13:32 - 2017-07-16 18:42 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-02-15 13:32 - 2017-07-16 18:42 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-02-15 13:32 - 2017-07-16 18:42 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-02-15 13:32 - 2017-04-02 14:30 - 000000000 ____D C:\Temp
2018-02-15 13:32 - 2017-03-20 19:48 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-15 13:31 - 2017-07-16 18:43 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-15 13:30 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-02-15 13:29 - 2017-11-25 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2018-02-15 13:29 - 2017-11-05 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2018-02-15 13:29 - 2017-10-19 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro-Star
2018-02-15 13:29 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-02-15 13:29 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-02-15 13:29 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\System
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system
2018-02-15 13:29 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-15 13:29 - 2017-09-15 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-02-15 13:29 - 2017-08-07 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2018-02-15 13:29 - 2017-07-20 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2018-02-15 13:29 - 2017-07-16 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2018-02-15 13:29 - 2017-07-16 18:43 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-15 13:29 - 2017-07-15 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2018-02-15 13:29 - 2017-06-19 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QPST
2018-02-15 13:29 - 2017-06-12 16:22 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2018-02-15 13:29 - 2017-06-12 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
2018-02-15 13:29 - 2017-05-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard App
2018-02-15 13:29 - 2017-05-13 21:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.6.0f3 (64-bit)
2018-02-15 13:29 - 2017-05-04 16:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WEBConfig2
2018-02-15 13:29 - 2017-05-04 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCSearch
2018-02-15 13:29 - 2017-05-04 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2018-02-15 13:29 - 2017-05-04 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReliView PC
2018-02-15 13:29 - 2017-05-04 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CMS Pro
2018-02-15 13:29 - 2017-04-22 18:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-02-15 13:29 - 2017-04-22 18:39 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-02-15 13:29 - 2017-04-15 19:57 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2018-02-15 13:29 - 2017-04-13 11:45 - 000000000 ____D C:\Program Files\UNP
2018-02-15 13:29 - 2017-04-02 17:19 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-02-15 13:29 - 2017-04-02 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QXDM Professional
2018-02-15 13:29 - 2017-04-01 16:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6
2018-02-15 13:29 - 2017-03-24 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-02-15 13:29 - 2017-03-22 21:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-02-15 13:29 - 2017-03-21 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-02-15 13:29 - 2017-03-17 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2018-02-15 13:29 - 2017-03-16 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-15 13:29 - 2017-03-16 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-02-15 13:29 - 2017-03-16 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2018-02-15 13:29 - 2017-03-16 21:53 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-02-15 13:29 - 2017-03-16 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-02-15 13:29 - 2017-03-16 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-15 13:29 - 2017-03-16 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-02-15 13:29 - 2017-03-16 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
2018-02-15 13:29 - 2017-03-16 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-02-15 13:29 - 2017-03-16 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-15 13:29 - 2017-03-16 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-02-15 13:29 - 2017-03-16 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KYE SYSTEMS CORP
2018-02-15 13:29 - 2017-03-16 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-02-15 13:29 - 2017-03-16 17:35 - 000000000 ____D C:\Program Files\Intel
2018-02-15 13:29 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-02-15 13:27 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-02-15 13:25 - 2018-01-09 15:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-02-15 13:25 - 2017-12-01 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2018-02-15 13:25 - 2017-10-12 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2018-02-15 13:25 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\OCR
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-02-15 13:25 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-02-15 13:25 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-02-15 13:25 - 2017-08-05 23:24 - 000000000 ____D C:\Program Files\Realtek
2018-02-15 13:25 - 2017-06-12 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2018-02-15 13:25 - 2017-05-13 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017
2018-02-15 13:25 - 2017-04-15 19:57 - 000000000 ___RD C:\WINDOWS\WebManagement
2018-02-15 13:25 - 2017-04-02 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2018-02-15 13:25 - 2017-03-19 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2018-02-15 13:25 - 2017-03-16 22:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\astragon Entertainment GmbH
