VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím kontrolu

https://forum.viry.cz:443/viewtopic.php?t=153132

Stránka 1 z 1

Prosím kontrolu

Napsal: 03 lis 2017 20:27
od Duge77
Neustále se při rozklikávání dalších stránek v mozzile přesměrovává na jiné stránky, většinou sprosté
prosímm pomoc
Děkuji...

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by OEM (03-11-2017 20:23:25)
Running from C:\Users\OEM\Downloads
Windows 10 Home Version 1703 15063.674 (X64) (2017-06-25 07:17:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2397228066-33011197-2458139791-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2397228066-33011197-2458139791-503 - Limited - Disabled)
Guest (S-1-5-21-2397228066-33011197-2458139791-501 - Limited - Disabled)
OEM (S-1-5-21-2397228066-33011197-2458139791-1001 - Administrator - Enabled) => C:\Users\OEM
Pc (S-1-5-21-2397228066-33011197-2458139791-1003 - Administrator - Enabled) => C:\Users\Pc

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Aktualizace NVIDIA 2.13.0.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.2.4.1118 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BeamNG.drive v0.9.0.5 (HKLM-x32\...\vsetop.com BeamNG.drive v0.9.0.5_is1) (Version: 0.9.0.5 - VseTop.Com)
Bus Simulator 16 (HKLM-x32\...\Bus Simulator 16_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Car Mechanic Simulator 2015 v.1.1.6.0 (HKLM-x32\...\Car Mechanic Simulator 2015_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
City Car Driving (HKLM-x32\...\City Car Driving_is1) (Version: 1.5.4 - )
City Life Deluxe (HKLM-x32\...\{8789AED5-8F11-4922-8AF8-F1BCB824F681}_is1) (Version: 2.0 - US - ACTION, s.r.o.)
Counter-Strike Global Offensive No-Steam (HKLM\...\Counter-Strike Global Offensive_is1) (Version: 1.35.8.9 - Valve Software)
CSGO WaRzOnE (HKLM-x32\...\{2F939E80-8D55-4E2E-BBA4-06AFCB9FA75C}) (Version: 1.35.6.3 - Warzone) Hidden
CSGO WaRzOnE (HKLM-x32\...\CSGO WaRzOnE 1.35.6.3) (Version: 1.35.6.3 - Warzone)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0190 - Disc Soft Ltd)
Dynamic Photo HDR 6 version 6.02 (HKLM\...\{8B0A6522-0432-4240-B08B-4C293C9E29B8}_is1) (Version: 6.02 - Mediachance.com)
EA Download Manager (HKLM-x32\...\EADM) (Version: 7.2.0.32 - Electronic Arts, Inc.)
Euro Truck Simulator v.1.28.1.2s (HKLM-x32\...\Euro Truck Simulator_is1) (Version: - )
Euro.Truck.Simulator.2.[v1.25.2.5.Incl.44DLC]-ALI213 verze 1.25.2.5 (HKLM-x32\...\{4F25A362-ADD4-4397-B952-48E066D0E509}}_is1) (Version: 1.25.2.5 - Ali213.net)
Farming Simulator 17 v.1.4.4 (HKLM-x32\...\Farming Simulator 17_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LEGO Worlds (HKLM-x32\...\LEGO Worlds_is1) (Version: 1.0.0.2 - TT Games)
LibreOffice 5.2.3.3 (HKLM-x32\...\{30605C95-A3A0-4A08-AD58-9AE7ABA47B70}) (Version: 5.2.3.3 - The Document Foundation)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24516 (HKLM\...\{6B66663C-055F-3A2E-A09D-168840A82362}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24516 (HKLM\...\{EE6E34BF-D825-384C-AFF5-305DF5CFAF5A}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24516 (HKLM-x32\...\{B4EB15A2-6582-346E-8501-B6E907F23B80}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24516 (HKLM-x32\...\{7B82F823-A226-3463-B438-AF4DDDE2B810}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft Story Mode (HKLM-x32\...\{4F87D0C7-1FC6-4F5E-84EA-DE6B4FE62E98}_is1) (Version: 2015.10.14.736 - Telltale Games)
Minecraft1.8.3 (HKLM-x32\...\Minecraft1.8.3) (Version: - )
Mozilla Firefox 56.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 56.0.2 (x64 cs)) (Version: 56.0.2 - Mozilla)
Nero 9 Essentials (HKLM-x32\...\{f815c584-9b26-4416-8696-358f1c53090c}) (Version: - Nero AG)
NVIDIA GAME System Software 2.8.1 (HKLM-x32\...\{4F0C7CCF-5666-474B-B02E-AC514A95EC93}) (Version: 2.8.1 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{F9835182-794B-4F24-902A-E2CA9D43380F}) (Version: 9.10.0512 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenIV (HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\OpenIV) (Version: 2.9.907 - .black/OpenIV Team)
