Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
r0ach
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 19 bře 2013 01:58

Kontrola logu

#1 Příspěvek od r0ach »

Dobrý večer,
chtěl bych poprosit o kontrolu logu a pomoc s vyčistěním NTB. Dlouhou dobu jsem údržbu zanedbával a ntb je již v režimu velmi pomalé odezvy na cokoliv. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by r0ach (administrator) on R0ACH-HP (Hewlett-Packard HP Pavilion dv6 Notebook PC) (31-01-2021 18:03:33)
Running from C:\Users\r0ach\Desktop
Loaded Profiles: r0ach
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe
() [File not signed] C:\Windows\system\cm106eye.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) [File not signed] C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(Autodesk, Inc -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Flexera Software, Inc. -> Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Flexera Software, Inc. -> Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
(Gemfor s.r.o. -> Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(leshcatlabs.net -> AMD) C:\Windows\System32\atieclxx.exe
(leshcatlabs.net -> AMD) C:\Windows\System32\atiesrxx.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Nemetschek SCIA) [File not signed] C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\scia\SCIA.exe
(Realsil Microelectronics Inc.) [File not signed] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Spotify AB -> Spotify Ltd) C:\Users\r0ach\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Cm106Sound] => C:\Windows\Syswow64\cm106.dll [8126464 2009-06-11] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190472 2009-09-16] (Logitech -> Logitech Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-06-28] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS -> EasyBits Software AS) [File not signed]
HKLM-x32\...\Run: [SafeQ Client] => C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [259584 2013-02-20] () [File not signed]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [170496 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o. -> Gemfor s.r.o.)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [MyWirelessCard] => C:\Program Files (x86)\PROLINK\PHS100\PROLINK HSDPA Modem.exe [1867776 2009-06-25] () [File not signed]
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [Spotify Web Helper] => C:\Users\r0ach\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Policies\Explorer: []
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF 6 Monitor: C:\Windows\system32\novamnk6.dll [26824 2009-09-24] (Softland -> Softland)
HKLM\...\Print\Monitors\SafeQ: C:\Windows\system32\SAFEQVS64.DLL [3798016 2013-02-20] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-07-29] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-12-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2012-08-27]
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group s.r.o. -> Allstar Group, s.r.o.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-04-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2014-10-30]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2018-02-23]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00777908-43A1-4D75-8332-5DF0752B0334} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-03-22] (CyberLink -> CyberLink)
Task: {0C1EA4F2-BF03-4B8C-93B7-FAC6973C2F00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {1438031D-6E1D-457C-94ED-F548340C5FC3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ec1ac2a04079 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {15E6A115-9239-4C97-8D0A-8F6DDF3310A8} - System32\Tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {1B7C95DB-1D56-4004-AF64-1B042E49672C} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {1DC8B67D-E0BF-4858-83FA-6DC47F22A8BC} - System32\Tasks\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [663552 2006-08-29] (Apple Computer, Inc.) [File not signed]
Task: {20611F66-F2AB-4EC6-807A-8C1A7B5EC169} - System32\Tasks\{EE43621C-CBDD-46A3-BDCA-0DFFE7E67645} => C:\Windows\system32\pcalua.exe -a C:\Users\r0ach\Desktop\Roadpac\HINSTALL7.EXE -d C:\Users\r0ach\Desktop\Roadpac
Task: {274532B9-5CD8-42E8-B649-DE758F9ABB78} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {2B99D4A7-E3FD-474A-BE05-82E5C74F8E8B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2DC8E1A2-C902-4C48-94DD-64B56B5E6124} - System32\Tasks\{7B874A2B-0B2A-490E-AE96-F0FC0A771915} => C:\Program Files\Mafia\Setup.exe [98361 2016-10-20] () [File not signed]
Task: {381D8A99-3BC8-4AF4-A165-7501A7B51998} - System32\Tasks\{39FF9512-3AA2-4EB3-A7E3-098AF5F27A29} => C:\Program Files (x86)\Microsoft Office\OFFICE11\POWERPNT.EXE [6421848 2011-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {44B3E835-57F9-44DE-9F34-56ED2010B622} - System32\Tasks\AdobeAAMUpdater-1.0-r0ach-HP-r0ach => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4635ECED-06F7-4389-90AC-39081FBFC273} - System32\Tasks\{492A5B6F-B1B1-4AB1-B0E4-B0AE8A73CA3E} => C:\Program Files\Mafia\Game.exe [2486272 2002-08-27] (Illusion Softworks) [File not signed]
Task: {49C1E5E8-152A-42FE-9A25-77A9B75AFEBC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {4D57D9E8-E339-41C6-A17E-E234E14BF27A} - System32\Tasks\{81BFD324-BA9B-4BB3-8351-09E28324C552} => C:\Windows\system32\pcalua.exe -a C:\Users\r0ach\Desktop\Roadpac\HINSTALL.EXE -d C:\Users\r0ach\Desktop\Roadpac
Task: {5F90A661-E309-4CE1-A1B2-A9630883D99F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {72718D43-87DD-4108-8684-132B85F4103F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348256 2021-01-22] (HP Inc. -> HP Inc.)
Task: {75CCA333-923A-48F8-A076-D45CAF02D036} - System32\Tasks\{556A88D3-1046-4198-B05C-4B845CC83BC0} => C:\Program Files (x86)\Microsoft Office\OFFICE11\SETLANG.EXE [390496 2007-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D9961BF-0F50-4B87-AFC9-20E45552BB7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {80089452-229D-44C4-A293-58BA61E0FB36} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-31] (Hewlett-Packard Company -> )
Task: {86387292-62A7-4DEE-9F0D-5730FB6D9B86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {9C362DD3-6F1F-4E12-BC2D-1F158124097B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A15107AF-9F6D-446A-8B2B-D5A2A32E8E44} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {A42CB95C-1691-4F12-A2B2-416DB301505D} - System32\Tasks\{59E0EA45-3B03-41C6-8D72-4539F557E46D} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Task: {B161EFC9-73BA-40A1-8263-14E6FB5FA5AA} - System32\Tasks\{C288142E-FB26-4857-8278-513E65C60301} => C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe [299008 2010-05-18] (ArcSoft, Inc.) [File not signed]
Task: {C121A786-2B05-4A0C-AA83-AC6911C9515E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {CBC3BC4A-870C-41B3-AAED-73D7578AF51A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {D10FA0EC-B04C-4813-BCD8-69DBFE44AF24} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {D32AD501-1F61-43ED-A32C-94151A5AB01D} - System32\Tasks\{CB877A56-1B50-4737-9E36-10D39FB8BC20} => C:\Program Files (x86)\RailSimulator.com\Railworks 3 Train Simulator 2012 Deluxe\RailWorks.exe
Task: {DEB3E38E-42E5-4ACE-B1E5-8863653025A0} - System32\Tasks\{4407A3C4-C985-4F75-939C-9064D8F89C9C} => H:\setup.exe [1979349 2013-01-04] () [File not signed]
Task: {E58ACEA2-9360-464C-9741-1ACB04B019FA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {FCBAFF81-B5C6-43B1-A8D4-ADAD73E832BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{B099BC0C-25B1-4554-BD04-80E2C58B207E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E7741F0A-ED3F-42D5-80E7-A0F121DA52C7}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{F94FAD3C-080E-4855-8C7C-67D900093DEE}: [DhcpNameServer] 213.46.172.38 213.46.172.39

FireFox:
========
FF ProfilePath: C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default [2020-11-01]
FF Homepage: Mozilla\Firefox\Profiles\qt76eed2.default -> about:home
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [Legacy]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-06-14] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-04-19] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-09-07] (Sun Microsystems, Inc.) [File not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-02-03] (Sony Network Entertainment International LLC) [File not signed]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll [2013-12-23] (WildTangent Inc -> )
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll [2011-02-23] (Wolfram Research -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-228327966-2270223930-1445267679-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\r0ach\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-07] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-228327966-2270223930-1445267679-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-09-16] (Ubisoft Massive -> Ubisoft)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default [2021-01-31]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (HP Product Detection Plugin) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-10-29]
CHR Extension: (Nejrychlejší seznámení - HotNot.cz) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjbhddlnbaedecpcepblggdfdclefod [2013-04-05]
CHR Extension: (Website Logon) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaldikcoaplhepekpbngkepfcoiihef [2012-05-14]
CHR Extension: (Free Youtubie to MP3 Converter) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgbopgnnnapbpgpbodilccnanoodealh [2014-08-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-11]
CHR HKLM-x32\...\Chrome\Extension: [dfaldikcoaplhepekpbngkepfcoiihef] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>

Opera:
=======
OPR Profile: C:\Users\r0ach\AppData\Roaming\Opera Software\Opera Stable [2019-05-16]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960 2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2012-09-05] (leshcatlabs.net -> AMD)
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [122608 2011-03-08] (Gemfor s.r.o. -> Gemfor s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET, spol. s r.o. -> ESET)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [260424 2011-08-25] (AuthenTec, Inc. -> HP)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-17] (WildTangent Inc -> WildTangent)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2013-06-28] (Realsil Microelectronics Inc.) [File not signed]
R2 lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [6587728 2011-08-05] (Flexera Software, Inc. -> Flexera Software, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-01] (Even Balance, Inc. -> )
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Sony Mobile Communications -> Avanquest Software) [File not signed]
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [311808 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10692096 2012-09-05] (leshcatlabs.net -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [459264 2012-09-05] (leshcatlabs.net -> Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2010-07-28] (CyberLink -> CyberLink Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-19] (DT Soft Ltd -> DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET, spol. s r.o. -> ESET)
R1 HWiNFO32; C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [28264 2009-01-14] (Martin Malik - REALiX -> REALiX(tm))
R3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [12312896 2012-08-09] (leshcatlabs.net -> Intel Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2018-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ITE)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [11776 2010-02-22] (Microsoft Windows Hardware Compatibility Publisher -> MBB Incorporated)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2013-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2013-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 plkusbser; C:\Windows\System32\DRIVERS\plkusbser.sys [113664 2008-01-23] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 plkusbser; C:\Windows\SysWOW64\DRIVERS\plkusbser.sys [113664 2008-01-23] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [126208 2012-10-26] (USBHostDriver(Test003) -> QUALCOMM Incorporated)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2019-12-08] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [535552 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1306624 2009-06-11] (C-Media Electronics Incorporation -> C-Media Electronics Inc)
R3 vrvd5; C:\Windows\System32\DRIVERS\vrvd5.sys [13344 2015-12-02] (Rsupport Co., Ltd. -> Rsupport Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (BitRaider, LLC -> XFire)
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [121344 2010-03-02] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [121344 2010-03-02] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [121344 2010-03-02] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-31 18:03 - 2021-01-31 18:05 - 000038327 _____ C:\Users\r0ach\Desktop\FRST.txt
2021-01-31 18:02 - 2021-01-31 18:01 - 002297856 _____ (Farbar) C:\Users\r0ach\Desktop\FRST64.exe
2021-01-31 18:01 - 2021-01-31 18:04 - 000000000 ____D C:\FRST
2021-01-31 18:01 - 2021-01-31 18:01 - 002297856 _____ (Farbar) C:\Users\r0ach\Downloads\FRST64.exe
2021-01-31 17:58 - 2021-01-31 17:58 - 000000000 ____D C:\rsit
2021-01-31 17:57 - 2021-01-31 17:57 - 001222144 _____ C:\Users\r0ach\Downloads\RSITx64.exe
2021-01-31 17:57 - 2021-01-31 17:57 - 001222144 _____ C:\Users\r0ach\Downloads\RSITx64 (1).exe
2021-01-31 17:49 - 2021-01-31 17:50 - 000000000 ____D C:\Users\r0ach\Desktop\svatba
2021-01-29 20:28 - 2021-01-29 20:28 - 000041707 _____ C:\Users\r0ach\Downloads\Arrow-S03E08(0000321853).srt
2021-01-26 22:20 - 2021-01-26 22:20 - 000042309 _____ C:\Users\r0ach\Downloads\Arrow-S03E07(0000321852).srt
2021-01-17 21:50 - 2021-01-17 21:50 - 000042624 _____ C:\Users\r0ach\Downloads\The-Flash-S01E10(0000263543).srt
2021-01-17 21:50 - 2021-01-17 21:50 - 000038242 _____ C:\Users\r0ach\Downloads\The-Flash-S01E09(0000263542).srt
2021-01-17 21:49 - 2021-01-17 21:49 - 000045006 _____ C:\Users\r0ach\Downloads\The-Flash-S01E08(0000263541).srt
2021-01-17 21:49 - 2021-01-17 21:49 - 000040040 _____ C:\Users\r0ach\Downloads\The-Flash-S01E07(0000263540).srt
2021-01-17 21:48 - 2021-01-17 21:48 - 000042960 _____ C:\Users\r0ach\Downloads\The-Flash-S01E06(0000262696).srt
2021-01-17 21:45 - 2021-01-17 21:45 - 000957511 _____ C:\Users\r0ach\Downloads\arrow-subtitles-cz-3.zip
2021-01-16 22:34 - 2021-01-16 22:34 - 000045839 _____ C:\Users\r0ach\Downloads\Arrow-S03E06(0000288409).srt
2021-01-16 22:33 - 2021-01-16 22:33 - 000046038 _____ C:\Users\r0ach\Downloads\Arrow-S03E05(0000288408).srt
2021-01-16 22:33 - 2021-01-16 22:33 - 000042865 _____ C:\Users\r0ach\Downloads\The-Flash-S01E06(0000245772).srt
2021-01-16 22:33 - 2021-01-16 22:33 - 000042023 _____ C:\Users\r0ach\Downloads\The-Flash-S01E05(0000262695).srt
2021-01-15 21:42 - 2021-01-15 21:42 - 000045551 _____ C:\Users\r0ach\Downloads\The-Flash-S01E04(0000262694).srt
2021-01-15 21:42 - 2021-01-15 21:42 - 000042999 _____ C:\Users\r0ach\Downloads\Arrow-S03E04(0000288407).srt
2021-01-15 21:41 - 2021-01-15 21:41 - 000041578 _____ C:\Users\r0ach\Downloads\The-Flash-S01E03(0000262693).srt
2021-01-15 21:41 - 2021-01-15 21:41 - 000040591 _____ C:\Users\r0ach\Downloads\Arrow-S03E03(0000259953).srt
2021-01-15 21:40 - 2021-01-15 21:40 - 000038387 _____ C:\Users\r0ach\Downloads\Arrow-S03E02(0000259952).srt
2021-01-11 23:31 - 2021-01-11 23:31 - 000044812 _____ C:\Users\r0ach\Downloads\The-Flash-S01E02(0000262692).srt
2021-01-11 23:27 - 2021-01-11 23:27 - 000044643 _____ C:\Users\r0ach\Downloads\The-Flash-S01E02(0000244353).srt
2021-01-11 22:47 - 2021-01-11 22:47 - 000043400 _____ C:\Users\r0ach\Downloads\Arrow-S03E01(0000259951).srt
2021-01-11 22:46 - 2021-01-11 22:46 - 000043429 _____ C:\Users\r0ach\Downloads\Arrow-S03E01(0000243642).srt
2021-01-09 20:18 - 2021-01-09 20:18 - 000000000 ____D C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2021-01-06 14:58 - 2021-01-11 21:30 - 000000000 ____D C:\Users\r0ach\Downloads\The.Flash.Season.1.720p.BluRay.x264.ShAaNiG
2021-01-06 14:57 - 2021-01-17 21:47 - 000000000 ____D C:\Users\r0ach\Downloads\Arrow.Season.3.720p.BluRay.x264.ShAaNiG
2021-01-06 14:55 - 2021-01-06 14:56 - 000000000 ____D C:\Users\r0ach\AppData\LocalLow\uTorrent
2021-01-05 18:23 - 2021-01-31 17:49 - 000000000 ____D C:\Users\r0ach\Desktop\barak