2018-02-15 13:25 - 2017-03-16 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-02-15 13:25 - 2017-03-16 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2018-02-15 13:23 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-02-15 13:23 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-02-15 13:23 - 2017-09-29 14:41 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2018-02-15 13:23 - 2017-09-29 14:41 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2018-02-15 13:23 - 2017-09-29 14:41 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2018-02-15 13:23 - 2017-09-29 14:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2018-02-15 13:23 - 2017-09-29 14:41 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2018-02-15 12:39 - 2017-08-20 20:34 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Twitch
2018-02-14 21:29 - 2017-05-12 18:11 - 000000000 ____D C:\Program Files\Opera
2018-02-14 20:54 - 2017-03-16 21:07 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\Mozilla
2018-02-14 20:46 - 2017-11-04 22:04 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-02-14 20:46 - 2017-10-21 21:17 - 000000000 ____D C:\Users\Roman-PC\Desktop\FTB_Pack_Install
2018-02-14 20:46 - 2017-10-19 18:47 - 000000000 ____D C:\ProgramData\FaceLift
2018-02-14 20:46 - 2017-07-15 16:54 - 000000000 ____D C:\ProgramData\ProductData
2018-02-14 20:46 - 2017-07-15 16:52 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\IObit
2018-02-14 20:46 - 2017-07-15 16:51 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\IObit
2018-02-14 20:46 - 2017-07-15 16:51 - 000000000 ____D C:\ProgramData\IObit
2018-02-14 20:46 - 2017-07-14 21:08 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\Heroes and Generals
2018-02-14 20:46 - 2017-05-28 11:59 - 000000000 ____D C:\Users\Roman-PC\AppData\LocalLow\Daybreak Game Company
2018-02-14 20:46 - 2017-04-11 20:54 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\FiveM
2018-02-14 20:46 - 2017-03-24 09:59 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\vlc
2018-02-14 20:46 - 2017-03-16 22:45 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\obs-studio
2018-02-14 20:46 - 2017-03-16 19:53 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\uTorrent
2018-02-14 20:46 - 2017-03-16 19:32 - 000000000 ____D C:\MSI
2018-02-14 20:46 - 2017-03-16 19:08 - 000000000 ____D C:\Users\Roman-PC\Documents\Euro Truck Simulator 2
2018-02-14 20:40 - 2017-03-16 17:30 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\CrashDumps
2018-02-14 20:10 - 2017-03-16 17:34 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\ElevatedDiagnostics
2018-02-14 18:55 - 2017-06-09 17:12 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-14 18:54 - 2017-05-04 16:32 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\IE Tab
2018-02-14 18:54 - 2017-03-16 17:40 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-14 18:40 - 2017-03-16 21:07 - 000000000 ____D C:\WINDOWS\system32\log
2018-02-14 15:08 - 2017-04-21 11:02 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\Avg
2018-02-14 15:08 - 2017-04-21 11:02 - 000000000 ____D C:\ProgramData\Avg
2018-02-14 14:25 - 2017-03-16 19:59 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\DAEMON Tools Lite
2018-02-14 13:25 - 2017-11-06 16:23 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\PlaceholderTileLogoFolder
2018-02-14 10:50 - 2017-10-11 15:12 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 10:50 - 2017-03-16 21:32 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-14 10:49 - 2016-07-16 12:47 - 000000167 _____ C:\WINDOWS\win.ini
2018-02-10 17:39 - 2017-12-12 12:40 - 000000000 ____D C:\Users\Roman-PC\Desktop\train simulator 2k17
2018-02-08 09:55 - 2018-01-09 21:34 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\.technic
2018-02-04 23:13 - 2017-03-16 19:57 - 000001004 _____ C:\Users\Roman-PC\Desktop\µTorrent.lnk
2018-02-02 21:51 - 2017-03-16 17:51 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\NVIDIA
2018-02-01 22:30 - 2017-08-19 19:12 - 000000000 ____D C:\Program Files (x86)\Audacity
2018-02-01 21:43 - 2017-07-06 13:11 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\UnrealEngine
2018-02-01 21:43 - 2017-03-31 18:56 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\EasyAntiCheat
2018-01-31 09:45 - 2017-07-16 19:00 - 000002410 _____ C:\Users\Roman-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-31 09:45 - 2017-03-16 17:10 - 000000000 ___RD C:\Users\Roman-PC\OneDrive
2018-01-28 08:28 - 2017-12-10 21:40 - 000000000 ____D C:\Users\Roman-PC\AppData\Local\Spotify
2018-01-28 07:05 - 2017-03-17 13:03 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\Spotify
2018-01-24 21:33 - 2017-06-10 20:36 - 000000000 ____D C:\Users\Roman-PC\VirtualBox VMs
2018-01-24 21:33 - 2017-03-16 22:55 - 000000000 ____D C:\Users\Roman-PC\.VirtualBox
2018-01-24 21:32 - 2017-04-02 14:31 - 000000000 ____D C:\Users\Roman-PC\AppData\Roaming\HTC
2018-01-24 21:32 - 2017-04-02 14:30 - 000000000 ____D C:\ProgramData\HTC
2018-01-24 09:19 - 2017-03-16 21:32 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 01:23 - 2017-09-30 15:32 - 000438768 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2018-01-24 00:11 - 2017-07-16 18:43 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-01-23 23:57 - 2017-07-16 18:43 - 005950024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 002589168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 000633328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 000450352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-01-23 23:57 - 2017-07-16 18:43 - 000082744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-01-22 15:31 - 2017-10-02 17:49 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-01-22 06:46 - 2017-07-16 18:43 - 007947791 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-01-21 00:01 - 2017-03-16 17:51 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-01-20 20:04 - 2017-03-16 22:07 - 000000000 ____D C:\ProgramData\TruckersMP
2018-01-16 21:44 - 2017-05-26 22:48 - 000002106 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-01-16 19:58 - 2017-04-18 09:55 - 000000000 ____D C:\WINDOWS\Update
2018-01-16 19:58 - 2017-04-01 07:41 - 000000000 ____D C:\Update