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.0.22.32360 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{0E25DE98-E56E-4259-B554-F1360BB2DC22}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{EE01D8D7-2DD0-4C43-BF42-D9C8FC8DAE99}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{4DC94B75-B036-474D-8AC8-E2D055C95FBD}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.3 - pdfforge GmbH)
Police Force (HKLM-x32\...\Die Polizei) (Version: - Quadriga Games GmbH)
PRO100 (HKLM-x32\...\{B3DBB43D-9451-45D0-B5A9-6413C98D091B}) (Version: 1.0.0 - Ecru)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7524 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Simulátor stavby - Jeřáb (HKLM-x32\...\Simulátor stavby - Jeřáb_is1) (Version: 1.0 - TopQer s.r.o.)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
VariCAD 2013-2.07 CZ (HKLM\...\VariCAD_20130303_CZ) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
War Thunder Launcher 1.0.3.24 (HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2397228066-33011197-2458139791-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-07-05] (pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2397228066-33011197-2458139791-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03AD68CD-DA13-44EE-ABF0-8EF940CCDDC4} - System32\Tasks\Opera scheduled Autoupdate 1489419573 => C:\Users\OEM\AppData\Local\Programs\Opera\launcher.exe
Task: {11027CC5-5EA4-4B47-8992-B6425598125A} - System32\Tasks\Mafoing Cache => C:\Program Files (x86)\Stjaward\yaupdcache.exe [2017-06-04] ()
Task: {1A805225-0739-45CD-A301-A3AA85830412} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-B9R7BG1-OEM => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {21AD7680-CDBD-4A32-BFC6-1E399D448EDD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-11] (AVAST Software)
Task: {23FB0A7E-3C5C-4546-B974-5912F82312DD} - System32\Tasks\{A7A0E2AC-773F-415F-985F-06EB16A7B8A5} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.37.0.103/cs/abandoninstall?source=lightinstaller&page=tsBing
Task: {309C9A93-AB07-4B2B-B41B-928BA245C449} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {4FDD0271-C7F1-41D4-9DE1-C92895315750} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {54CBBA2D-92FD-4BFB-8F11-D5269F6D9A87} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {58F636BC-B074-46CD-A9BD-141042255A17} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {755D8822-3E6E-4368-BA08-9F8171E53E1F} - System32\Tasks\{9C638A81-8D09-4C4F-9970-EAB69C3D0EC2} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\AdobeAAMUpdater-1.0-DESKTOP-B9R7BG1-OEM" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Mafoing Cache" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task v2" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2397228066-33011197-2458139791-1001" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1489419573" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\SafeZone scheduled Autoupdate 1482692995" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{2651F355-5BC6-4DAF-B336-4FE9F6497238}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\{9C638A81-8D09-4C4F-9970-EAB69C3D0EC2}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\{A7A0E2AC-773F-415F-985F-06EB16A7B8A5}" /ENABLE
Task: {870E2064-7D61-4544-8F08-EC8D5098849F} - C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {8963873A-1605-4C07-8721-4B46E4998880} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {A6D2DCCB-C3EA-414C-B14F-D5F9A24084B4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {AA5A34C2-9EAA-4DC6-B64F-6BB9060C361A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-11] (Google Inc.)
Task: {C19C48ED-FB8A-4AE3-AE97-FB61E36D8686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-11] (Google Inc.)