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-31 17:59 - 2009-07-14 05:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-31 17:59 - 2009-07-14 05:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-31 17:58 - 2013-03-20 18:35 - 000000000 ____D C:\Program Files\trend micro
2021-01-31 17:53 - 2011-09-07 09:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-01-31 17:52 - 2012-04-24 21:35 - 000000000 ____D C:\Users\r0ach\AppData\Roaming\vlc
2021-01-31 17:46 - 2012-05-27 12:57 - 000000000 ____D C:\Program Files\CCleaner
2021-01-31 17:46 - 2012-04-22 18:22 - 000000000 ____D C:\Users\r0ach\AppData\Local\Adobe
2021-01-31 17:44 - 2012-04-19 19:37 - 000000000 ____D C:\Users\r0ach\AppData\LocalLow\AuthenTec
2021-01-28 21:21 - 2019-02-16 10:55 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-28 21:21 - 2019-02-16 10:55 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-28 21:21 - 2019-02-16 10:55 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-21 22:37 - 2010-11-21 04:27 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-01-11 21:30 - 2011-09-07 18:19 - 000681990 _____ C:\Windows\system32\perfh005.dat
2021-01-11 21:30 - 2011-09-07 18:19 - 000146146 _____ C:\Windows\system32\perfc005.dat
2021-01-11 21:30 - 2009-07-14 06:13 - 001611868 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-11 21:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-11 21:28 - 2019-05-16 16:58 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-11 21:27 - 2011-09-07 09:20 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2021-01-11 21:26 - 2012-05-06 22:55 - 000000000 ____D C:\Users\r0ach\AppData\Local\CrashDumps
2021-01-11 21:21 - 2019-03-01 16:43 - 000000366 _____ C:\Windows\PROLINK HSDPA Modem.INI
2021-01-11 21:18 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-11 18:44 - 2014-06-26 19:58 - 000000000 ____D C:\Users\r0ach\AppData\Roaming\uTorrent
2021-01-09 22:04 - 2012-04-19 23:24 - 000000000 ____D C:\Users\r0ach\Graphisoft
2021-01-09 21:47 - 2012-06-15 10:04 - 000000000 ____D C:\Users\r0ach\AppData\Roaming\Abvent_Artlantis4
2021-01-09 11:04 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-01-06 20:29 - 2019-06-04 21:11 - 000000000 ____D C:\Users\r0ach\AppData\Local\BitTorrentHelper

==================== Files in the root of some directories ========

2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\r0ach\AppData\Roaming\MafiaSetup.exe
2013-01-27 21:45 - 2017-01-22 16:52 - 000000080 _____ () C:\Users\r0ach\AppData\Roaming\mBot.ini
2012-11-06 23:34 - 2014-10-30 14:54 - 000004608 _____ () C:\Users\r0ach\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-03 21:01 - 2012-12-03 21:01 - 000004096 ____H () C:\Users\r0ach\AppData\Local\keyfile3.drm
2015-06-19 21:03 - 2015-06-19 21:03 - 000000000 _____ () C:\Users\r0ach\AppData\Local\{97AE9A67-1F5B-497E-B5FF-F10E89CBD12F}
2015-06-19 21:03 - 2015-06-19 21:03 - 000000000 _____ () C:\Users\r0ach\AppData\Local\{D4A9D6FA-4C48-488B-9B90-4E24DD72B884}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2021-01-26 23:02
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by r0ach (31-01-2021 18:06:18)
Running from C:\Users\r0ach\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-19 18:36:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-228327966-2270223930-1445267679-500 - Administrator - Disabled)
Guest (S-1-5-21-228327966-2270223930-1445267679-501 - Limited - Disabled)
r0ach (S-1-5-21-228327966-2270223930-1445267679-1000 - Administrator - Enabled) => C:\Users\r0ach

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 7.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.278 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Altap Salamander 4.0 (x64) (HKLM\...\Altap Salamander 4.0 (x64)) (Version: 4.0 - ALTAP)
AMD Catalyst Install Manager (HKLM\...\{84D715B0-0938-5518-9E55-127177EC3B1B}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
A-PDF Merger (HKLM-x32\...\A-PDF Merger_is1) (Version: - A-PDF.com)
Apple Software Update (HKLM-x32\...\{55FA89BD-21D3-42F7-9249-C94C0094A83C}) (Version: 1.0.0.7 - Apple Computer, Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.331 - ArcSoft)
ArchiCAD 11 CZE (HKLM-x32\...\001FFFFFFF11FF00FF1101F03F02F000-R1) (Version: - )
ArchiCAD 15 R1 CZE (HKLM\...\001FFF2FFF15FF00FF1101F01F02F000-R1) (Version: 15.0 - Graphisoft)
Artlantis Studio 4.0 (HKLM\...\Artlantis Studio 4) (Version: 4.0.16 - Abvent R&D)
AuthenTec TrueAPI (HKLM\...\{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}) (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
AutoCAD 2011 - česky (HKLM\...\{5783F2D7-9001-0405-0102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2011 - česky (HKLM\...\AutoCAD 2011 - česky) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 Language Pack - česky (HKLM\...\{5783F2D7-9001-0405-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2012 - English (HKLM\...\{5783F2D7-A001-0409-0102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - English (HKLM\...\{5783F2D7-A001-0409-1102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (HKLM-x32\...\WT089453) (Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WT089498) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BitSpirit v3.6.0.550 Stable (HKLM-x32\...\BitSpirit_is1) (Version: - LANSPIRIT.NET)
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 2: Holidays (HKLM-x32\...\WTA-6dd35430-762e-4e47-9d5e-1395134ec46a) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.140 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (HKLM-x32\...\WT087335) (Version: 2.2.0.95 - WildTangent) Hidden
CADS Composite Beam Designer (HKLM-x32\...\CADS Composite Beam Designer) (Version: 3.27.319.1 - Computer And Design Services Ltd)
CADS WindLoadEngine (HKLM-x32\...\WindLoadEngine) (Version: 1.1.44.0 - Computer And Design Services Ltd)
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{C13E90B0-4E1C-11DB-6784-0152EAA218BE}) (Version: 1.3 - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Composite Column Designer (HKLM-x32\...\Composite Column Designer) (Version: 1.0.69.0 - Computer And Design Services Ltd)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Cubis Creatures (HKLM-x32\...\WTA-d83de59b-906d-47e3-aa50-230c71f4accb) (Version: 3.0.2.51 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
Czech Soccer Manager 2002 FE (HKLM-x32\...\Czech Soccer Manager 2002 FE) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT087536) (Version: 2.2.0.95 - WildTangent) Hidden
DJ_AIO_Software (HKLM-x32\...\{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM-x32\...\{32DACAC3-6538-405D-915E-8F2D026F199C}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
EA SPORTS online 2007 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version: - )
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET NOD32 Antivirus (HKLM\...\{04E87298-12FC-47DF-99FB-A948527F3977}) (Version: 7.0.317.4 - ESET, spol s r. o.)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
F1 2011 (HKLM-x32\...\{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters) Hidden
F1 2011 (HKLM-x32\...\GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters)
F1 2013 (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FATE - The Traitor Soul (HKLM-x32\...\WT089470) (Version: 2.2.0.95 - WildTangent) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Final Drive Nitro (HKLM-x32\...\WT089504) (Version: 2.2.0.95 - WildTangent) Hidden
Game Cam 2.6.1.0 (HKLM-x32\...\Game Cam) (Version: 2.6.1.0 - Game Cam Portal, Inc.)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
GoldWave v5.67 (HKLM-x32\...\GoldWave v5.67) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.6.5260 - Gretech Corporation)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guitar Hero III (HKLM-x32\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.00.0000 - Aspyr)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{95518B59-44D9-430A-B12C-A582F18F5752}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{5E63C0AB-19B0-47D4-842E-6B324EB0614B}) (Version: 4.1.23.1 - Hewlett-Packard Company)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 3520 series Nápověda (HKLM-x32\...\{D259C419-D776-4163-B27C-19722C555237}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Documentation (HKLM-x32\...\{3C5AB11A-2DDB-49E6-9FC0-CFD88A7DDFE4}) (Version: 1.1.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{4741965C-AFD0-4D00-81D1-1039F96D4DC3}) (Version: 5.3.0.273 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Software Framework (HKLM-x32\...\{E7530589-81AA-40B4-8A7A-56B22DCF62EC}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.8.34.31 - HP)
HP Support Solutions Framework (HKLM-x32\...\{579A990C-3855-4838-AF23-354CE2264BC0}) (Version: 12.18.34.21 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HWiNFO32 Version 2.39 (HKLM-x32\...\HWiNFO32_is1) (Version: 2.39 - Martin Malík - REALiX)
Chuzzle Deluxe (HKLM-x32\...\WT089454) (Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
Import souborů SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech Gaming Software 5.08 (HKLM\...\{96F1BA99-300F-4DD5-A26B-788EF63B53B1}) (Version: 5.08.146 - Logitech)
M2TS Player (HKLM-x32\...\{1ABADE06-CEC9-4A9C-B221-798207C53DEE}_is1) (Version: - m2tsplayer.com)
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.2.2614 - Macgo Inc.)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (HKLM-x32\...\WT087393) (Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mass Effect (HKLM-x32\...\Mass Effect_is1) (Version: - )
Mass Effect 2 (HKLM-x32\...\Mass Effect 2_is1) (Version: - )
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: - )
Mathematica Extras 8.0 (2063897) (HKLM\...\A-WIN-Extras 8.0.1 2063897_is1) (Version: 8.0.1 - Wolfram Research, Inc.)
Media Go (HKLM-x32\...\{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}) (Version: 2.1.392 - Sony)
Media Go Video Playback Engine 1.88.104.12040 (HKLM-x32\...\{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}) (Version: 1.88.104.12040 - Sony)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4999.1042 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 cs)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (HKLM-x32\...\WT089496) (Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (HKLM-x32\...\WT089484) (Version: 2.2.0.95 - WildTangent) Hidden
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
PHS100 (HKLM-x32\...\{395AB8C5-F3A8-4380-8718-7A11EC5829F9}) (Version: 1.00.0000 - PROLINK)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WT089458) (Version: 2.2.0.95 - WildTangent) Hidden
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.8.1.14440 - Sony Computer Entertainment Inc.)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Název společnosti:) Hidden
Project CARS (HKLM-x32\...\Project CARS_is1) (Version: 1.0.1.1 - Релиз от R.G. Steamgames)
Project IGI (HKLM-x32\...\Project IGI) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PX Profile Update (HKLM-x32\...\{D459963A-7ADF-87DF-140D-A94A04B57C6A}) (Version: 1.00.1. - AMD) Hidden
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.0.14 - QUALCOMM Incorporated)
QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
Rapture3D 2.5.1 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{DBCD5E64-7379-4648-9444-8A6558DCB614}) (Version: 2.0.0 - Hewlett-Packard) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scia Licence Server (HKLM-x32\...\{E592B693-81BE-42D9-B4E4-CABC11C7B101}) (Version: 2.2.3 - Nemetschek Scia)
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Silkroad (HKLM-x32\...\Silkroad) (Version: - )
Simt (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\2602833b666a9e0a) (Version: 1.0.1.47 - Hewlett-Packard)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Slingo Supreme (HKLM-x32\...\WT089457) (Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.206 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.206 - Sony)
Speciální aplikace Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Spotify (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelMemberDesigner (HKLM-x32\...\SteelMemberDesigner) (Version: 1.02.188.0 - Computer And Design Services Ltd)
Studie vylepšování produktu HP Deskjet 3520 series (HKLM\...\{B7AED02F-7D1B-4806-831B-C06841A282C4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
TechCON TD 7.0 - UPONOR (HKLM-x32\...\{71E4D13F-03AF-4439-99B5-D79142A1F50D}) (Version: 7.00.1115 - Your Company Name)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Tiger Woods PGA TOUR 07 (HKLM-x32\...\{9AF46AB7-DD4C-4C74-00BC-A618C5BA1D4C}) (Version: - )
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WAV MP3 Converter 4.2 Build 1259 (HKLM-x32\...\WAV MP3 Converter 4.2 Build 1259) (Version: - )
WAV MP3 Converter v4.4 build 1429 (HKLM-x32\...\{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1) (Version: - Hoo Technologies)
Web'n'walk Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2011-03-08 - Gemfor s.r.o.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00b of 2011-Jan-12 (Build 132) (Setup) - WIBU-SYSTEMS AG)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.11.2 - WildTangent) Hidden
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wolfram Mathematica 8 (M-WIN-L 8.0.1 2063990) (HKLM\...\M-WIN-L 8.0.1 2063990_is1) (Version: 8.0.1 - Wolfram Research, Inc.)
WSC Real 09 (HKLM-x32\...\{51AA8C3F-B316-44A8-B371-4BB6047E45DF}) (Version: 1.00.0000 - Blade Interactive Studios)
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version: - )
Základní software zařízení HP Deskjet 3520 series (HKLM\...\{7EBD8BA7-DF64-4BF9-9BC1-B0D53984FC6E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )
Zuma Deluxe (HKLM-x32\...\WT089455) (Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{C78B614F-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (Fine spol. s r.o. -> ALTAP)
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-07] (EasyBits Software AS -> EasyBits Software Corp.) [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-02-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-02-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-09-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-08-09] (leshcatlabs.net -> Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-02-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.XFR1] => C:\Windows\system32\xfcodec64.dll [22016 2012-11-14] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.XFR1] => C:\Windows\SysWOW64\xfcodec.dll [36352 2012-12-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\r0ach\Desktop\programy\Crash Bandicoot 3.lnk -> C:\game\Crash Bandicoot 3 Warped\Start.bat ()
Shortcut: C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) =============