==================== Files in the root of some directories =======

2017-11-24 22:39 - 2017-11-24 22:39 - 000000087 _____ () C:\ProgramData\Uninstaller.bat
2017-08-05 00:19 - 2017-08-05 00:23 - 007649280 _____ () C:\Program Files (x86)\GUT7F62.tmp
2017-04-06 19:47 - 2017-04-06 20:07 - 000000132 _____ () C:\Users\Roman-PC\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2017-08-07 22:58 - 2017-08-07 22:58 - 000000132 _____ () C:\Users\Roman-PC\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2017-04-19 18:15 - 2018-01-10 14:49 - 000000132 _____ () C:\Users\Roman-PC\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2017-09-11 16:41 - 2017-09-12 09:12 - 000000000 _____ () C:\Users\Roman-PC\AppData\Roaming\FileIn.cns
2017-09-11 16:41 - 2017-09-12 09:12 - 000000000 _____ () C:\Users\Roman-PC\AppData\Roaming\FileOut.cns
2017-08-07 23:02 - 2017-08-07 23:06 - 000001480 _____ () C:\Users\Roman-PC\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-06-11 11:48 - 2017-08-04 19:33 - 000007602 _____ () C:\Users\Roman-PC\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-15 13:31

==================== End of FRST.txt ============================

[Rudy]

Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Morf]

# AdwCleaner 7.0.8.0 - Logfile created on Thu Feb 15 18:09:17 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 02-15-2018.2
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

*** [ Services ] ***

No malicious services found.

*** [ Folders ] ***

No malicious folders found.

*** [ Files ] ***

No malicious files found.

*** [ DLL ] ***

No malicious DLLs found.

*** [ WMI ] ***

No malicious WMI found.

*** [ Shortcuts ] ***

No malicious shortcuts found.

*** [ Tasks ] ***

PUP.Optional.Legacy, Driver Booster Scheduler


*** [ Registry ] ***

No malicious registry entries found.

*** [ Firefox (and derivatives) ] ***

No malicious Firefox entries.

*** [ Chromium (and derivatives) ] ***

No malicious Chromium entries.

***********************

C:/AdwCleaner/AdwCleaner[C0].txt - [2406 B] - [2018/2/14 17:40:36]
C:/AdwCleaner/AdwCleaner[C1].txt - [2146 B] - [2018/2/14 19:1:29]
C:/AdwCleaner/AdwCleaner[S0].txt - [2426 B] - [2018/2/14 17:39:10]
C:/AdwCleaner/AdwCleaner[S1].txt - [2028 B] - [2018/2/14 18:41:23]
C:/AdwCleaner/AdwCleaner[S2].txt - [2096 B] - [2018/2/14 19:1:4]
C:/AdwCleaner/AdwCleaner[S3].txt - [1281 B] - [2018/2/14 19:27:50]


########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: @nsroblox.roblox.com/launcher -> C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy.dll [No File]
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy64.dll [No File]
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: ajvision.com/webconfig -> C:\WINDOWS\system32\WEBConfig2\npwebconfig.dll [No File]
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Footjane\Application\chrome.exe <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour
C:\Program Files (x86)\GUT7F62.tmp

EmptyTemp:
End

Uložte do C:\Users\Roman-PC\Downloads plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Morf]