Task: {CE55F622-C3F9-4D9A-AC80-CA91DECCC4A5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {D351981E-A1CD-4E5D-BF92-C33F29D9079B} - System32\Tasks\SafeZone scheduled Autoupdate 1482692995 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {DFD881B7-F0A6-497C-B2EA-5D27724A161E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\OEM\Desktop\(64х)Euro Truck Simulator.lnk -> C:\Games\Euro Truck Simulator\bin\win_x64\eurotrucks2.exe (SCS Software) <==== Cyrillic
Shortcut: C:\Users\OEM\Desktop\(64х)Farming Simulator 17.lnk -> D:\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH) <==== Cyrillic
Shortcut: C:\Users\OEM\Desktop\WARFACE UPDATE\(32х)Farming Simulator 17.lnk -> D:\Farming Simulator 17\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH) <==== Cyrillic
Shortcut: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\OEM\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Loaded Modules (Whitelisted) ==============

2016-12-01 09:53 - 2016-11-17 14:46 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-01 09:53 - 2016-11-17 14:46 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-12-01 09:54 - 2016-11-17 14:46 - 000420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-11-28 14:51 - 2016-11-28 14:51 - 000075064 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-06-25 08:10 - 2017-05-01 21:51 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-12 19:10 - 2014-11-02 18:45 - 000029184 _____ () C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-19 15:22 - 2017-10-19 15:23 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-19 15:22 - 2017-10-19 15:23 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-19 15:22 - 2017-10-19 15:23 - 025446400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-19 15:22 - 2017-10-19 15:23 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-10-19 15:22 - 2017-10-19 15:23 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-09-16 08:36 - 2017-09-16 08:36 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11709.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000770560 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
2017-11-03 16:35 - 2017-11-03 16:35 - 000016384 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_33.34.30002.0_x64__8wekyb3d8bbwe\XboxApp.exe
2017-11-03 16:35 - 2017-11-03 16:35 - 033914368 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_33.34.30002.0_x64__8wekyb3d8bbwe\XboxApp.dll
2017-09-27 15:16 - 2017-09-27 15:16 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_33.34.30002.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-11-28 11:01 - 2016-11-28 11:01 - 001651112 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_33.34.30002.0_x64__8wekyb3d8bbwe\winsdkfb.dll
2017-07-05 17:59 - 2017-07-05 17:59 - 000199680 _____ () C:\Program Files\PDF Architect 5\libidn.dll
2017-10-11 15:52 - 2017-10-11 15:52 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-09-27 15:13 - 2017-09-21 08:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-27 15:13 - 2017-09-21 08:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2016-12-01 09:54 - 2016-11-17 14:46 - 000020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-12-01 09:53 - 2016-11-17 14:46 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-01 09:53 - 2016-11-17 14:46 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-10-11 15:52 - 2017-10-11 15:52 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-10-11 15:52 - 2017-10-11 15:52 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-07-09 11:38 - 2017-07-09 11:38 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-10-11 15:52 - 2017-10-11 15:52 - 000217088 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-10-11 15:52 - 2017-10-11 15:52 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-10-11 15:52 - 2017-10-11 15:52 - 000234280 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-10-11 15:52 - 2017-10-11 15:52 - 000700656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-10-16 05:14 - 2015-10-16 05:14 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000156672 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000394752 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000013824 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000796160 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\System_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000039424 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000680448 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000114688 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 060634941 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000015374 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000930304 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000863744 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000081408 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000095744 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\z_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000361472 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000092160 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WRTBridge_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000086528 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000053760 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000839168 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 204953421 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\App.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 000456192 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll
2017-10-15 17:40 - 2017-10-15 17:41 - 006611763 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\JavaScriptCore_osmeta.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2017-07-09 17:51 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2397228066-33011197-2458139791-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\StartupApproved\Run: => "WarThunderLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{E4CB3E11-76AC-4242-BD90-7235650E10CF}D:\game\city car driving\bin\win32\starter.exe] => (Allow) D:\game\city car driving\bin\win32\starter.exe
FirewallRules: [TCP Query User{69550274-4BA0-40AE-AA72-A1C5EB7FCB6F}D:\game\city car driving\bin\win32\starter.exe] => (Allow) D:\game\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{CBB3528A-609D-42FB-9C10-1C60AE4C6824}D:\game\spintires\spintires.exe] => (Allow) D:\game\spintires\spintires.exe
FirewallRules: [TCP Query User{3708FE58-28F9-44A9-B39C-F67B00696259}D:\game\spintires\spintires.exe] => (Allow) D:\game\spintires\spintires.exe
FirewallRules: [UDP Query User{3B485E1B-0603-4084-9003-D5992A315593}D:\game\gamebeasts\farming.simulator.17-3dm\farming simulator 17\x64\farmingsimulator2017game.exe] => (Allow) D:\game\gamebeasts\farming.simulator.17-3dm\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [TCP Query User{902069FF-A84F-460D-8C3E-838EA11569FF}D:\game\gamebeasts\farming.simulator.17-3dm\farming simulator 17\x64\farmingsimulator2017game.exe] => (Allow) D:\game\gamebeasts\farming.simulator.17-3dm\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [{86EAFF26-642C-45D1-A27E-CB02CE167083}] => (Allow) D:\GAME\GareysMod\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{E41E4011-BBCC-4D61-83C3-5E3FACACA624}] => (Allow) D:\GAME\GareysMod\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{E2FC278F-BB99-4CAB-BACF-0974333AB073}] => (Allow) D:\GAME\GareysMod\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{031F2237-F052-4861-914A-9099779A0B77}] => (Allow) D:\GAME\GareysMod\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [UDP Query User{92A0F992-5D43-4735-B1DA-4280245E226F}D:\game\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe] => (Allow) D:\game\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe
FirewallRules: [TCP Query User{31BFB3C4-33D1-4021-839F-DAC803217FA0}D:\game\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe] => (Allow) D:\game\beamng.drive v0.9.0.5\bin64\beamng.drive.x64.exe
FirewallRules: [UDP Query User{B81B1B31-7FBE-4CEF-8F41-A2C28932C97E}D:\game\far cry primal\bin\fcprimal.exe] => (Allow) D:\game\far cry primal\bin\fcprimal.exe
FirewallRules: [TCP Query User{6375F465-CC41-4C5F-9C92-E0A8162DDCFE}D:\game\far cry primal\bin\fcprimal.exe] => (Allow) D:\game\far cry primal\bin\fcprimal.exe
FirewallRules: [{7E4F4B04-32E5-4213-B6B2-2834E8927197}] => (Allow) D:\GAME\GareysMod\steamapps\common\DCSWorld\Run.exe
FirewallRules: [{158D7809-9647-4407-8B23-575E450415B3}] => (Allow) D:\GAME\GareysMod\steamapps\common\DCSWorld\Run.exe
FirewallRules: [{86ABE171-D0DF-44F9-9BA2-E756E6112E85}] => (Allow) C:\Users\OEM\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{97E2FBFB-577F-4845-B976-C9AE1F598A2E}] => (Allow) C:\Users\OEM\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1199216D-0240-4A47-9E2F-F0CCA7C90A7F}] => (Allow) D:\GAME\GareysMod\steamapps\common\Sniper Elite 4 Dedicated Server\bin\SniperElite4_Dedicated.exe
FirewallRules: [{05929F82-3EDB-4ADE-A596-66B0C4C1FCC1}] => (Allow) D:\GAME\GareysMod\steamapps\common\Sniper Elite 4 Dedicated Server\bin\SniperElite4_Dedicated.exe
FirewallRules: [{714D5C1E-F212-4221-820E-1353126AF768}] => (Allow) D:\GAME\World_of_Warships\worldofwarships.exe
FirewallRules: [{9BC43BB0-501C-49A6-AFB6-56880D0050DD}] => (Allow) D:\GAME\World_of_Warships\worldofwarships.exe
FirewallRules: [{146C68D5-6EF8-47C1-A2BB-D2E82AF7EFB8}] => (Allow) D:\GAME\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{CFEEC979-527C-41A2-A25A-D048777E8E20}] => (Allow) D:\GAME\World_of_Warships\WoWSLauncher.exe