2011-04-27 16:05 - 2011-04-27 16:05 - 001102336 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000059904 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-08 15:01 - 2013-02-20 15:03 - 000005632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Y Soft\SafeQ Client\Client\cs-CZ\SafeQ Client.resources.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 000514570 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2012-04-22 18:21 - 2012-02-17 19:55 - 000193536 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2018-10-13 21:53 - 2018-10-13 21:53 - 000172544 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c9e7ea212e2e2faf1c039ea31b8d9795\IsdiInterop.ni.dll
2012-04-21 17:41 - 2009-06-11 14:09 - 000491520 ____R () [File not signed] C:\Windows\system\CmAu106.dll
2012-10-08 15:01 - 2013-02-20 15:03 - 000683520 _____ () [File not signed] C:\Windows\System32\SafeQCairoLib64.dll
2012-10-08 15:01 - 2013-02-20 15:03 - 003798016 _____ () [File not signed] C:\Windows\System32\SAFEQVS64.DLL
2012-09-04 20:47 - 2012-09-04 20:47 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2012-09-04 20:46 - 2012-09-04 20:46 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2011-12-06 09:44 - 2010-12-22 20:50 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2018-02-23 07:44 - 2008-09-05 15:04 - 000155648 _____ (arcsoft) [File not signed] C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uEpg.dll
2012-04-21 17:41 - 2009-06-11 14:09 - 008126464 ____R (C-Media Corporation) [File not signed] C:\Windows\Syswow64\cm106.dll
2011-09-07 09:17 - 2011-09-07 09:17 - 000052920 _____ (EasyBits Software AS -> EasyBits Software Corp.) [File not signed] C:\Windows\SysWow64\EZUPBH~1.DLL
2013-08-15 10:07 - 2013-08-15 10:07 - 004579328 _____ (Flexera Software, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\scia\SCIA_libFNP.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000205824 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 000538112 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2009-09-20 09:19 - 2009-09-20 09:19 - 000274432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000049664 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000338432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000326144 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000150528 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2009-05-21 19:09 - 2009-05-21 19:09 - 000554496 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2011-06-14 16:07 - 2011-06-14 16:07 - 000260096 _____ (Hewlett-Packard Development Company L.P.) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP.Mobile.Resource.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000121344 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqCPTA.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000192000 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRTA.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000105472 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqxml2.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 000174080 _____ (hxxp://sqlite.phxsoftware.com) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.Linq.dll
2018-10-13 21:53 - 2018-10-13 21:53 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6ea5ae77d3c1ce37aa53f6474eff8b90\IAStorCommon.ni.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000007168 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000032768 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000004608 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000174592 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 001318912 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2011-12-06 09:44 - 2010-12-22 20:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-12-06 09:44 - 2011-05-20 08:54 - 000278528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2018-10-13 21:53 - 2018-10-13 21:53 - 000225792 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\8068bd783f5fa7a023fdb49eae0ddac2\IAStorDataMgr.ni.dll
2018-10-13 21:53 - 2018-10-13 21:53 - 000491520 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4b482aaa1f1b55f1cd1b1020fa430b27\IAStorUtil.ni.dll
2017-10-03 15:43 - 2017-10-03 15:43 - 000112128 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2012-04-21 02:07 - 2012-04-21 02:07 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2012-04-22 23:18 - 2012-04-22 23:18 - 001658368 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80.DLL
2012-04-22 23:18 - 2012-04-22 23:18 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2013-06-28 08:53 - 2013-06-28 08:53 - 000161280 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll
2012-04-19 21:26 - 2009-09-30 06:00 - 000738816 _____ (WIBU-SYSTEMS AG) [File not signed] C:\Program Files\WIBU-SYSTEMS\System\WibuShellExt64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-228327966-2270223930-1445267679-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {61A49B2E-2EE1-406F-9881-E51CFE488E27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> URL hxxp://search.certified-toolbar.com?si=43251&st=bs&tid=3623&ts=1367013566627&tguid=43251-3623-1367013563587-900819&q={searchTerms}
SearchScopes: HKLM-x32 -> {61A49B2E-2EE1-406F-9881-E51CFE488E27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-228327966-2270223930-1445267679-1000 -> {61A49B2E-2EE1-406F-9881-E51CFE488E27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25] (AuthenTec, Inc. -> HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25] (AuthenTec, Inc. -> HP)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-228327966-2270223930-1445267679-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-14 17:00 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-228327966-2270223930-1445267679-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Spotify => "C:\Users\r0ach\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\r0ach\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C83908C2-83C4-4CCF-95C5-8EF55079B21C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{302D6FFC-0FFA-440D-837B-E42212559C74}] => (Allow) LPort=2869
FirewallRules: [{686F365A-49E7-4F98-ADFE-6258B6907CDD}] => (Allow) LPort=1900
FirewallRules: [{80D51258-440D-4AA9-B3F9-DA7CBD6F2523}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE69FDDE-810D-437C-8B39-E594B8EEFF3D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB316B08-7F98-4DB6-93E6-523C1D523E45}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe => No File
FirewallRules: [{DCCA5EDA-EE9D-4A46-8C90-09C5092E5197}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe (EasyBits Software AS -> EasyBits Software AS)
FirewallRules: [{ED5E78A6-DEB6-4B8A-9D2B-201EF55A8B11}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2011\F1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [{8CA81DB7-9299-49EF-BEAA-CC5F8FDC7913}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2011\F1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [TCP Query User{B94B40FF-C073-49BE-A640-6FC9D69C723E}C:\program files (x86)\bitspirit\bitspirit.exe] => (Allow) C:\program files (x86)\bitspirit\bitspirit.exe (LANSPIRIT.NET) [File not signed]
FirewallRules: [UDP Query User{C2B48027-EEC5-4A32-8EAB-2D4B5A0F2EB5}C:\program files (x86)\bitspirit\bitspirit.exe] => (Allow) C:\program files (x86)\bitspirit\bitspirit.exe (LANSPIRIT.NET) [File not signed]
FirewallRules: [{69724B0F-540B-452D-A44C-F658C66EA5F3}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{B89120F5-1F0E-46C4-98A5-901EC46CFB4D}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [TCP Query User{CDA0BB2B-59B3-42D7-AC70-FB0036F49C9A}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{7A7C1E6C-B250-4DBB-97AA-8863E0EF1360}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{B4EB7E73-E81F-499F-93A4-9A1C578FBFA0}C:\program files\artlantis studio 4\qtsocketserver.exe] => (Allow) C:\program files\artlantis studio 4\qtsocketserver.exe () [File not signed]
FirewallRules: [UDP Query User{5DD72913-E2FA-4EFE-9508-BCAE938689CC}C:\program files\artlantis studio 4\qtsocketserver.exe] => (Allow) C:\program files\artlantis studio 4\qtsocketserver.exe () [File not signed]
FirewallRules: [TCP Query User{FF9D1DF0-3F4E-4A73-8A80-9B3C5767720B}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{7F99B22A-0BEF-4984-AEB3-4FBD0381CBFE}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [TCP Query User{29CC1CC3-F720-4C8A-AFD2-FFAB41DB142D}C:\program files (x86)\codemasters\f1 2011\f1_2011.exe] => (Allow) C:\program files (x86)\codemasters\f1 2011\f1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [UDP Query User{3BC0FD3B-CF44-4F38-8108-37C7EDF58FE3}C:\program files (x86)\codemasters\f1 2011\f1_2011.exe] => (Allow) C:\program files (x86)\codemasters\f1 2011\f1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [TCP Query User{11755D73-DD82-4FF3-8126-34AE08B3F381}C:\cod2\cod2mp_s.exe] => (Allow) C:\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{A8EA2069-0AE3-41EB-AD29-4944E3BCDD1F}C:\cod2\cod2mp_s.exe] => (Allow) C:\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [{F0E65361-760E-4FFA-9BEA-B3C2931A6EA9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{E4DEDB8E-9185-43A1-A7D4-4C2A5A951914}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{321799C9-BE9F-4E50-9126-9603BACA4EF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{6590AAD5-F03F-43D6-A554-7A72A7A33350}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{16DB53E8-5949-406C-9B81-1142B23E0E07}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{BA5ECBAC-A961-4741-AA8F-48CDB0901AFE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{58E8FF24-71B2-49A6-9F7A-0F7D73BAD9C7}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{D4E07DFD-CB91-4E90-962C-219B7D460541}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{4BDA0A94-CC49-4DFF-9674-E35DCE44CD37}C:\program files (x86)\xfire2\xfire.exe] => (Allow) C:\program files (x86)\xfire2\xfire.exe (Xfire Inc -> Xfire Inc.)
FirewallRules: [UDP Query User{37CEF903-39D6-47AB-B04C-9C0A5DD92BE9}C:\program files (x86)\xfire2\xfire.exe] => (Allow) C:\program files (x86)\xfire2\xfire.exe (Xfire Inc -> Xfire Inc.)
FirewallRules: [{285DCFC3-5716-4AB3-BB15-E44C31EF8567}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{312CFF27-2591-4889-A9CB-1B65B3DD0938}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1A3F78C4-D367-480E-A08C-A3361A83EC68}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0BB7F622-7264-4544-980B-6232A5EC5CBF}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{2A50BD13-4644-49B4-934D-D5D6A73745EB}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [TCP Query User{A72C1BAE-ABEA-441B-88C8-46BA84544F6E}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{5924E03E-836A-4008-8D34-17B17FC571FC}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [TCP Query User{9937E621-631A-4088-B7DE-F556FF54971C}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [UDP Query User{1ACF666B-EE12-46B3-96AD-DF3162E724A2}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [TCP Query User{B0A1EAA8-F869-44A8-BC5F-C6BC14FF160C}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [UDP Query User{0227B6F8-C811-472A-BD9D-6B6FEE8BB36D}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [TCP Query User{B17DCFD5-472C-40BC-9D1C-46BFB36A05C1}F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{96B275C1-5DDE-46B8-B739-639751A27D48}F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [TCP Query User{1392315E-AD2C-4106-9AE1-C461778DD393}C:\cod2\cod2mp_s.exe] => (Allow) C:\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{A8933595-C309-4C08-8F75-06FD124BB799}C:\cod2\cod2mp_s.exe] => (Allow) C:\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [{036D5835-80E8-4905-AB92-1D3EE77CB9AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{100B74C0-AC35-410E-A1BF-052F53FE0F65}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EFBC5F4B-4099-4270-94A4-9D365065AAA3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A4D175BC-BD46-48BE-88C5-4D23F56C1CCC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{D5315E3D-9131-4D8E-AAF1-A29B5C3976B4}F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{2E402E64-8A69-4A15-AE61-E623782A385C}F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [{3DB75D73-0B09-43D8-AA29-AE6D2B71CA18}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0E301D85-405A-440B-B2C7-5916776AFF04}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BB5DE559-B43A-412C-9E63-F392F3351F0D}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\Mathematica.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{C8D20F09-9635-4E6D-9B27-B86A9DF96DA6}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\Mathematica.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{B6D2A7EC-F191-468C-B603-9487203864E9}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\MathKernel.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{30A8B11B-7096-4C2F-B6F6-11D4958348B8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\MathKernel.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{122B91D0-9413-4827-BAC0-72C9CB764B02}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\math.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{1EDABF94-AE3D-440C-843A-DA5332B142BB}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\math.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [TCP Query User{B96EEA38-B429-48E6-B157-DD14D33B26B9}C:\games\outlast\binaries\win64\olgame.exe] => (Allow) C:\games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{F1798FEE-FE3A-4A66-B55D-8D5469FD022E}C:\games\outlast\binaries\win64\olgame.exe] => (Allow) C:\games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [TCP Query User{BDC700D5-EF0E-4CCC-93B2-A6CD72133C83}C:\games\outlast\binaries\win64\olgame.exe] => (Allow) C:\games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{BEA64CF1-46F8-4E1A-B212-63EA9ED0567B}C:\games\outlast\binaries\win64\olgame.exe] => (Allow) C:\games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{B3CD31BA-DA06-4867-A3A2-1134BAB27214}] => (Allow) C:\Program Files (x86)\BitSpirit\BitSpirit.exe (LANSPIRIT.NET) [File not signed]
FirewallRules: [{087C0A3E-99EE-4123-8712-751661C077CD}] => (Allow) C:\Program Files (x86)\BitSpirit\BitSpirit.exe (LANSPIRIT.NET) [File not signed]
FirewallRules: [{2506C896-DA92-4B1A-AA61-4D2F57A42DBF}] => (Allow) C:\Users\r0ach\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{143A2D77-8B83-4DF4-9342-6487BB0AC298}] => (Allow) C:\Users\r0ach\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{343DBA13-9FE3-467D-B5D3-66112F19441D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{19E498B7-7201-4D86-A785-EB24E015A0F3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{7798A9D0-5026-4FBA-AE00-96FEEDEE7E64}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{30D27C91-2294-4E98-874D-DC15FF08D54F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [TCP Query User{BC28189D-EA0B-4C14-916E-6BE2AB5C156B}C:\program files (x86)\steam\steam.exe] => (Block) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D9B0E017-3E0D-415D-9571-82BC913B1C13}C:\program files (x86)\steam\steam.exe] => (Block) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{97956E82-C1FB-44D7-BCAD-BF4230BFA917}] => (Allow) LPort=50248
FirewallRules: [{2FB55683-4B02-417C-83BD-FDC33D242F48}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe (Graphisoft SE) [File not signed]
FirewallRules: [{ED035916-7D8E-4574-9575-A1B1F352E2E8}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe (Graphisoft SE) [File not signed]
FirewallRules: [{250CCC84-FA3F-4A78-B02A-B9B55D705980}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe (Graphisoft SE) [File not signed]
FirewallRules: [{1A84B59B-3C34-4967-853B-3040A54D0B58}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe (Graphisoft SE) [File not signed]
FirewallRules: [TCP Query User{E507E1E7-A723-4B4F-99DB-04082C54336E}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe (Graphisoft SE) [File not signed]
FirewallRules: [UDP Query User{33BC5E72-5442-4FE5-81A8-04262D5D9E74}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe (Graphisoft SE) [File not signed]
FirewallRules: [TCP Query User{25D9902C-1391-45C9-A9FB-2BDC8A7D7BDF}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe (Graphisoft SE) [File not signed]
FirewallRules: [UDP Query User{8ED1C873-4F50-44A0-A4E5-1211C7CB9B07}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe (Graphisoft SE) [File not signed]
FirewallRules: [TCP Query User{210185C1-475C-4EAD-A484-7DBD3501542B}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Block) C:\program files\graphisoft\archicad 15\gsreport.exe (Graphisoft SE) [File not signed]
FirewallRules: [UDP Query User{F62C812E-6156-44C9-AC75-951B89A44290}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Block) C:\program files\graphisoft\archicad 15\gsreport.exe (Graphisoft SE) [File not signed]
FirewallRules: [{A3196CBE-0A60-4E0F-A4F8-6BBB3F191940}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{5662D78A-A18B-4ED4-9A5E-E74280A9AC1A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{EB513B82-C7D4-43B2-A70B-59720EA1E1F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{C9D645A8-773C-4DE6-8F13-D22DF3DA5981}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{6318231A-F9CD-41C7-973F-CD357C2EF825}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{395D92CA-1FE4-457A-9A7D-3E9DD629FEB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{429D482C-4115-4FE7-916C-0D2CD790231B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9FA14455-0339-4C5B-B696-B56B8EB51FA5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{6084F344-866C-4BF3-8A7D-D054A5814A23}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{D9C98B9B-7DE2-40EB-B4C4-A8ED512C097E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{7EF4D6C0-47DD-4C6C-9842-46B8337A5E56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{4177BA3E-B429-493C-88BC-8CE9A857FDF9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe (Hewlett Packard -> Hewlett-Packard Development Co. L.P.)
FirewallRules: [{9142DF09-7CC4-4F16-9C7F-6F3CE5FBDE29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{259D9438-8EC2-4F0E-BE53-401F120D1953}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{C893F162-B57B-4347-A02B-75EF4DFAF562}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{54DF7197-1B82-4A41-9DCF-AAA3E74DF13F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{794E406E-0BAA-400E-B0E0-DEAC63DFDFA0}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{843CEDBE-7BC8-40F6-B218-638C9FEC3CAA}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{C774DB46-9F28-4C8D-8D49-385DC356F2F4}C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{E647774F-414E-4340-AFAB-919CD90638B8}C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [{6E478770-2721-4881-A7D5-8EE5CD02E332}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FDB30F1C-5C91-44A9-B376-B4FA8490222E}C:\users\r0ach\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r0ach\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C123DA76-3BF5-4071-88B0-DE6960E0A8AA}C:\users\r0ach\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r0ach\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{438AC198-EB3C-4E33-A3E6-1CF10E0FB281}C:\users\r0ach\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\r0ach\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{3210E29D-7EA8-4D19-B9B0-97566F305B9C}C:\users\r0ach\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\r0ach\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9A732765-AAF8-4191-842C-203DB7930745}C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{FF000007-D058-49D6-8504-23E8020E5672}C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{627056F2-198B-46CC-8943-448B50AF352B}C:\users\r0ach\desktop\plocha\silko\1\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\1\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{42E8E4F5-84B7-427B-BE6D-C4EC07A200CF}C:\users\r0ach\desktop\plocha\silko\1\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\1\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{546AB50B-7B40-4E69-B219-1381F5C034E4}C:\users\r0ach\desktop\plocha\silko\sro eu\1\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\sro eu\1\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{45FA17B1-10FE-4FA5-9C7C-F4919CCEA7D9}C:\users\r0ach\desktop\plocha\silko\sro eu\1\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\sro eu\1\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{8A4E752A-3881-4092-99F9-D1E0790ADA3F}C:\users\r0ach\desktop\bot\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{B1A33790-AB8E-436F-96F8-DC730C80561A}C:\users\r0ach\desktop\bot\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{64537A2A-7E42-4065-87B8-E21DFB545AE1}C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{BE82B790-7004-4731-8AC4-24B032531D6A}C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{F0255AF2-0484-4092-AD8D-A3EFEECE14FD}C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{8D65F3CB-7665-45A9-8C8A-423876B48E7C}C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{E8F50E29-753C-4D52-9C1B-3C33762F9AC2}C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{CB2FCF26-F875-42DF-9926-E385F1C951F2}C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{BE34D8E6-27EE-4862-B3A6-AA5540CBC936}C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{164C73A7-9626-4892-811C-754D1086125C}C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{01B32461-C4E6-4477-8C5F-DFFE1337420F}C:\users\r0ach\desktop\zk\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\zk\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{7D76E153-86BA-4E88-99DC-F0369031852D}C:\users\r0ach\desktop\zk\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\zk\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{42189582-8475-4121-A5A9-EA37438EA38C}C:\users\r0ach\desktop\bot\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{CC56E06E-FFE8-405F-BD4F-AA47F3D5A95E}C:\users\r0ach\desktop\bot\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{38B25A73-AC90-4A4E-A68A-78AB24D7FDCE}C:\users\r0ach\desktop\bot\maxb\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\maxb\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{E93785E5-AC05-4108-B476-E672DC055B53}C:\users\r0ach\desktop\bot\maxb\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\maxb\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{0993DA11-5E36-440A-8027-EFC82214F6A4}C:\users\r0ach\desktop\bot\digi\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\digi\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{87A2B0A5-E3E9-4714-AE0B-7C310F109401}C:\users\r0ach\desktop\bot\digi\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\digi\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{BFBDDED6-3A87-4E46-BC7E-E2C423CBB19E}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Allow) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [UDP Query User{F3316214-2034-48B5-A739-0BD2F252AF8B}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Allow) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [TCP Query User{0D4E0C16-339C-471E-B1BE-F78BBB725319}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Allow) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [UDP Query User{E9403DD4-8A1F-40E8-9C2C-893C07532401}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Allow) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [TCP Query User{0A862FF9-91BF-416C-A5B4-EE3B9F953D3E}C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe] => (Block) C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe (BioWare) [File not signed]
FirewallRules: [UDP Query User{A4FD2511-0854-47D3-820B-7F2816FA41D9}C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe] => (Block) C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe (BioWare) [File not signed]
FirewallRules: [{839891C6-066E-4CB6-ABA3-01D6C26FAFB3}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{24497FD5-02DE-4BB9-83E0-DEFED9F47C77}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{4C38089A-F1F7-45DB-AE63-D88213D0FEC6}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{E93901F0-2098-4082-B190-3A84197253AE}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{A3B43D9F-BFC2-46BB-AF2C-847AAF8423A5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3369DC1-2ADE-4C01-BD4C-4B6CD8B3CBD4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CE29A7EB-AC1C-4CA7-B3A3-6928F03EE0A0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{E3C8F96B-35D4-48A7-B9B2-45148C91A15A}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{A50BD04B-2EF6-470D-8647-DBB811E63480}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerRecover\ApowerRecover.exe => No File
FirewallRules: [{65133820-DF30-48F8-A90F-F6341BB7F4DA}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerRecover\ApowerRecover.exe => No File
FirewallRules: [{FB14B126-0D1B-4C70-9079-EC39EE1D00DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-01-2021 15:09:58 Naplánovaný kontrolní bod
16-01-2021 23:30:00 Windows Update
20-01-2021 23:02:05 Windows Update
26-01-2021 23:02:33 Windows Update