Fix result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Roman-PC (15-02-2018 19:46:27) Run:1
Running from C:\Users\Roman-PC\Downloads
Loaded Profiles: Roman-PC (Available Profiles: defaultuser0 & Roman-PC & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... 02&pc=UE00
SearchScopes: HKU\S-1-5-21-487683678-2576461091-207145408-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: @nsroblox.roblox.com/launcher -> C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy.dll [No File]
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy64.dll [No File]
FF Plugin HKU\S-1-5-21-487683678-2576461091-207145408-1001: ajvision.com/webconfig -> C:\WINDOWS\system32\WEBConfig2\npwebconfig.dll [No File]
HKU\S-1-5-21-487683678-2576461091-207145408-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Footjane\Application\chrome.exe <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files\Bonjour
C:\Program Files (x86)\Bonjour
C:\Program Files (x86)\GUT7F62.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxySettingsPerUser" => removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removed successfully
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found
"HKU\S-1-5-21-487683678-2576461091-207145408-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-487683678-2576461091-207145408-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
"HKU\S-1-5-21-487683678-2576461091-207145408-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => removed successfully
HKLM\Software\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found
"HKLM\Software\Classes\PROTOCOLS\Handler\wlpg" => removed successfully
HKLM\Software\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} => key not found
"HKU\S-1-5-21-487683678-2576461091-207145408-1001\Software\MozillaPlugins\@nsroblox.roblox.com/launcher" => removed successfully
"C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy.dll" => not found
"HKU\S-1-5-21-487683678-2576461091-207145408-1001\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64" => removed successfully
"C:\Users\Roman-PC\AppData\Local\Roblox\Versions\version-6a65e85da5fe4a75\\NPRobloxProxy64.dll" => not found
"HKU\S-1-5-21-487683678-2576461091-207145408-1001\Software\MozillaPlugins\ajvision.com/webconfig" => removed successfully
"C:\WINDOWS\system32\WEBConfig2\npwebconfig.dll" => not found
"HKU\S-1-5-21-487683678-2576461091-207145408-1001\SOFTWARE\Clients\StartMenuInternet\ChromeHTML" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Program Files\Bonjour => moved successfully
C:\Program Files (x86)\Bonjour => moved successfully
C:\Program Files (x86)\GUT7F62.tmp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23535231 B
Java, Flash, Steam htmlcache => 85846574 B
Windows/system/drivers => 34772102 B
Edge => 18147423 B
Chrome => 444842896 B
Firefox => 626904089 B
Opera => 9472773 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 2980 B
defaultuser0 => 0 B
Roman-PC => 68511930 B
Administrator => 19459 B

RecycleBin => 28234479 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:47:14 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Morf]

Stále to hází tu chybu

[Rudy]

Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Junkware removal tool: http://www.stahuj.centrum.cz/utility_a_ ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

a

2. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

[Morf]

Stále nic a logy jsou zde
Zoek.exe v5.0.0.2 Updated 04-Februari-2018(online version)
Tool run by Roman-PC on Thu 02/15/2018 at 22:48:15.08.
Microsoft Windows 10 Pro 10.0.16299 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Roman-PC\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2/15/2018 10:50:01 PM Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== FireFox Fix ======================

Deleted from C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\86fuzpx0.default\prefs.js:

Added to C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\86fuzpx0.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\w80e9exe.default\prefs.js:

Added to C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\w80e9exe.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\86fuzpx0.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\w80e9exe.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Roman-PC\AppData\Roaming\Mozilla\Firefox\Profiles\w80e9exe.default
- Undetermined - %ProfilePath%\extensions\sp@avast.com.xpi
- Undetermined - %ProfilePath%\extensions\wrc@avast.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://go.microsoft.com/fwlink/p/?Link ... id=UE03DHP"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\Roman-PC\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\Roman-PC\AppData\Local\Chromium\User Data\Default\Secure Preferences was reset successfully
C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Roman-PC\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Roman-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Roman-PC\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Roman-PC\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by Roman-PC (Administrator) on Thu 02/15/2018 at 22:45:43.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Roman-PC) (Task)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 02/15/2018 at 22:46:49.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Rudy]

OK, prohlížeče vyčištěny, virový problém to tedy není. Zkuste následující pokyny: https://translate.google.cz/translate?h ... rev=search .

[Morf]

Uděláno vše podle návodu a stále problém přetrvává

[Rudy]

Jiný návod: https://translate.google.cz/translate?h ... rev=search .