FirewallRules: [UDP Query User{B04742B8-A2DB-467C-A51F-E1F77D5AFBE6}D:\game\warthunder\win64\aces.exe] => (Allow) D:\game\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{42BDDD76-6EF0-4B52-8AB4-8F63FA624E8D}D:\game\warthunder\win64\aces.exe] => (Allow) D:\game\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{47ED51DE-3BBB-455C-8F7E-1B33FD001D92}D:\game\warthunder\launcher.exe] => (Allow) D:\game\warthunder\launcher.exe
FirewallRules: [TCP Query User{476A6DC9-4DC0-45D2-B7C1-CFD63A4A4CC7}D:\game\warthunder\launcher.exe] => (Allow) D:\game\warthunder\launcher.exe
FirewallRules: [UDP Query User{75AB2F6F-1453-4A5F-84CD-62C6DE181671}D:\game\csgo.exe] => (Allow) D:\game\csgo.exe
FirewallRules: [TCP Query User{778DC93B-9355-430E-B5BC-A06CACB6B04A}D:\game\csgo.exe] => (Allow) D:\game\csgo.exe
FirewallRules: [{95E2DCD4-D182-4AB5-83B6-D878DBD7815F}] => (Allow) D:\GAME\Loader.exe
FirewallRules: [{84B5A2F5-7F39-471D-9A6C-B86E9EE39BA5}] => (Allow) D:\GAME\csgo_launcher.exe
FirewallRules: [{6A1ED25B-9620-4E1C-A78B-5B65AABAE8FD}] => (Allow) D:\GAME\GareysMod\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{32A27391-881F-42B1-9582-E5318800F91B}] => (Allow) D:\GAME\GareysMod\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [UDP Query User{57C1B13D-4990-482D-8380-9163078EC7FA}D:\game\wot\worldoftanks.exe] => (Allow) D:\game\wot\worldoftanks.exe
FirewallRules: [TCP Query User{4DAF99C0-1C03-47B7-BB7B-B4BBE9EFD501}D:\game\wot\worldoftanks.exe] => (Allow) D:\game\wot\worldoftanks.exe
FirewallRules: [UDP Query User{E7EFB2F3-2256-47A6-9A3D-E00A69ECDDC6}D:\game\wot\wotlauncher.exe] => (Allow) D:\game\wot\wotlauncher.exe
FirewallRules: [TCP Query User{A035C543-9C23-4498-AC40-2391C6C4F682}D:\game\wot\wotlauncher.exe] => (Allow) D:\game\wot\wotlauncher.exe
FirewallRules: [UDP Query User{863C1033-4D64-4EF8-B288-E42E489A7E19}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{CD16B404-5961-4986-B81E-0CDD0D034331}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{82BC0EDA-3957-4C45-9BCD-DEA8ADB37C1C}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{4BCE11AC-2496-4E5D-9BB7-2A86812783FF}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{D3351967-2FB5-45B2-A20F-5402CFD1FE80}D:\game\cod2\kolobuty 2\setup\data\cod2mp_s.exe] => (Allow) D:\game\cod2\kolobuty 2\setup\data\cod2mp_s.exe
FirewallRules: [TCP Query User{87BF12F9-53DA-44D5-94C4-EA94BD70EA55}D:\game\cod2\kolobuty 2\setup\data\cod2mp_s.exe] => (Allow) D:\game\cod2\kolobuty 2\setup\data\cod2mp_s.exe
FirewallRules: [{875C1FB6-BCDD-4DEC-A9A7-49666C9E7AAA}] => (Allow) D:\GAME\GareysMod\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{66ACF55B-BBF2-47EF-B7D4-43CB2D2301B3}] => (Allow) D:\GAME\GareysMod\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{67D3C12E-129A-490C-BC5A-4513AAED6046}] => (Allow) D:\GAME\GareysMod\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{0F8D8246-9862-4E89-ACC1-94118E3CEE46}] => (Allow) D:\GAME\GareysMod\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [UDP Query User{C8EBB49F-B691-4BB5-8456-8BD8D93A46E1}D:\game\gamebeasts\gang.beasts.v0.4.3\gang beasts.exe] => (Allow) D:\game\gamebeasts\gang.beasts.v0.4.3\gang beasts.exe
FirewallRules: [TCP Query User{FA67431F-D811-4589-9E32-AFFC67124C6D}D:\game\gamebeasts\gang.beasts.v0.4.3\gang beasts.exe] => (Allow) D:\game\gamebeasts\gang.beasts.v0.4.3\gang beasts.exe
FirewallRules: [{E8C3DAF9-0E26-4A13-96B4-28F167EBB394}] => (Allow) D:\GAME\GareysMod\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AF9DF9B4-9EF5-44D0-AB99-DF68FACFDDBE}] => (Allow) D:\GAME\GareysMod\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{75A9E077-991C-45C9-8A5E-E99DE4623911}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{6D85D062-E336-4DE6-BD1F-23CCB38393B8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{28CC4F16-843F-49C5-A7E9-923E97E11535}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{94C10173-7AD0-4FB9-9317-5BDE9033530B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{DB32BE2C-E079-4058-ABB8-6446656C1EB1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F87F2357-97F8-4EE1-A3D3-D2B281FDB75D}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{04D3590F-4AC4-49D7-9CEC-3DBD24CDA1E5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BABB7F78-9B43-47F8-B1E6-C626DAD03D99}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{EB1BEE94-8F2C-4619-8991-4173EA95F63D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{038A906D-9C94-4969-A25E-8192B1734F62}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1BA49EC7-F770-4D1A-A61E-C007ABC69168}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1A227BDC-AF73-4C09-8DE1-A68F4C7E6A0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{6B8F359F-016D-47DE-8A25-9560353A4ED9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E6CEF159-9040-4F52-8449-8296F59EC122}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D2453250-1E76-45A4-A37C-F5E9C5095076}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A6CD87BD-1F6D-4A03-BE36-E884491E7123}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A67938F0-0942-49A7-9C80-9103D0AC7F5C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ED24A662-3FD1-46EF-B874-CF8311963112}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FAD24A76-C6DC-427D-96D5-836DB415E606}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AE9D3889-A515-4512-9DF2-835688127065}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{2137BA76-529C-44D2-B3F5-DD304F7C3707}D:\game\wot\worldoftanks.exe] => (Allow) D:\game\wot\worldoftanks.exe