==================== Faulty Device Manager Devices ============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/18/2021 05:15:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: STacSV64.exe, verze: 1.0.6381.0, časové razítko: 0x4f03f7c2
Název chybujícího modulu: stapi64.dll, verze: 1.0.6381.0, časové razítko: 0x4f03f720
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000036b59
ID chybujícího procesu: 0x2f4
Čas spuštění chybující aplikace: 0x01d6e856ea88d176
Cesta k chybující aplikaci: C:\Program Files\IDT\WDM\STacSV64.exe
Cesta k chybujícímu modulu: C:\Windows\system32\stapi64.dll
ID zprávy: 59a626f4-59a8-11eb-a6ea-402cf42666df

Error: (01/11/2021 09:26:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Manager.exe, verze: 2011.3.8.0, časové razítko: 0x4d766ca1
Název chybujícího modulu: WINTRUST.dll, verze: 6.1.7601.23971, časové razítko: 0x5a26d2c0
Kód výjimky: 0xc0000005
Posun chyby: 0x000043b8
ID chybujícího procesu: 0x1258
Čas spuštění chybující aplikace: 0x01d6e8573b79fea0
Cesta k chybující aplikaci: C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\WINTRUST.dll
ID zprávy: 3e745781-544b-11eb-a6ea-402cf42666df

Error: (01/11/2021 09:21:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.9600.19155, časové razítko: 0x5ba07112
Název chybujícího modulu: atiuxpag.dll, verze: 8.14.1.6278, časové razítko: 0x5046a56b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000b8f7
ID chybujícího procesu: 0x19bc
Čas spuštění chybující aplikace: 0x01d6e8575fda057c
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\atiuxpag.dll
ID zprávy: a7147e6d-544a-11eb-a6ea-402cf42666df

Error: (01/11/2021 09:21:08 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed

Error: (01/11/2021 09:21:08 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Too many failures while downloading ranges: 2

Error: (01/11/2021 09:20:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/09/2021 08:17:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ameisvc.exe, verze: 2011.3.8.0, časové razítko: 0x4d766999
Název chybujícího modulu: WINTRUST.dll, verze: 6.1.7601.23971, časové razítko: 0x5a26d2c0
Kód výjimky: 0xc0000005
Posun chyby: 0x000043b8
ID chybujícího procesu: 0xd6c
Čas spuštění chybující aplikace: 0x01d6aa3501633fc1
Cesta k chybující aplikaci: C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\WINTRUST.dll
ID zprávy: 4f06a296-52af-11eb-b37e-402cf42666df

Error: (01/09/2021 03:50:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 6.1.7600.16385, časové razítko: 0x4a5bca54
Název chybujícího modulu: atiu9p64.dll, verze: 8.14.1.6278, časové razítko: 0x5046a563
Kód výjimky: 0xc0000417
Posun chyby: 0x000000000000dd35
ID chybujícího procesu: 0x1e9b0
Čas spuštění chybující aplikace: 0x01d6e69647835239
Cesta k chybující aplikaci: C:\Windows\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\Windows\system32\atiu9p64.dll
ID zprávy: 0e4a5e2f-528a-11eb-b37e-402cf42666df


System errors:
=============
Error: (01/26/2021 09:42:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (01/26/2021 09:42:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/20/2021 09:55:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Audio Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/20/2021 09:54:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1053 = Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas. při pokusu o spuštění služby VSS s argumenty za účelem spuštění serveru:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (01/20/2021 09:53:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Stínová kopie svazku neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/20/2021 09:53:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Stínová kopie svazku bylo dosaženo časového limitu (30000 ms).

Error: (01/11/2021 09:18:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:45:06, ‎11.‎1.‎2021) bylo neočekávané.

Error: (01/09/2021 08:18:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Web'n'walk Manager mobile equipment installation service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2018-10-11 20:21:48.116
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{30CAAF3B-8532-46CA-8A4D-737073109DC2}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-05-19 11:42:06.395
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{9D3891B9-3FE2-463C-B6AB-F6E9AE169C19}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-11-08 21:42:37.811
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{49C94C0A-BB90-4877-8D39-54E2C3663545}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2019-02-15 23:48:59.137
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2019-02-15 23:48:59.126
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.219.1973.0
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.12603.0
Předchozí verze modulu:
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2019-02-15 23:48:59.125
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.12603.0
Předchozí verze modulu:
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2019-02-15 21:42:09.574
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2019-02-15 21:42:09.545
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.219.1973.0
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.12603.0
Předchozí verze modulu:
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===================================

Date: 2019-02-15 21:09:31.659
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:31.406
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:26.389
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:26.142
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:17.583
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:17.323
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:07.578
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:07.321
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Hewlett-Packard F.19 05/21/2012
Motherboard: Hewlett-Packard 17FA
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 68%
Total physical RAM: 6091.86 MB
Available physical RAM: 1923.14 MB
Total Virtual: 12181.86 MB
Available Virtual: 6758.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:680.02 GB) (Free:58.12 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:18.32 GB) (Free:1.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (EVOLVE) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
Drive h: (ME3t2k9) (CDROM) (Total:3.37 GB) (Free:0 GB) UDF

\\?\Volume{242627b8-8a4e-11e1-b154-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS
\\?\Volume{242627bb-8a4e-11e1-b154-806e6f6e6963}\ (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 8E04C78E)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=680 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118274
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r0ach
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 19 bře 2013 01:58

Re: Kontrola logu

#3 Příspěvek od r0ach »

Děkuji za reakci
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-31-2021
# Duration: 00:01:21
# OS: Windows 7 Home Premium
# Cleaned: 80
# Awaiting reboot:3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\launcher.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\AboutUrls|Tabs
Deleted HKLM\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.htm\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.html\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.mfp\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.png\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.shtml\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.xht\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.xhtml\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\Applications\TorchSetup.exe
Deleted HKLM\SOFTWARE\Clients\StartMenuInternet\Torch.ILEG6NH6LW6BFSWDB3QCOV7BFU
Deleted HKLM\Software\Wow6432Node\Clients\StartMenuInternet\Torch.ILEG6NH6LW6BFSWDB3QCOV7BFU
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\AboutUrls|newtab
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes|DisplayName
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes|SuggestionsURL_JSON
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes|TopResultURLFallback
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes|URL

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Deleted Preinstalled.HPClientServices Folder C:\Program Files\HEWLETT-PACKARD\HP CLIENT SERVICES
Deleted Preinstalled.HPClientServices Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
Deleted Preinstalled.HPClientServices Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}
Deleted Preinstalled.HPHealthCheck Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}
Deleted Preinstalled.HPMediaSmart Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00777908-43A1-4D75-8332-5DF0752B0334}
Deleted Preinstalled.HPMediaSmart Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MirageAgent
Deleted Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Deleted Preinstalled.HPMediaSmart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}
Deleted Preinstalled.HPMediaSmart Task C:\Windows\System32\Tasks\MIRAGEAGENT
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\r0ach\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\r0ach\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{335F9A62-FE4B-40CD-B4ED-BB4DE21DC95D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E92D47A1-D27D-430A-8368-0BAFD956507D}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}
Deleted Preinstalled.WildTangentGamesBundle File C:\Users\r0ach\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - wildgames.lnk
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted Preinstalled.WildTangentGamesBundle Registry HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Needs Reboot Preinstalled.HPClientServices Folder C:\ProgramData\HEWLETT-PACKARD\HP CLIENT SERVICES
Needs Reboot Preinstalled.HPClientServices Folder C:\ProgramData\HEWLETT-PACKARD\HP CLIENT SERVICES\CONFIG
Needs Reboot Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Cleaning failed C:\ProgramData\HEWLETT-PACKARD\HP CLIENT SERVICES
Cleaning failed C:\ProgramData\HEWLETT-PACKARD\HP CLIENT SERVICES\CONFIG

*************************

AdwCleaner[S00].txt - [10982 octets] - [31/01/2021 20:05:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118274
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r0ach
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 19 bře 2013 01:58