FirewallRules: [UDP Query User{58B7FDC0-06C0-4B5C-9682-23651E14C908}D:\game\wot\worldoftanks.exe] => (Allow) D:\game\wot\worldoftanks.exe
FirewallRules: [TCP Query User{A9028D1C-5F9E-43D6-AC7B-40E0AA86EE8A}D:\game\wot\wotlauncher.exe] => (Block) D:\game\wot\wotlauncher.exe
FirewallRules: [UDP Query User{58DFEFAF-AB00-4F4E-88D8-82684032D801}D:\game\wot\wotlauncher.exe] => (Block) D:\game\wot\wotlauncher.exe
FirewallRules: [TCP Query User{8742D611-8025-457E-990C-56468695ED94}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{33429E93-8001-4B55-8FBE-5628DEB60DFB}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\pc\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{1B5618F4-E4C8-4BD0-B2DD-09F60B4FD6B1}D:\game\far cry 4\bin\farcry4.exe] => (Allow) D:\game\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{E41AE812-6F43-47CA-A4A9-050B93EF6852}D:\game\far cry 4\bin\farcry4.exe] => (Allow) D:\game\far cry 4\bin\farcry4.exe
FirewallRules: [{426A694D-99A2-4B0A-AEEC-64D1C7540753}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{A8F40CA1-53D5-4257-B786-79A5D82012C7}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{F683C1A0-D087-49D7-8B03-6380E3185F04}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{17936268-7A3F-4B11-9F0A-905DA271E552}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{85186D20-2A3A-4817-825A-526842774218}] => (Allow) D:\GAME\GareysMod\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{DF3016B7-F2AF-47FE-B70A-0B208A4D5093}] => (Allow) D:\GAME\GareysMod\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{A1B3D4BA-A760-4748-937D-A0E5A903AFBF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FFE41671-936F-4058-A526-3469610E528E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{18E95245-E935-4521-8A46-C61D5722CC27}] => (Allow) D:\GAME\GareysMod\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [{4F82B342-32E1-40BE-B919-FADADAC828EF}] => (Allow) D:\GAME\GareysMod\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [TCP Query User{9557CA8B-7A63-4413-9799-FC8A94312DF7}D:\game\gareysmod\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) D:\game\gareysmod\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{11386CED-42D3-4E09-84A0-999378DC5DB0}D:\game\gareysmod\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) D:\game\gareysmod\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [{C54A875B-D04B-4090-8DF4-1BF487B61D7D}] => (Allow) D:\GAME\GareysMod\steamapps\common\Argo\argobattleye.exe
FirewallRules: [{18B2134F-1C93-473E-B3DB-FC87142E2E84}] => (Allow) D:\GAME\GareysMod\steamapps\common\Argo\argobattleye.exe
FirewallRules: [TCP Query User{791C8698-82D2-48EF-865C-17789E617E5C}D:\game\gareysmod\steamapps\common\argo\argo_x64.exe] => (Allow) D:\game\gareysmod\steamapps\common\argo\argo_x64.exe
FirewallRules: [UDP Query User{95AF6EE2-C768-4EDE-B796-BDCB9A381BE6}D:\game\gareysmod\steamapps\common\argo\argo_x64.exe] => (Allow) D:\game\gareysmod\steamapps\common\argo\argo_x64.exe
FirewallRules: [{554142F6-A10B-4DB4-98C4-B4D9039541B1}] => (Allow) D:\GrandTheftAutoV\GTA5.exe
FirewallRules: [{288AA09B-2C1E-4958-BAB6-A2F623FA6A7B}] => (Allow) D:\GrandTheftAutoV\GTA5.exe
FirewallRules: [TCP Query User{2C3A2A5D-7528-4C32-A65E-858A29BCCC5B}D:\grandtheftautov\gta5.exe] => (Allow) D:\grandtheftautov\gta5.exe
FirewallRules: [UDP Query User{EA009564-C075-4AA0-A914-5CB8951118D8}D:\grandtheftautov\gta5.exe] => (Allow) D:\grandtheftautov\gta5.exe
FirewallRules: [{13A61EE9-8B2F-4D7A-B70C-B1E8F53506C5}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [TCP Query User{08182583-74A6-460B-B6A0-44954CA1272F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{9ADBCF34-F287-42D1-A6B4-664CB0D12D4F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{72DCBFD5-D009-48D6-B690-B0392AA515ED}D:\game\warthunder\launcher.exe] => (Block) D:\game\warthunder\launcher.exe
FirewallRules: [UDP Query User{9C315E78-26DB-4B54-AE70-306506416145}D:\game\warthunder\launcher.exe] => (Block) D:\game\warthunder\launcher.exe
FirewallRules: [TCP Query User{48FBB14B-2B3E-4435-8F93-E6C2308534AA}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F1C77665-849F-4AB6-84B9-E4671D980DA2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{BDDD41BF-BECE-4022-9FF2-16870BE3B9D7}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{BC60A14C-236B-46A1-986C-F204937A9D18}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{14A7F999-1224-4298-9792-7C763D4D1CB2}] => (Allow) D:\streamovaní\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{96AEDA7B-AD3B-4D8C-B178-D89BC520DD4E}] => (Allow) D:\streamovaní\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{616084D9-18B4-45A4-9A0A-0266822370EC}] => (Allow) D:\streamovaní\World_of_Tanks\worldoftanks.exe
FirewallRules: [{3C5DAB45-F5AD-4A56-8C72-636D6478A982}] => (Allow) D:\streamovaní\World_of_Tanks\worldoftanks.exe
FirewallRules: [{00E20A82-E1D6-4431-A43C-EE066D8631ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Argo\argobattleye.exe
FirewallRules: [{C3AC1DA0-D85B-4EB6-853E-DB32F3D1EF6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Argo\argobattleye.exe
FirewallRules: [TCP Query User{DABFE70B-D43C-46B8-A869-9D3DA42440A5}C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe
FirewallRules: [UDP Query User{2AA47FEA-704A-4D81-83EA-12561C56F69A}C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\argo\argo_x64.exe
FirewallRules: [{493C6AEA-8E3C-434E-83E9-2B0762AD5192}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{E255EEAC-0683-4661-A192-F4A01881E827}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{813012A6-D285-424E-A245-784BA1ECE12F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [{B613C767-5B50-4FDB-B640-850867BECF57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [TCP Query User{D99F0A2A-8C57-425D-AAEC-B5B76B488AC4}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{913627CE-5D49-47DA-81AF-B76F26E40F91}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe
FirewallRules: [{5039687C-AE68-4EB2-8DEB-99572CC5847C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{EF89C40E-1F23-4F21-A216-4709F89CB472}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{82FB1968-79CB-4FAD-A2AF-8FCD40C086B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{8607226B-AE52-48F3-8BD8-375A8F6C666D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{ED4823CC-3046-4A3B-8BA7-C49C46D8022D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing\FishingGame\Binaries\Win64\FishingGame-Win64-Shipping.exe
FirewallRules: [{1174771E-6C3F-4343-AC66-BA830C98A0B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fishing\FishingGame\Binaries\Win64\FishingGame-Win64-Shipping.exe
FirewallRules: [{0CBCEE79-CC10-4BAC-BA82-4E14B5F39459}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{C6D294A3-6D06-43F9-A4B0-0AB6D0F710CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe

==================== Restore Points =========================

27-10-2017 13:03:24 Naplánovaný kontrolní bod
03-11-2017 13:56:24 Installed SketchUp 2017

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/03/2017 06:04:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uTorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.15063.483, časové razítko: 0x88a53c1d
Kód výjimky: 0xc000041d
Posun chyby: 0x00005836
ID chybujícího procesu: 0x16d8
Čas spuštění chybující aplikace: 0x01d354c5afb09c7e
Cesta k chybující aplikaci: C:\Users\OEM\AppData\Roaming\uTorrent\uTorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 92aa6408-b836-4070-8f8d-2b271ed29b0e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 03:52:22 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll na řádku 3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (11/03/2017 03:23:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmde.exe, verze: 0.0.0.0, časové razítko: 0x4c7bf5ca
Název chybujícího modulu: FileSyncShell.dll, verze: 17.3.7074.1023, časové razítko: 0x59eeccfa
Kód výjimky: 0xc0000005
Posun chyby: 0x000214b7
ID chybujícího procesu: 0x2dbc
Čas spuštění chybující aplikace: 0x01d354af4743271b
Cesta k chybující aplikaci: C:\Program Files (x86)\Vector Magic\vmde.exe
Cesta k chybujícímu modulu: C:\Users\OEM\AppData\Local\Microsoft\OneDrive\17.3.7074.1023\FileSyncShell.dll
ID zprávy: 9b33a790-2796-42f6-9d2a-ad8de4010d5a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 03:23:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmde.exe, verze: 0.0.0.0, časové razítko: 0x4c7bf5ca
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.15063.674, časové razítko: 0x6d16dd24
Kód výjimky: 0xc0000409
Posun chyby: 0x000eb872
ID chybujícího procesu: 0x2dbc
Čas spuštění chybující aplikace: 0x01d354af4743271b
Cesta k chybující aplikaci: C:\Program Files (x86)\Vector Magic\vmde.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ea2913c1-4663-476b-950a-b47269cd06a7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 03:21:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmde.exe, verze: 0.0.0.0, časové razítko: 0x4c7bf5ca
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x802f667e
Kód výjimky: 0xc0000374
Posun chyby: 0x000d9aba
ID chybujícího procesu: 0xb7c
Čas spuštění chybující aplikace: 0x01d354aeed842892
Cesta k chybující aplikaci: C:\Program Files (x86)\Vector Magic\vmde.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c8e2d876-6649-4c68-a6a8-9baaa6e35835