Re: Kontrola logu

#5 Příspěvek od r0ach »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by r0ach (administrator) on R0ACH-HP (Hewlett-Packard HP Pavilion dv6 Notebook PC) (31-01-2021 21:28:51)
Running from C:\Users\r0ach\Desktop
Loaded Profiles: r0ach
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe
() [File not signed] C:\Windows\system\cm106eye.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) [File not signed] C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(Autodesk, Inc -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Flexera Software, Inc. -> Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Flexera Software, Inc. -> Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
(Gemfor s.r.o. -> Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(leshcatlabs.net -> AMD) C:\Windows\System32\atieclxx.exe
(leshcatlabs.net -> AMD) C:\Windows\System32\atiesrxx.exe
(Logitech -> Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Nemetschek SCIA) [File not signed] C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\scia\SCIA.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realsil Microelectronics Inc.) [File not signed] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Spotify AB -> Spotify Ltd) C:\Users\r0ach\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2013-12-13] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Cm106Sound] => C:\Windows\Syswow64\cm106.dll [8126464 2009-06-11] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190472 2009-09-16] (Logitech -> Logitech Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-06-28] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS -> EasyBits Software AS) [File not signed]
HKLM-x32\...\Run: [SafeQ Client] => C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [259584 2013-02-20] () [File not signed]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Company -> Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [170496 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o. -> Gemfor s.r.o.)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Run: [Spotify Web Helper] => C:\Users\r0ach\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-05-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Policies\Explorer: []
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF 6 Monitor: C:\Windows\system32\novamnk6.dll [26824 2009-09-24] (Softland -> Softland)
HKLM\...\Print\Monitors\SafeQ: C:\Windows\system32\SAFEQVS64.DLL [3798016 2013-02-20] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-07-29] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-12-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2012-08-27]
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group s.r.o. -> Allstar Group, s.r.o.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-04-19]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2014-10-30]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2018-02-23]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C1EA4F2-BF03-4B8C-93B7-FAC6973C2F00} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {1438031D-6E1D-457C-94ED-F548340C5FC3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ec1ac2a04079 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {15E6A115-9239-4C97-8D0A-8F6DDF3310A8} - System32\Tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {1B7C95DB-1D56-4004-AF64-1B042E49672C} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {1DC8B67D-E0BF-4858-83FA-6DC47F22A8BC} - System32\Tasks\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [663552 2006-08-29] (Apple Computer, Inc.) [File not signed]
Task: {20611F66-F2AB-4EC6-807A-8C1A7B5EC169} - System32\Tasks\{EE43621C-CBDD-46A3-BDCA-0DFFE7E67645} => C:\Windows\system32\pcalua.exe -a C:\Users\r0ach\Desktop\Roadpac\HINSTALL7.EXE -d C:\Users\r0ach\Desktop\Roadpac
Task: {274532B9-5CD8-42E8-B649-DE758F9ABB78} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {2B99D4A7-E3FD-474A-BE05-82E5C74F8E8B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2DC8E1A2-C902-4C48-94DD-64B56B5E6124} - System32\Tasks\{7B874A2B-0B2A-490E-AE96-F0FC0A771915} => C:\Program Files\Mafia\Setup.exe [98361 2016-10-20] () [File not signed]
Task: {381D8A99-3BC8-4AF4-A165-7501A7B51998} - System32\Tasks\{39FF9512-3AA2-4EB3-A7E3-098AF5F27A29} => C:\Program Files (x86)\Microsoft Office\OFFICE11\POWERPNT.EXE [6421848 2011-04-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {44B3E835-57F9-44DE-9F34-56ED2010B622} - System32\Tasks\AdobeAAMUpdater-1.0-r0ach-HP-r0ach => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4635ECED-06F7-4389-90AC-39081FBFC273} - System32\Tasks\{492A5B6F-B1B1-4AB1-B0E4-B0AE8A73CA3E} => C:\Program Files\Mafia\Game.exe [2486272 2002-08-27] (Illusion Softworks) [File not signed]
Task: {49C1E5E8-152A-42FE-9A25-77A9B75AFEBC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {4D57D9E8-E339-41C6-A17E-E234E14BF27A} - System32\Tasks\{81BFD324-BA9B-4BB3-8351-09E28324C552} => C:\Windows\system32\pcalua.exe -a C:\Users\r0ach\Desktop\Roadpac\HINSTALL.EXE -d C:\Users\r0ach\Desktop\Roadpac
Task: {5F90A661-E309-4CE1-A1B2-A9630883D99F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {72718D43-87DD-4108-8684-132B85F4103F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {75CCA333-923A-48F8-A076-D45CAF02D036} - System32\Tasks\{556A88D3-1046-4198-B05C-4B845CC83BC0} => C:\Program Files (x86)\Microsoft Office\OFFICE11\SETLANG.EXE [390496 2007-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D9961BF-0F50-4B87-AFC9-20E45552BB7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {80089452-229D-44C4-A293-58BA61E0FB36} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2011-01-31] (Hewlett-Packard Company -> )
Task: {86387292-62A7-4DEE-9F0D-5730FB6D9B86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {9C362DD3-6F1F-4E12-BC2D-1F158124097B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A15107AF-9F6D-446A-8B2B-D5A2A32E8E44} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {A42CB95C-1691-4F12-A2B2-416DB301505D} - System32\Tasks\{59E0EA45-3B03-41C6-8D72-4539F557E46D} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Task: {B161EFC9-73BA-40A1-8263-14E6FB5FA5AA} - System32\Tasks\{C288142E-FB26-4857-8278-513E65C60301} => C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe [299008 2010-05-18] (ArcSoft, Inc.) [File not signed]
Task: {C121A786-2B05-4A0C-AA83-AC6911C9515E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {CBC3BC4A-870C-41B3-AAED-73D7578AF51A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {D10FA0EC-B04C-4813-BCD8-69DBFE44AF24} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {D32AD501-1F61-43ED-A32C-94151A5AB01D} - System32\Tasks\{CB877A56-1B50-4737-9E36-10D39FB8BC20} => C:\Program Files (x86)\RailSimulator.com\Railworks 3 Train Simulator 2012 Deluxe\RailWorks.exe
Task: {DEB3E38E-42E5-4ACE-B1E5-8863653025A0} - System32\Tasks\{4407A3C4-C985-4F75-939C-9064D8F89C9C} => H:\setup.exe [1979349 2013-01-04] () [File not signed]
Task: {E58ACEA2-9360-464C-9741-1ACB04B019FA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {FCBAFF81-B5C6-43B1-A8D4-ADAD73E832BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{B099BC0C-25B1-4554-BD04-80E2C58B207E}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E7741F0A-ED3F-42D5-80E7-A0F121DA52C7}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{F94FAD3C-080E-4855-8C7C-67D900093DEE}: [DhcpNameServer] 213.46.172.38 213.46.172.39

FireFox:
========
FF ProfilePath: C:\Users\r0ach\AppData\Roaming\Mozilla\Firefox\Profiles\qt76eed2.default [2021-01-31]
FF Homepage: Mozilla\Firefox\Profiles\qt76eed2.default -> about:home
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [Legacy]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-06-14] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-04-19] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-09-07] (Sun Microsystems, Inc.) [File not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc. -> Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2012-02-03] (Sony Network Entertainment International LLC) [File not signed]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll [No File]
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll [2011-02-23] (Wolfram Research -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-228327966-2270223930-1445267679-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\r0ach\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-07] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-228327966-2270223930-1445267679-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-09-16] (Ubisoft Massive -> Ubisoft)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default [2021-01-31]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (HP Product Detection Plugin) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-10-29]
CHR Extension: (Nejrychlejší seznámení - HotNot.cz) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhjbhddlnbaedecpcepblggdfdclefod [2013-04-05]
CHR Extension: (Website Logon) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfaldikcoaplhepekpbngkepfcoiihef [2012-05-14]
CHR Extension: (Free Youtubie to MP3 Converter) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgbopgnnnapbpgpbodilccnanoodealh [2014-08-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Chrome Media Router) - C:\Users\r0ach\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-31]
CHR HKLM-x32\...\Chrome\Extension: [dfaldikcoaplhepekpbngkepfcoiihef] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-08-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>

Opera:
=======
OPR Profile: C:\Users\r0ach\AppData\Roaming\Opera Software\Opera Stable [2019-05-16]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.cz/complete/search?client=op ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960 2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2012-09-05] (leshcatlabs.net -> AMD)
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [122608 2011-03-08] (Gemfor s.r.o. -> Gemfor s.r.o.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET, spol. s r.o. -> ESET)
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [260424 2011-08-25] (AuthenTec, Inc. -> HP)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2013-06-28] (Realsil Microelectronics Inc.) [File not signed]
R2 lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [6587728 2011-08-05] (Flexera Software, Inc. -> Flexera Software, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-01] (Even Balance, Inc. -> )
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Sony Mobile Communications -> Avanquest Software) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [311808 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S3 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S2 HPClientSvc; "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10692096 2012-09-05] (leshcatlabs.net -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [459264 2012-09-05] (leshcatlabs.net -> Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2010-07-28] (CyberLink -> CyberLink Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-19] (DT Soft Ltd -> DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET, spol. s r.o. -> ESET)
R1 HWiNFO32; C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [28264 2009-01-14] (Martin Malik - REALiX -> REALiX(tm))
R3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [12312896 2012-08-09] (leshcatlabs.net -> Intel Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2018-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ITE)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [11776 2010-02-22] (Microsoft Windows Hardware Compatibility Publisher -> MBB Incorporated)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [91648 2013-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [208896 2013-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 plkusbser; C:\Windows\System32\DRIVERS\plkusbser.sys [113664 2008-01-23] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [126208 2012-10-26] (USBHostDriver(Test003) -> QUALCOMM Incorporated)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2019-12-08] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [535552 2012-01-03] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1306624 2009-06-11] (C-Media Electronics Incorporation -> C-Media Electronics Inc)
R3 vrvd5; C:\Windows\System32\DRIVERS\vrvd5.sys [13344 2015-12-02] (Rsupport Co., Ltd. -> Rsupport Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (BitRaider, LLC -> XFire)
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [121344 2010-03-02] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [121344 2010-03-02] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [121344 2010-03-02] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-31 20:37 - 2021-01-31 20:37 - 000042535 _____ C:\Users\r0ach\Downloads\Arrow-S03E09(0000321854).srt
2021-01-31 19:59 - 2021-01-31 20:00 - 008457584 _____ (Malwarebytes) C:\Users\r0ach\Desktop\adwcleaner_8.0.9.1.exe
2021-01-31 18:03 - 2021-01-31 21:30 - 000037359 _____ C:\Users\r0ach\Desktop\FRST.txt
2021-01-31 18:02 - 2021-01-31 18:01 - 002297856 _____ (Farbar) C:\Users\r0ach\Desktop\FRST64.exe
2021-01-31 18:01 - 2021-01-31 21:29 - 000000000 ____D C:\FRST
2021-01-31 18:01 - 2021-01-31 18:01 - 002297856 _____ (Farbar) C:\Users\r0ach\Downloads\FRST64.exe
2021-01-31 17:58 - 2021-01-31 17:58 - 000000000 ____D C:\rsit
2021-01-31 17:57 - 2021-01-31 17:57 - 001222144 _____ C:\Users\r0ach\Downloads\RSITx64.exe
2021-01-31 17:57 - 2021-01-31 17:57 - 001222144 _____ C:\Users\r0ach\Downloads\RSITx64 (1).exe
2021-01-31 17:49 - 2021-01-31 17:50 - 000000000 ____D C:\Users\r0ach\Desktop\svatba
2021-01-29 20:28 - 2021-01-29 20:28 - 000041707 _____ C:\Users\r0ach\Downloads\Arrow-S03E08(0000321853).srt
2021-01-26 22:20 - 2021-01-26 22:20 - 000042309 _____ C:\Users\r0ach\Downloads\Arrow-S03E07(0000321852).srt
2021-01-17 21:50 - 2021-01-17 21:50 - 000042624 _____ C:\Users\r0ach\Downloads\The-Flash-S01E10(0000263543).srt
2021-01-17 21:50 - 2021-01-17 21:50 - 000038242 _____ C:\Users\r0ach\Downloads\The-Flash-S01E09(0000263542).srt
2021-01-17 21:49 - 2021-01-17 21:49 - 000045006 _____ C:\Users\r0ach\Downloads\The-Flash-S01E08(0000263541).srt
2021-01-17 21:49 - 2021-01-17 21:49 - 000040040 _____ C:\Users\r0ach\Downloads\The-Flash-S01E07(0000263540).srt
2021-01-17 21:48 - 2021-01-17 21:48 - 000042960 _____ C:\Users\r0ach\Downloads\The-Flash-S01E06(0000262696).srt
2021-01-17 21:45 - 2021-01-17 21:45 - 000957511 _____ C:\Users\r0ach\Downloads\arrow-subtitles-cz-3.zip
2021-01-16 22:34 - 2021-01-16 22:34 - 000045839 _____ C:\Users\r0ach\Downloads\Arrow-S03E06(0000288409).srt
2021-01-16 22:33 - 2021-01-16 22:33 - 000046038 _____ C:\Users\r0ach\Downloads\Arrow-S03E05(0000288408).srt
2021-01-16 22:33 - 2021-01-16 22:33 - 000042865 _____ C:\Users\r0ach\Downloads\The-Flash-S01E06(0000245772).srt
2021-01-16 22:33 - 2021-01-16 22:33 - 000042023 _____ C:\Users\r0ach\Downloads\The-Flash-S01E05(0000262695).srt
2021-01-15 21:42 - 2021-01-15 21:42 - 000045551 _____ C:\Users\r0ach\Downloads\The-Flash-S01E04(0000262694).srt
2021-01-15 21:42 - 2021-01-15 21:42 - 000042999 _____ C:\Users\r0ach\Downloads\Arrow-S03E04(0000288407).srt
2021-01-15 21:41 - 2021-01-15 21:41 - 000041578 _____ C:\Users\r0ach\Downloads\The-Flash-S01E03(0000262693).srt
2021-01-15 21:41 - 2021-01-15 21:41 - 000040591 _____ C:\Users\r0ach\Downloads\Arrow-S03E03(0000259953).srt
2021-01-15 21:40 - 2021-01-15 21:40 - 000038387 _____ C:\Users\r0ach\Downloads\Arrow-S03E02(0000259952).srt
2021-01-11 23:31 - 2021-01-11 23:31 - 000044812 _____ C:\Users\r0ach\Downloads\The-Flash-S01E02(0000262692).srt
2021-01-11 23:27 - 2021-01-11 23:27 - 000044643 _____ C:\Users\r0ach\Downloads\The-Flash-S01E02(0000244353).srt
2021-01-11 22:47 - 2021-01-11 22:47 - 000043400 _____ C:\Users\r0ach\Downloads\Arrow-S03E01(0000259951).srt
2021-01-11 22:46 - 2021-01-11 22:46 - 000043429 _____ C:\Users\r0ach\Downloads\Arrow-S03E01(0000243642).srt
2021-01-06 14:58 - 2021-01-11 21:30 - 000000000 ____D C:\Users\r0ach\Downloads\The.Flash.Season.1.720p.BluRay.x264.ShAaNiG
2021-01-06 14:57 - 2021-01-17 21:47 - 000000000 ____D C:\Users\r0ach\Downloads\Arrow.Season.3.720p.BluRay.x264.ShAaNiG
2021-01-06 14:55 - 2021-01-06 14:56 - 000000000 ____D C:\Users\r0ach\AppData\LocalLow\uTorrent
2021-01-05 18:23 - 2021-01-31 17:49 - 000000000 ____D C:\Users\r0ach\Desktop\barak

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-31 21:28 - 2012-05-27 12:57 - 000000000 ____D C:\Program Files\CCleaner
2021-01-31 21:28 - 2012-04-24 21:35 - 000000000 ____D C:\Users\r0ach\AppData\Roaming\vlc
2021-01-31 20:43 - 2009-07-14 05:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-31 20:43 - 2009-07-14 05:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-31 20:40 - 2012-05-06 22:55 - 000000000 ____D C:\Users\r0ach\AppData\Local\CrashDumps
2021-01-31 20:39 - 2011-09-07 18:19 - 000681990 _____ C:\Windows\system32\perfh005.dat
2021-01-31 20:39 - 2011-09-07 18:19 - 000146146 _____ C:\Windows\system32\perfc005.dat
2021-01-31 20:39 - 2009-07-14 06:13 - 001611868 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-31 20:39 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-31 20:33 - 2012-04-19 19:37 - 000000000 ____D C:\Users\r0ach\AppData\LocalLow\AuthenTec
2021-01-31 20:32 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-31 20:27 - 2011-09-07 09:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-31 20:23 - 2012-09-27 21:28 - 000000000 ____D C:\Temp
2021-01-31 20:16 - 2019-03-01 16:43 - 000000366 _____ C:\Windows\PROLINK HSDPA Modem.INI
2021-01-31 20:16 - 2011-09-07 09:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-01-31 20:08 - 2011-03-16 20:10 - 000000000 ____D C:\Program Files\Hewlett-Packard
2021-01-31 20:07 - 2012-04-19 19:39 - 000000000 ____D C:\Users\r0ach\AppData\Local\Hewlett-Packard
2021-01-31 20:07 - 2011-09-07 09:09 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-01-31 20:07 - 2011-09-07 08:59 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-01-31 20:05 - 2015-01-31 19:30 - 000000000 ____D C:\AdwCleaner
2021-01-31 18:47 - 2012-11-12 12:54 - 000000000 ___RD C:\Users\r0ach\Desktop\programy
2021-01-31 17:58 - 2013-03-20 18:35 - 000000000 ____D C:\Program Files\trend micro
2021-01-31 17:46 - 2012-04-22 18:22 - 000000000 ____D C:\Users\r0ach\AppData\Local\Adobe
2021-01-28 21:21 - 2019-02-16 10:55 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-28 21:21 - 2019-02-16 10:55 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-28 21:21 - 2019-02-16 10:55 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-21 22:37 - 2010-11-21 04:27 - 000799104 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-01-11 21:28 - 2019-05-16 16:58 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-11 21:27 - 2011-09-07 09:20 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2021-01-11 18:44 - 2014-06-26 19:58 - 000000000 ____D C:\Users\r0ach\AppData\Roaming\uTorrent
2021-01-09 22:04 - 2012-04-19 23:24 - 000000000 ____D C:\Users\r0ach\Graphisoft
2021-01-09 21:47 - 2012-06-15 10:04 - 000000000 ____D C:\Users\r0ach\AppData\Roaming\Abvent_Artlantis4
2021-01-09 11:04 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-01-06 20:29 - 2019-06-04 21:11 - 000000000 ____D C:\Users\r0ach\AppData\Local\BitTorrentHelper

==================== Files in the root of some directories ========

2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\r0ach\AppData\Roaming\MafiaSetup.exe
2013-01-27 21:45 - 2017-01-22 16:52 - 000000080 _____ () C:\Users\r0ach\AppData\Roaming\mBot.ini
2012-11-06 23:34 - 2014-10-30 14:54 - 000004608 _____ () C:\Users\r0ach\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-03 21:01 - 2012-12-03 21:01 - 000004096 ____H () C:\Users\r0ach\AppData\Local\keyfile3.drm
2015-06-19 21:03 - 2015-06-19 21:03 - 000000000 _____ () C:\Users\r0ach\AppData\Local\{97AE9A67-1F5B-497E-B5FF-F10E89CBD12F}
2015-06-19 21:03 - 2015-06-19 21:03 - 000000000 _____ () C:\Users\r0ach\AppData\Local\{D4A9D6FA-4C48-488B-9B90-4E24DD72B884}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2021-01-26 23:02
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by r0ach (31-01-2021 21:31:16)
Running from C:\Users\r0ach\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-19 18:36:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-228327966-2270223930-1445267679-500 - Administrator - Disabled)
Guest (S-1-5-21-228327966-2270223930-1445267679-501 - Limited - Disabled)
r0ach (S-1-5-21-228327966-2270223930-1445267679-1000 - Administrator - Enabled) => C:\Users\r0ach

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 7.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.278 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (HKLM-x32\...\WT089362) (Version: 2.2.0.95 - WildTangent) Hidden
AIO_Scan (HKLM-x32\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Altap Salamander 4.0 (x64) (HKLM\...\Altap Salamander 4.0 (x64)) (Version: 4.0 - ALTAP)
AMD Catalyst Install Manager (HKLM\...\{84D715B0-0938-5518-9E55-127177EC3B1B}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
A-PDF Merger (HKLM-x32\...\A-PDF Merger_is1) (Version: - A-PDF.com)
Apple Software Update (HKLM-x32\...\{55FA89BD-21D3-42F7-9249-C94C0094A83C}) (Version: 1.0.0.7 - Apple Computer, Inc.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.331 - ArcSoft)
ArchiCAD 11 CZE (HKLM-x32\...\001FFFFFFF11FF00FF1101F03F02F000-R1) (Version: - )
ArchiCAD 15 R1 CZE (HKLM\...\001FFF2FFF15FF00FF1101F01F02F000-R1) (Version: 15.0 - Graphisoft)
Artlantis Studio 4.0 (HKLM\...\Artlantis Studio 4) (Version: 4.0.16 - Abvent R&D)
AuthenTec TrueAPI (HKLM\...\{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}) (Version: 1.3.0.144 - AuthenTec, Inc.) Hidden
AutoCAD 2011 - česky (HKLM\...\{5783F2D7-9001-0405-0102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2011 - česky (HKLM\...\AutoCAD 2011 - česky) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 Language Pack - česky (HKLM\...\{5783F2D7-9001-0405-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
AutoCAD 2012 - English (HKLM\...\{5783F2D7-A001-0409-0102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 Language Pack - English (HKLM\...\{5783F2D7-A001-0409-1102-0060B0CE6BBA}) (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (HKLM-x32\...\WT089453) (Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WT089498) (Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BitSpirit v3.6.0.550 Stable (HKLM-x32\...\BitSpirit_is1) (Version: - LANSPIRIT.NET)
Blackhawk Striker 2 (HKLM-x32\...\WT087328) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 2: Holidays (HKLM-x32\...\WTA-6dd35430-762e-4e47-9d5e-1395134ec46a) (Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (HKLM-x32\...\WT089308) (Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (HKLM-x32\...\WT087330) (Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.140 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-lot 2 (HKLM-x32\...\WT087335) (Version: 2.2.0.95 - WildTangent) Hidden
CADS Composite Beam Designer (HKLM-x32\...\CADS Composite Beam Designer) (Version: 3.27.319.1 - Computer And Design Services Ltd)
CADS WindLoadEngine (HKLM-x32\...\WindLoadEngine) (Version: 1.1.44.0 - Computer And Design Services Ltd)
Cake Mania (HKLM-x32\...\WT089359) (Version: 2.2.0.95 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{C13E90B0-4E1C-11DB-6784-0152EAA218BE}) (Version: 1.3 - Activision)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Composite Column Designer (HKLM-x32\...\Composite Column Designer) (Version: 1.0.69.0 - Computer And Design Services Ltd)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Cubis Creatures (HKLM-x32\...\WTA-d83de59b-906d-47e3-aa50-230c71f4accb) (Version: 3.0.2.51 - WildTangent) Hidden
Czech Soccer Manager 2002 FE (HKLM-x32\...\Czech Soccer Manager 2002 FE) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT087536) (Version: 2.2.0.95 - WildTangent) Hidden
DJ_AIO_Software (HKLM-x32\...\{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM-x32\...\{32DACAC3-6538-405D-915E-8F2D026F199C}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dora's World Adventure (HKLM-x32\...\WT087343) (Version: 2.2.0.95 - WildTangent) Hidden
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
EA SPORTS online 2007 (HKLM-x32\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version: - )
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESET NOD32 Antivirus (HKLM\...\{04E87298-12FC-47DF-99FB-A948527F3977}) (Version: 7.0.317.4 - ESET, spol s r. o.)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
F1 2011 (HKLM-x32\...\{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters) Hidden
F1 2011 (HKLM-x32\...\GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters)
F1 2013 (HKLM-x32\...\RjEyMDEz_is1) (Version: 1 - )
Farm Frenzy (HKLM-x32\...\WT089328) (Version: 2.2.0.95 - WildTangent) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FATE - The Traitor Soul (HKLM-x32\...\WT089470) (Version: 2.2.0.95 - WildTangent) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Final Drive Nitro (HKLM-x32\...\WT089504) (Version: 2.2.0.95 - WildTangent) Hidden
Game Cam 2.6.1.0 (HKLM-x32\...\Game Cam) (Version: 2.6.1.0 - Game Cam Portal, Inc.)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
GoldWave v5.67 (HKLM-x32\...\GoldWave v5.67) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.6.5260 - Gretech Corporation)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guitar Hero III (HKLM-x32\...\{0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}) (Version: 1.00.0000 - Aspyr)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
HP 3D DriveGuard (HKLM\...\{95518B59-44D9-430A-B12C-A582F18F5752}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{5E63C0AB-19B0-47D4-842E-6B324EB0614B}) (Version: 4.1.23.1 - Hewlett-Packard Company)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 3520 series Nápověda (HKLM-x32\...\{D259C419-D776-4163-B27C-19722C555237}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Documentation (HKLM-x32\...\{3C5AB11A-2DDB-49E6-9FC0-CFD88A7DDFE4}) (Version: 1.1.0.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SimplePass 2011 (HKLM-x32\...\{4741965C-AFD0-4D00-81D1-1039F96D4DC3}) (Version: 5.3.0.273 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Software Framework (HKLM-x32\...\{E7530589-81AA-40B4-8A7A-56B22DCF62EC}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM-x32\...\{579A990C-3855-4838-AF23-354CE2264BC0}) (Version: 12.18.34.21 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HWiNFO32 Version 2.39 (HKLM-x32\...\HWiNFO32_is1) (Version: 2.39 - Martin Malík - REALiX)
Chuzzle Deluxe (HKLM-x32\...\WT089454) (Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
Import souborů SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech Gaming Software 5.08 (HKLM\...\{96F1BA99-300F-4DD5-A26B-788EF63B53B1}) (Version: 5.08.146 - Logitech)
M2TS Player (HKLM-x32\...\{1ABADE06-CEC9-4A9C-B221-798207C53DEE}_is1) (Version: - m2tsplayer.com)
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.2.2614 - Macgo Inc.)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (HKLM-x32\...\WT087393) (Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mass Effect (HKLM-x32\...\Mass Effect_is1) (Version: - )
Mass Effect 2 (HKLM-x32\...\Mass Effect 2_is1) (Version: - )
Mass Effect 3 (HKLM-x32\...\Mass Effect 3_is1) (Version: - )
Mathematica Extras 8.0 (2063897) (HKLM\...\A-WIN-Extras 8.0.1 2063897_is1) (Version: 8.0.1 - Wolfram Research, Inc.)
Media Go (HKLM-x32\...\{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}) (Version: 2.1.392 - Sony)
Media Go Video Playback Engine 1.88.104.12040 (HKLM-x32\...\{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}) (Version: 1.88.104.12040 - Sony)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4999.1042 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 cs)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (HKLM-x32\...\WT089496) (Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (HKLM-x32\...\WT089484) (Version: 2.2.0.95 - WildTangent) Hidden
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WT089458) (Version: 2.2.0.95 - WildTangent) Hidden
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.8.1.14440 - Sony Computer Entertainment Inc.)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Polar Bowler (HKLM-x32\...\WT087396) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Název společnosti:) Hidden
Project CARS (HKLM-x32\...\Project CARS_is1) (Version: 1.0.1.1 - Релиз от R.G. Steamgames)
Project IGI (HKLM-x32\...\Project IGI) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PX Profile Update (HKLM-x32\...\{D459963A-7ADF-87DF-140D-A94A04B57C6A}) (Version: 1.00.1. - AMD) Hidden
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.0.14 - QUALCOMM Incorporated)
QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
Rapture3D 2.5.1 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{DBCD5E64-7379-4648-9444-8A6558DCB614}) (Version: 2.0.0 - Hewlett-Packard) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scia Licence Server (HKLM-x32\...\{E592B693-81BE-42D9-B4E4-CABC11C7B101}) (Version: 2.2.3 - Nemetschek Scia)
Shockwave (HKLM-x32\...\Shockwave) (Version: - )
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Silkroad (HKLM-x32\...\Silkroad) (Version: - )
Simt (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\2602833b666a9e0a) (Version: 1.0.1.47 - Hewlett-Packard)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Slingo Supreme (HKLM-x32\...\WT089457) (Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.206 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.206 - Sony)
Speciální aplikace Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Spotify (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelMemberDesigner (HKLM-x32\...\SteelMemberDesigner) (Version: 1.02.188.0 - Computer And Design Services Ltd)
Studie vylepšování produktu HP Deskjet 3520 series (HKLM\...\{B7AED02F-7D1B-4806-831B-C06841A282C4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
TechCON TD 7.0 - UPONOR (HKLM-x32\...\{71E4D13F-03AF-4439-99B5-D79142A1F50D}) (Version: 7.00.1115 - Your Company Name)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
Tiger Woods PGA TOUR 07 (HKLM-x32\...\{9AF46AB7-DD4C-4C74-00BC-A618C5BA1D4C}) (Version: - )
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
Validity WBF DDK (HKLM\...\{79174AF2-6CB1-42F5-981E-66DCA49391D0}) (Version: 4.3.205.0 - Validity Sensors, Inc.)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WAV MP3 Converter 4.2 Build 1259 (HKLM-x32\...\WAV MP3 Converter 4.2 Build 1259) (Version: - )
WAV MP3 Converter v4.4 build 1429 (HKLM-x32\...\{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1) (Version: - Hoo Technologies)
Web'n'walk Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2011-03-08 - Gemfor s.r.o.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00b of 2011-Jan-12 (Build 132) (Setup) - WIBU-SYSTEMS AG)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wolfram Mathematica 8 (M-WIN-L 8.0.1 2063990) (HKLM\...\M-WIN-L 8.0.1 2063990_is1) (Version: 8.0.1 - Wolfram Research, Inc.)
WSC Real 09 (HKLM-x32\...\{51AA8C3F-B316-44A8-B371-4BB6047E45DF}) (Version: 1.00.0000 - Blade Interactive Studios)
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version: - )
Základní software zařízení HP Deskjet 3520 series (HKLM\...\{7EBD8BA7-DF64-4BF9-9BC1-B0D53984FC6E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )
Zuma Deluxe (HKLM-x32\...\WT089455) (Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{C78B614F-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (Fine spol. s r.o. -> ALTAP)
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-228327966-2270223930-1445267679-1000_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-07] (EasyBits Software AS -> EasyBits Software Corp.) [File not signed]
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-02-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-02-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-09-04] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-08-09] (leshcatlabs.net -> Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2014-02-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-02-17] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-02-17] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.XFR1] => C:\Windows\system32\xfcodec64.dll [22016 2012-11-14] () [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.XFR1] => C:\Windows\SysWOW64\xfcodec.dll [36352 2012-12-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\SysWOW64\vp6vfw.dll [438272 2004-08-30] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\r0ach\Desktop\programy\Crash Bandicoot 3.lnk -> C:\game\Crash Bandicoot 3 Warped\Start.bat ()
Shortcut: C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) =============

2011-04-27 16:05 - 2011-04-27 16:05 - 001102336 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000059904 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-08 15:01 - 2013-02-20 15:03 - 000005632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Y Soft\SafeQ Client\Client\cs-CZ\SafeQ Client.resources.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 000514570 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2012-04-22 18:21 - 2012-02-17 19:55 - 000193536 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2018-10-13 21:53 - 2018-10-13 21:53 - 000172544 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c9e7ea212e2e2faf1c039ea31b8d9795\IsdiInterop.ni.dll
2012-04-21 17:41 - 2009-06-11 14:09 - 000491520 ____R () [File not signed] C:\Windows\system\CmAu106.dll
2012-10-08 15:01 - 2013-02-20 15:03 - 000683520 _____ () [File not signed] C:\Windows\System32\SafeQCairoLib64.dll
2012-10-08 15:01 - 2013-02-20 15:03 - 003798016 _____ () [File not signed] C:\Windows\System32\SAFEQVS64.DLL
2011-12-06 09:44 - 2010-12-22 20:50 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2018-02-23 07:44 - 2008-09-05 15:04 - 000155648 _____ (arcsoft) [File not signed] C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uEpg.dll
2012-04-21 17:41 - 2009-06-11 14:09 - 008126464 ____R (C-Media Corporation) [File not signed] C:\Windows\Syswow64\cm106.dll
2011-09-07 09:17 - 2011-09-07 09:17 - 000052920 _____ (EasyBits Software AS -> EasyBits Software Corp.) [File not signed] C:\Windows\SysWow64\EZUPBH~1.DLL
2013-08-15 10:07 - 2013-08-15 10:07 - 004579328 _____ (Flexera Software, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\scia\SCIA_libFNP.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000205824 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 000538112 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2009-09-20 09:19 - 2009-09-20 09:19 - 000274432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000049664 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000338432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000326144 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000150528 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2009-05-21 19:09 - 2009-05-21 19:09 - 000554496 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2011-06-14 16:07 - 2011-06-14 16:07 - 000260096 _____ (Hewlett-Packard Development Company L.P.) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HP.Mobile.Resource.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000121344 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqCPTA.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000192000 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRTA.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000105472 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqxml2.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 000174080 _____ (hxxp://sqlite.phxsoftware.com) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.Linq.dll
2018-10-13 21:53 - 2018-10-13 21:53 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6ea5ae77d3c1ce37aa53f6474eff8b90\IAStorCommon.ni.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000007168 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000032768 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000004608 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 000174592 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2011-12-06 09:44 - 2011-05-20 09:05 - 001318912 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2011-12-06 09:44 - 2010-12-22 20:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-12-06 09:44 - 2011-05-20 08:54 - 000278528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2018-10-13 21:53 - 2018-10-13 21:53 - 000225792 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\8068bd783f5fa7a023fdb49eae0ddac2\IAStorDataMgr.ni.dll
2018-10-13 21:53 - 2018-10-13 21:53 - 000491520 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4b482aaa1f1b55f1cd1b1020fa430b27\IAStorUtil.ni.dll
2017-10-03 15:43 - 2017-10-03 15:43 - 000112128 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2012-04-21 02:07 - 2012-04-21 02:07 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2012-04-22 23:18 - 2012-04-22 23:18 - 001658368 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80.DLL
2012-04-22 23:18 - 2012-04-22 23:18 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2013-06-28 08:53 - 2013-06-28 08:53 - 000161280 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-228327966-2270223930-1445267679-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {61A49B2E-2EE1-406F-9881-E51CFE488E27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {61A49B2E-2EE1-406F-9881-E51CFE488E27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-228327966-2270223930-1445267679-1000 -> {61A49B2E-2EE1-406F-9881-E51CFE488E27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-08-25] (AuthenTec, Inc. -> HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-07] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-08-25] (AuthenTec, Inc. -> HP)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-228327966-2270223930-1445267679-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-14 17:00 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-228327966-2270223930-1445267679-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\r0ach\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: Spotify => "C:\Users\r0ach\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\r0ach\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C83908C2-83C4-4CCF-95C5-8EF55079B21C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{302D6FFC-0FFA-440D-837B-E42212559C74}] => (Allow) LPort=2869
FirewallRules: [{686F365A-49E7-4F98-ADFE-6258B6907CDD}] => (Allow) LPort=1900
FirewallRules: [{80D51258-440D-4AA9-B3F9-DA7CBD6F2523}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE69FDDE-810D-437C-8B39-E594B8EEFF3D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB316B08-7F98-4DB6-93E6-523C1D523E45}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe => No File
FirewallRules: [{DCCA5EDA-EE9D-4A46-8C90-09C5092E5197}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe (EasyBits Software AS -> EasyBits Software AS)
FirewallRules: [{ED5E78A6-DEB6-4B8A-9D2B-201EF55A8B11}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2011\F1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [{8CA81DB7-9299-49EF-BEAA-CC5F8FDC7913}] => (Allow) C:\Program Files (x86)\Codemasters\F1 2011\F1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [TCP Query User{B94B40FF-C073-49BE-A640-6FC9D69C723E}C:\program files (x86)\bitspirit\bitspirit.exe] => (Allow) C:\program files (x86)\bitspirit\bitspirit.exe (LANSPIRIT.NET) [File not signed]
FirewallRules: [UDP Query User{C2B48027-EEC5-4A32-8EAB-2D4B5A0F2EB5}C:\program files (x86)\bitspirit\bitspirit.exe] => (Allow) C:\program files (x86)\bitspirit\bitspirit.exe (LANSPIRIT.NET) [File not signed]
FirewallRules: [{69724B0F-540B-452D-A44C-F658C66EA5F3}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{B89120F5-1F0E-46C4-98A5-901EC46CFB4D}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [TCP Query User{CDA0BB2B-59B3-42D7-AC70-FB0036F49C9A}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{7A7C1E6C-B250-4DBB-97AA-8863E0EF1360}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{B4EB7E73-E81F-499F-93A4-9A1C578FBFA0}C:\program files\artlantis studio 4\qtsocketserver.exe] => (Allow) C:\program files\artlantis studio 4\qtsocketserver.exe () [File not signed]
FirewallRules: [UDP Query User{5DD72913-E2FA-4EFE-9508-BCAE938689CC}C:\program files\artlantis studio 4\qtsocketserver.exe] => (Allow) C:\program files\artlantis studio 4\qtsocketserver.exe () [File not signed]
FirewallRules: [TCP Query User{FF9D1DF0-3F4E-4A73-8A80-9B3C5767720B}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{7F99B22A-0BEF-4984-AEB3-4FBD0381CBFE}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [TCP Query User{29CC1CC3-F720-4C8A-AFD2-FFAB41DB142D}C:\program files (x86)\codemasters\f1 2011\f1_2011.exe] => (Allow) C:\program files (x86)\codemasters\f1 2011\f1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [UDP Query User{3BC0FD3B-CF44-4F38-8108-37C7EDF58FE3}C:\program files (x86)\codemasters\f1 2011\f1_2011.exe] => (Allow) C:\program files (x86)\codemasters\f1 2011\f1_2011.exe (Codemasters Software Company Limited -> Codemasters)
FirewallRules: [TCP Query User{11755D73-DD82-4FF3-8126-34AE08B3F381}C:\cod2\cod2mp_s.exe] => (Allow) C:\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{A8EA2069-0AE3-41EB-AD29-4944E3BCDD1F}C:\cod2\cod2mp_s.exe] => (Allow) C:\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [{F0E65361-760E-4FFA-9BEA-B3C2931A6EA9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{E4DEDB8E-9185-43A1-A7D4-4C2A5A951914}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> )
FirewallRules: [{321799C9-BE9F-4E50-9126-9603BACA4EF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{6590AAD5-F03F-43D6-A554-7A72A7A33350}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{16DB53E8-5949-406C-9B81-1142B23E0E07}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{BA5ECBAC-A961-4741-AA8F-48CDB0901AFE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{58E8FF24-71B2-49A6-9F7A-0F7D73BAD9C7}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [UDP Query User{D4E07DFD-CB91-4E90-962C-219B7D460541}C:\program files (x86)\graphisoft\archicad 11\archicad.exe] => (Allow) C:\program files (x86)\graphisoft\archicad 11\archicad.exe (Graphisoft R&D) [File not signed]
FirewallRules: [TCP Query User{4BDA0A94-CC49-4DFF-9674-E35DCE44CD37}C:\program files (x86)\xfire2\xfire.exe] => (Allow) C:\program files (x86)\xfire2\xfire.exe (Xfire Inc -> Xfire Inc.)
FirewallRules: [UDP Query User{37CEF903-39D6-47AB-B04C-9C0A5DD92BE9}C:\program files (x86)\xfire2\xfire.exe] => (Allow) C:\program files (x86)\xfire2\xfire.exe (Xfire Inc -> Xfire Inc.)
FirewallRules: [{285DCFC3-5716-4AB3-BB15-E44C31EF8567}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{312CFF27-2591-4889-A9CB-1B65B3DD0938}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1A3F78C4-D367-480E-A08C-A3361A83EC68}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0BB7F622-7264-4544-980B-6232A5EC5CBF}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [{2A50BD13-4644-49B4-934D-D5D6A73745EB}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe (Sony Mobile Communications -> ) [File not signed]
FirewallRules: [TCP Query User{A72C1BAE-ABEA-441B-88C8-46BA84544F6E}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{5924E03E-836A-4008-8D34-17B17FC571FC}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [TCP Query User{9937E621-631A-4088-B7DE-F556FF54971C}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [UDP Query User{1ACF666B-EE12-46B3-96AD-DF3162E724A2}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [TCP Query User{B0A1EAA8-F869-44A8-BC5F-C6BC14FF160C}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [UDP Query User{0227B6F8-C811-472A-BD9D-6B6FEE8BB36D}C:\program files (x86)\aspyr\guitar hero iii\gh3.exe] => (Allow) C:\program files (x86)\aspyr\guitar hero iii\gh3.exe (Aspyr Media, Inc.) [File not signed]
FirewallRules: [TCP Query User{B17DCFD5-472C-40BC-9D1C-46BFB36A05C1}F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{96B275C1-5DDE-46B8-B739-639751A27D48}F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [TCP Query User{1392315E-AD2C-4106-9AE1-C461778DD393}C:\cod2\cod2mp_s.exe] => (Allow) C:\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{A8933595-C309-4C08-8F75-06FD124BB799}C:\cod2\cod2mp_s.exe] => (Allow) C:\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [{036D5835-80E8-4905-AB92-1D3EE77CB9AA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{100B74C0-AC35-410E-A1BF-052F53FE0F65}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{EFBC5F4B-4099-4270-94A4-9D365065AAA3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A4D175BC-BD46-48BE-88C5-4D23F56C1CCC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{D5315E3D-9131-4D8E-AAF1-A29B5C3976B4}F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{2E402E64-8A69-4A15-AE61-E623782A385C}F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) F:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [{3DB75D73-0B09-43D8-AA29-AE6D2B71CA18}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0E301D85-405A-440B-B2C7-5916776AFF04}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BB5DE559-B43A-412C-9E63-F392F3351F0D}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\Mathematica.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{C8D20F09-9635-4E6D-9B27-B86A9DF96DA6}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\Mathematica.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{B6D2A7EC-F191-468C-B603-9487203864E9}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\MathKernel.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{30A8B11B-7096-4C2F-B6F6-11D4958348B8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\MathKernel.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{122B91D0-9413-4827-BAC0-72C9CB764B02}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\math.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [{1EDABF94-AE3D-440C-843A-DA5332B142BB}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\8.0\math.exe (Wolfram Research -> Wolfram Research, Inc.)
FirewallRules: [TCP Query User{B96EEA38-B429-48E6-B157-DD14D33B26B9}C:\games\outlast\binaries\win64\olgame.exe] => (Allow) C:\games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{F1798FEE-FE3A-4A66-B55D-8D5469FD022E}C:\games\outlast\binaries\win64\olgame.exe] => (Allow) C:\games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [TCP Query User{BDC700D5-EF0E-4CCC-93B2-A6CD72133C83}C:\games\outlast\binaries\win64\olgame.exe] => (Allow) C:\games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{BEA64CF1-46F8-4E1A-B212-63EA9ED0567B}C:\games\outlast\binaries\win64\olgame.exe] => (Allow) C:\games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [{B3CD31BA-DA06-4867-A3A2-1134BAB27214}] => (Allow) C:\Program Files (x86)\BitSpirit\BitSpirit.exe (LANSPIRIT.NET) [File not signed]
FirewallRules: [{087C0A3E-99EE-4123-8712-751661C077CD}] => (Allow) C:\Program Files (x86)\BitSpirit\BitSpirit.exe (LANSPIRIT.NET) [File not signed]
FirewallRules: [{2506C896-DA92-4B1A-AA61-4D2F57A42DBF}] => (Allow) C:\Users\r0ach\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{143A2D77-8B83-4DF4-9342-6487BB0AC298}] => (Allow) C:\Users\r0ach\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{343DBA13-9FE3-467D-B5D3-66112F19441D}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{19E498B7-7201-4D86-A785-EB24E015A0F3}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{7798A9D0-5026-4FBA-AE00-96FEEDEE7E64}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{30D27C91-2294-4E98-874D-DC15FF08D54F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [TCP Query User{BC28189D-EA0B-4C14-916E-6BE2AB5C156B}C:\program files (x86)\steam\steam.exe] => (Block) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{D9B0E017-3E0D-415D-9571-82BC913B1C13}C:\program files (x86)\steam\steam.exe] => (Block) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{97956E82-C1FB-44D7-BCAD-BF4230BFA917}] => (Allow) LPort=50248
FirewallRules: [{2FB55683-4B02-417C-83BD-FDC33D242F48}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe (Graphisoft SE) [File not signed]
FirewallRules: [{ED035916-7D8E-4574-9575-A1B1F352E2E8}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe (Graphisoft SE) [File not signed]
FirewallRules: [{250CCC84-FA3F-4A78-B02A-B9B55D705980}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe (Graphisoft SE) [File not signed]
FirewallRules: [{1A84B59B-3C34-4967-853B-3040A54D0B58}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe (Graphisoft SE) [File not signed]
FirewallRules: [TCP Query User{E507E1E7-A723-4B4F-99DB-04082C54336E}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe (Graphisoft SE) [File not signed]
FirewallRules: [UDP Query User{33BC5E72-5442-4FE5-81A8-04262D5D9E74}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe (Graphisoft SE) [File not signed]
FirewallRules: [TCP Query User{25D9902C-1391-45C9-A9FB-2BDC8A7D7BDF}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe (Graphisoft SE) [File not signed]
FirewallRules: [UDP Query User{8ED1C873-4F50-44A0-A4E5-1211C7CB9B07}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe (Graphisoft SE) [File not signed]
FirewallRules: [TCP Query User{210185C1-475C-4EAD-A484-7DBD3501542B}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Block) C:\program files\graphisoft\archicad 15\gsreport.exe (Graphisoft SE) [File not signed]
FirewallRules: [UDP Query User{F62C812E-6156-44C9-AC75-951B89A44290}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Block) C:\program files\graphisoft\archicad 15\gsreport.exe (Graphisoft SE) [File not signed]
FirewallRules: [{A3196CBE-0A60-4E0F-A4F8-6BBB3F191940}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{5662D78A-A18B-4ED4-9A5E-E74280A9AC1A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{EB513B82-C7D4-43B2-A70B-59720EA1E1F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{C9D645A8-773C-4DE6-8F13-D22DF3DA5981}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{6318231A-F9CD-41C7-973F-CD357C2EF825}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{395D92CA-1FE4-457A-9A7D-3E9DD629FEB2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{429D482C-4115-4FE7-916C-0D2CD790231B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{9FA14455-0339-4C5B-B696-B56B8EB51FA5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{6084F344-866C-4BF3-8A7D-D054A5814A23}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{D9C98B9B-7DE2-40EB-B4C4-A8ED512C097E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{7EF4D6C0-47DD-4C6C-9842-46B8337A5E56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{4177BA3E-B429-493C-88BC-8CE9A857FDF9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe (Hewlett Packard -> Hewlett-Packard Development Co. L.P.)
FirewallRules: [{9142DF09-7CC4-4F16-9C7F-6F3CE5FBDE29}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{259D9438-8EC2-4F0E-BE53-401F120D1953}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{C893F162-B57B-4347-A02B-75EF4DFAF562}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{54DF7197-1B82-4A41-9DCF-AAA3E74DF13F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{794E406E-0BAA-400E-B0E0-DEAC63DFDFA0}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{843CEDBE-7BC8-40F6-B218-638C9FEC3CAA}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{C774DB46-9F28-4C8D-8D49-385DC356F2F4}C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{E647774F-414E-4340-AFAB-919CD90638B8}C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [{6E478770-2721-4881-A7D5-8EE5CD02E332}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FDB30F1C-5C91-44A9-B376-B4FA8490222E}C:\users\r0ach\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r0ach\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C123DA76-3BF5-4071-88B0-DE6960E0A8AA}C:\users\r0ach\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\r0ach\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{438AC198-EB3C-4E33-A3E6-1CF10E0FB281}C:\users\r0ach\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\r0ach\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{3210E29D-7EA8-4D19-B9B0-97566F305B9C}C:\users\r0ach\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\r0ach\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9A732765-AAF8-4191-842C-203DB7930745}C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{FF000007-D058-49D6-8504-23E8020E5672}C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\_flash_\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{627056F2-198B-46CC-8943-448B50AF352B}C:\users\r0ach\desktop\plocha\silko\1\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\1\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{42E8E4F5-84B7-427B-BE6D-C4EC07A200CF}C:\users\r0ach\desktop\plocha\silko\1\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\1\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{546AB50B-7B40-4E69-B219-1381F5C034E4}C:\users\r0ach\desktop\plocha\silko\sro eu\1\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\sro eu\1\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{45FA17B1-10FE-4FA5-9C7C-F4919CCEA7D9}C:\users\r0ach\desktop\plocha\silko\sro eu\1\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\plocha\silko\sro eu\1\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{8A4E752A-3881-4092-99F9-D1E0790ADA3F}C:\users\r0ach\desktop\bot\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{B1A33790-AB8E-436F-96F8-DC730C80561A}C:\users\r0ach\desktop\bot\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{64537A2A-7E42-4065-87B8-E21DFB545AE1}C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{BE82B790-7004-4731-8AC4-24B032531D6A}C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{F0255AF2-0484-4092-AD8D-A3EFEECE14FD}C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{8D65F3CB-7665-45A9-8C8A-423876B48E7C}C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{E8F50E29-753C-4D52-9C1B-3C33762F9AC2}C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{CB2FCF26-F875-42DF-9926-E385F1C951F2}C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\new mbot 2016 cracked\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{BE34D8E6-27EE-4862-B3A6-AA5540CBC936}C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{164C73A7-9626-4892-811C-754D1086125C}C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{01B32461-C4E6-4477-8C5F-DFFE1337420F}C:\users\r0ach\desktop\zk\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\zk\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{7D76E153-86BA-4E88-99DC-F0369031852D}C:\users\r0ach\desktop\zk\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\zk\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{42189582-8475-4121-A5A9-EA37438EA38C}C:\users\r0ach\desktop\bot\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{CC56E06E-FFE8-405F-BD4F-AA47F3D5A95E}C:\users\r0ach\desktop\bot\dvorka\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\dvorka\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{38B25A73-AC90-4A4E-A68A-78AB24D7FDCE}C:\users\r0ach\desktop\bot\maxb\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\maxb\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{E93785E5-AC05-4108-B476-E672DC055B53}C:\users\r0ach\desktop\bot\maxb\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\maxb\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{0993DA11-5E36-440A-8027-EFC82214F6A4}C:\users\r0ach\desktop\bot\digi\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\digi\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [UDP Query User{87A2B0A5-E3E9-4714-AE0B-7C310F109401}C:\users\r0ach\desktop\bot\digi\mbot_vsro110.exe] => (Allow) C:\users\r0ach\desktop\bot\digi\mbot_vsro110.exe (Botter's Heaven) [File not signed]
FirewallRules: [TCP Query User{BFBDDED6-3A87-4E46-BC7E-E2C423CBB19E}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Allow) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [UDP Query User{F3316214-2034-48B5-A739-0BD2F252AF8B}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Allow) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [TCP Query User{0D4E0C16-339C-471E-B1BE-F78BBB725319}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Allow) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [UDP Query User{E9403DD4-8A1F-40E8-9C2C-893C07532401}C:\program files (x86)\mass effect 2\binaries\masseffect2.exe] => (Allow) C:\program files (x86)\mass effect 2\binaries\masseffect2.exe (BioWare -> BioWare) [File not signed]
FirewallRules: [TCP Query User{0A862FF9-91BF-416C-A5B4-EE3B9F953D3E}C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe] => (Block) C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe (BioWare) [File not signed]
FirewallRules: [UDP Query User{A4FD2511-0854-47D3-820B-7F2816FA41D9}C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe] => (Block) C:\program files (x86)\mass effect 3\binaries\win32\masseffect3.exe (BioWare) [File not signed]
FirewallRules: [{839891C6-066E-4CB6-ABA3-01D6C26FAFB3}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{24497FD5-02DE-4BB9-83E0-DEFED9F47C77}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{4C38089A-F1F7-45DB-AE63-D88213D0FEC6}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{E93901F0-2098-4082-B190-3A84197253AE}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{A3B43D9F-BFC2-46BB-AF2C-847AAF8423A5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3369DC1-2ADE-4C01-BD4C-4B6CD8B3CBD4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CE29A7EB-AC1C-4CA7-B3A3-6928F03EE0A0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{E3C8F96B-35D4-48A7-B9B2-45148C91A15A}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{A50BD04B-2EF6-470D-8647-DBB811E63480}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerRecover\ApowerRecover.exe => No File
FirewallRules: [{65133820-DF30-48F8-A90F-F6341BB7F4DA}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerRecover\ApowerRecover.exe => No File
FirewallRules: [{FB14B126-0D1B-4C70-9079-EC39EE1D00DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-01-2021 15:09:58 Naplánovaný kontrolní bod
16-01-2021 23:30:00 Windows Update
20-01-2021 23:02:05 Windows Update
26-01-2021 23:02:33 Windows Update
31-01-2021 19:56:33 Windows Update
31-01-2021 20:06:41 AdwCleaner_BeforeCleaning_31/01/2021_20:06:39
31-01-2021 20:24:48 Removed PHS100

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/31/2021 08:39:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Manager.exe, verze: 2011.3.8.0, časové razítko: 0x4d766ca1
Název chybujícího modulu: WINTRUST.dll, verze: 6.1.7601.23971, časové razítko: 0x5a26d2c0
Kód výjimky: 0xc0000005
Posun chyby: 0x000043b8
ID chybujícího procesu: 0x13bc
Čas spuštění chybující aplikace: 0x01d6f8081667f43a
Cesta k chybující aplikaci: C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\WINTRUST.dll
ID zprávy: 18452f26-63fc-11eb-917b-082e5f7f20d3

Error: (01/31/2021 08:34:09 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed

Error: (01/31/2021 08:34:09 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Too many failures while downloading ranges: 2

Error: (01/31/2021 08:33:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/31/2021 08:21:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Manager.exe, verze: 2011.3.8.0, časové razítko: 0x4d766ca1
Název chybujícího modulu: WINTRUST.dll, verze: 6.1.7601.23971, časové razítko: 0x5a26d2c0
Kód výjimky: 0xc0000005
Posun chyby: 0x000043b8
ID chybujícího procesu: 0x1194
Čas spuštění chybující aplikace: 0x01d6f8057f1914de
Cesta k chybující aplikaci: C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\WINTRUST.dll
ID zprávy: 8379ffee-63f9-11eb-91d8-082e5f7f20d3

Error: (01/31/2021 08:17:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CCleaner.exe, verze: 5.75.0.8238, časové razítko: 0x5fcf7f8b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80000002
Posun chyby: 0x77c78658
ID chybujícího procesu: 0x17ac
Čas spuštění chybující aplikace: 0x01d6f8059458bf50
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 0505026c-63f9-11eb-91d8-082e5f7f20d3

Error: (01/31/2021 08:15:30 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed

Error: (01/31/2021 08:15:30 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Too many failures while downloading ranges: 2


System errors:
=============
Error: (01/31/2021 08:09:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/31/2021 08:09:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/31/2021 08:08:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Instalační služba modulů systému Windows neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (01/31/2021 08:08:59 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba TrustedInstaller se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (01/31/2021 08:08:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/31/2021 08:08:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/31/2021 08:07:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Software Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/31/2021 08:07:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-10-11 20:21:48.116
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{30CAAF3B-8532-46CA-8A4D-737073109DC2}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-05-19 11:42:06.395
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{9D3891B9-3FE2-463C-B6AB-F6E9AE169C19}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-11-08 21:42:37.811
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{49C94C0A-BB90-4877-8D39-54E2C3663545}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2019-02-15 23:48:59.137
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2019-02-15 23:48:59.126
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.219.1973.0
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.12603.0
Předchozí verze modulu:
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2019-02-15 23:48:59.125
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.12603.0
Předchozí verze modulu:
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2019-02-15 21:42:09.574
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2019-02-15 21:42:09.545
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.219.1973.0
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.12603.0
Předchozí verze modulu:
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===================================

Date: 2019-02-15 21:09:31.659
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:31.406
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:26.389
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:26.142
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:17.583
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:17.323
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:07.578
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-15 21:09:07.321
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Hewlett-Packard F.19 05/21/2012
Motherboard: Hewlett-Packard 17FA
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 62%
Total physical RAM: 6091.86 MB
Available physical RAM: 2279.41 MB
Total Virtual: 12181.86 MB
Available Virtual: 8135.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:680.02 GB) (Free:54.49 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:18.32 GB) (Free:1.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (EVOLVE) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
Drive h: (ME3t2k9) (CDROM) (Total:3.37 GB) (Free:0 GB) UDF

\\?\Volume{242627b8-8a4e-11e1-b154-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS
\\?\Volume{242627bb-8a4e-11e1-b154-806e6f6e6963}\ (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 8E04C78E)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=680 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118274
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Policies\Explorer: []
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Task: {1438031D-6E1D-457C-94ED-F548340C5FC3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ec1ac2a04079 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {15E6A115-9239-4C97-8D0A-8F6DDF3310A8} - System32\Tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {20611F66-F2AB-4EC6-807A-8C1A7B5EC169} - System32\Tasks\{EE43621C-CBDD-46A3-BDCA-0DFFE7E67645} => C:\Windows\system32\pcalua.exe -a C:\Users\r0ach\Desktop\Roadpac\HINSTALL7.EXE -d C:\Users\r0ach\Desktop\Roadpac
Task: {4D57D9E8-E339-41C6-A17E-E234E14BF27A} - System32\Tasks\{81BFD324-BA9B-4BB3-8351-09E28324C552} => C:\Windows\system32\pcalua.exe -a C:\Users\r0ach\Desktop\Roadpac\HINSTALL.EXE -d C:\Users\r0ach\Desktop\Roadpac
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\r0ach\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\r0ach\AppData\Local\{97AE9A67-1F5B-497E-B5FF-F10E89CBD12F}
C:\Users\r0ach\AppData\Local\{D4A9D6FA-4C48-488B-9B90-4E24DD72B884}
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-228327966-2270223930-1445267679-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FirewallRules: [{BB316B08-7F98-4DB6-93E6-523C1D523E45}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe => No File
FirewallRules: [TCP Query User{FF9D1DF0-3F4E-4A73-8A80-9B3C5767720B}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{7F99B22A-0BEF-4984-AEB3-4FBD0381CBFE}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [TCP Query User{A72C1BAE-ABEA-441B-88C8-46BA84544F6E}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{5924E03E-836A-4008-8D34-17B17FC571FC}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [{A50BD04B-2EF6-470D-8647-DBB811E63480}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerRecover\ApowerRecover.exe => No File
FirewallRules: [{65133820-DF30-48F8-A90F-F6341BB7F4DA}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerRecover\ApowerRecover.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r0ach
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 19 bře 2013 01:58

Re: Kontrola logu

#7 Příspěvek od r0ach »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by r0ach (31-01-2021 22:25:16) Run:1
Running from C:\Users\r0ach\Desktop
Loaded Profiles: r0ach
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-228327966-2270223930-1445267679-1000\...\Policies\Explorer: []
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Task: {1438031D-6E1D-457C-94ED-F548340C5FC3} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ec1ac2a04079 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {15E6A115-9239-4C97-8D0A-8F6DDF3310A8} - System32\Tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {20611F66-F2AB-4EC6-807A-8C1A7B5EC169} - System32\Tasks\{EE43621C-CBDD-46A3-BDCA-0DFFE7E67645} => C:\Windows\system32\pcalua.exe -a C:\Users\r0ach\Desktop\Roadpac\HINSTALL7.EXE -d C:\Users\r0ach\Desktop\Roadpac
Task: {4D57D9E8-E339-41C6-A17E-E234E14BF27A} - System32\Tasks\{81BFD324-BA9B-4BB3-8351-09E28324C552} => C:\Windows\system32\pcalua.exe -a C:\Users\r0ach\Desktop\Roadpac\HINSTALL.EXE -d C:\Users\r0ach\Desktop\Roadpac
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\r0ach\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\r0ach\AppData\Local\{97AE9A67-1F5B-497E-B5FF-F10E89CBD12F}
C:\Users\r0ach\AppData\Local\{D4A9D6FA-4C48-488B-9B90-4E24DD72B884}
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-228327966-2270223930-1445267679-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
FirewallRules: [{BB316B08-7F98-4DB6-93E6-523C1D523E45}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe => No File
FirewallRules: [TCP Query User{FF9D1DF0-3F4E-4A73-8A80-9B3C5767720B}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{7F99B22A-0BEF-4984-AEB3-4FBD0381CBFE}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [TCP Query User{A72C1BAE-ABEA-441B-88C8-46BA84544F6E}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [UDP Query User{5924E03E-836A-4008-8D34-17B17FC571FC}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe] => (Allow) G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe => No File
FirewallRules: [{A50BD04B-2EF6-470D-8647-DBB811E63480}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerRecover\ApowerRecover.exe => No File
FirewallRules: [{65133820-DF30-48F8-A90F-F6341BB7F4DA}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerRecover\ApowerRecover.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-228327966-2270223930-1445267679-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1438031D-6E1D-457C-94ED-F548340C5FC3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1438031D-6E1D-457C-94ED-F548340C5FC3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d1ec1ac2a04079 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d1ec1ac2a04079" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{15E6A115-9239-4C97-8D0A-8F6DDF3310A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15E6A115-9239-4C97-8D0A-8F6DDF3310A8}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0924f7e399f12 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d0924f7e399f12" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20611F66-F2AB-4EC6-807A-8C1A7B5EC169}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20611F66-F2AB-4EC6-807A-8C1A7B5EC169}" => removed successfully
C:\Windows\System32\Tasks\{EE43621C-CBDD-46A3-BDCA-0DFFE7E67645} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE43621C-CBDD-46A3-BDCA-0DFFE7E67645}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D57D9E8-E339-41C6-A17E-E234E14BF27A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D57D9E8-E339-41C6-A17E-E234E14BF27A}" => removed successfully
C:\Windows\System32\Tasks\{81BFD324-BA9B-4BB3-8351-09E28324C552} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{81BFD324-BA9B-4BB3-8351-09E28324C552}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\Users\r0ach\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\r0ach\AppData\Local\{97AE9A67-1F5B-497E-B5FF-F10E89CBD12F} => moved successfully
C:\Users\r0ach\AppData\Local\{D4A9D6FA-4C48-488B-9B90-4E24DD72B884} => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt1" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt2" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt3" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt4" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt5" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt6" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt7" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt8" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-228327966-2270223930-1445267679-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\skypec2c => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB316B08-7F98-4DB6-93E6-523C1D523E45}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FF9D1DF0-3F4E-4A73-8A80-9B3C5767720B}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7F99B22A-0BEF-4984-AEB3-4FBD0381CBFE}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A72C1BAE-ABEA-441B-88C8-46BA84544F6E}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5924E03E-836A-4008-8D34-17B17FC571FC}G:\hry\atari (pc)\test drive unlimited\testdriveunlimited.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A50BD04B-2EF6-470D-8647-DBB811E63480}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{65133820-DF30-48F8-A90F-F6341BB7F4DA}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17109917 B
Java, Flash, Steam htmlcache => 422 B
Windows/system/drivers => 14186071 B
Edge => 0 B
Chrome => 53224507 B
Firefox => 4604919 B
Opera => 225929 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 115524 B
LocalService => 165156 B
NetworkService => 472502 B
r0ach => 315128642 B

RecycleBin => 34372376981 B
EmptyTemp: => 32.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:26:03 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118274
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
r0ach
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 19 bře 2013 01:58

Re: Kontrola logu

#9 Příspěvek od r0ach »

Ano, reakce jsou výrazně lepší.
Mockrát děkuji.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118274
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#10 Příspěvek od Rudy »

To jsem rád a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“