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 03:21:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmde.exe, verze: 0.0.0.0, časové razítko: 0x4c7bf5ca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x0268eeba
ID chybujícího procesu: 0xb7c
Čas spuštění chybující aplikace: 0x01d354aeed842892
Cesta k chybující aplikaci: C:\Program Files (x86)\Vector Magic\vmde.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 388f2826-1703-4038-9086-a40f43eb3da2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 03:20:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmde.exe, verze: 0.0.0.0, časové razítko: 0x4c7bf5ca
Název chybujícího modulu: FileSyncShell.dll, verze: 17.3.7074.1023, časové razítko: 0x59eeccfa
Kód výjimky: 0xc0000005
Posun chyby: 0x000214b7
ID chybujícího procesu: 0x1c30
Čas spuštění chybující aplikace: 0x01d354aed67d081a
Cesta k chybující aplikaci: C:\Program Files (x86)\Vector Magic\vmde.exe
Cesta k chybujícímu modulu: C:\Users\OEM\AppData\Local\Microsoft\OneDrive\17.3.7074.1023\FileSyncShell.dll
ID zprávy: 65fc94ea-7f36-4b88-b4f0-0714a4b24490
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 03:20:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmde.exe, verze: 0.0.0.0, časové razítko: 0x4c7bf5ca
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x026ceeba
ID chybujícího procesu: 0x1c30
Čas spuštění chybující aplikace: 0x01d354aed67d081a
Cesta k chybující aplikaci: C:\Program Files (x86)\Vector Magic\vmde.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3082d4c9-70af-4798-ba90-2b3c36c77fd4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 03:15:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmde.exe, verze: 0.0.0.0, časové razítko: 0x4c7bf5ca
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x802f667e
Kód výjimky: 0xc0000374
Posun chyby: 0x000d9aba
ID chybujícího procesu: 0x1cfc
Čas spuštění chybující aplikace: 0x01d354ae1e8dd2ca
Cesta k chybující aplikaci: C:\Program Files (x86)\Vector Magic\vmde.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 14ba9e9a-8eaf-456d-9f3a-b0f64fbfdbf6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/03/2017 03:14:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vmde.exe, verze: 0.0.0.0, časové razítko: 0x4c7bf5ca
Název chybujícího modulu: FileSyncShell.dll, verze: 17.3.7074.1023, časové razítko: 0x59eeccfa
Kód výjimky: 0xc0000005
Posun chyby: 0x000214b7
ID chybujícího procesu: 0xc1c
Čas spuštění chybující aplikace: 0x01d354ae1994b386
Cesta k chybující aplikaci: C:\Program Files (x86)\Vector Magic\vmde.exe
Cesta k chybujícímu modulu: C:\Users\OEM\AppData\Local\Microsoft\OneDrive\17.3.7074.1023\FileSyncShell.dll
ID zprávy: cb326b5d-cb85-46ed-b2f5-4f3ed04af5c6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/03/2017 04:30:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/03/2017 04:29:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B9R7BG1)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================
Date: 2017-11-03 17:08:14.640
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-11-03 16:04:22.046
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-10-08 16:35:50.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-10-07 15:02:33.662
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-10-05 15:35:32.300
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-09-28 16:43:18.523
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-09-24 17:10:29.643
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-09-24 17:10:29.642
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-09-16 09:35:48.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

Date: 2017-09-08 16:14:05.001
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 19%
Total physical RAM: 16347.09 MB
Available physical RAM: 13128.7 MB
Total Virtual: 18779.09 MB
Available Virtual: 15215.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.58 GB) (Free:21.31 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:703.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Prosím kontrolu

Napsal: 03 lis 2017 20:28
od Duge77
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by OEM (administrator) on DESKTOP-B9R7BG1 (03-11-2017 20:22:58)
Running from C:\Users\OEM\Downloads
Loaded Profiles: OEM (Available Profiles: OEM & Pc)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.7.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Wargaming.net) D:\streamovaní\World_of_Tanks\WargamingGameUpdater.exe
(Disc Soft Ltd) D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11709.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_140.1135.47783.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
() C:\Program Files\WindowsApps\Microsoft.XboxApp_33.34.30002.0_x64__8wekyb3d8bbwe\XboxApp.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 5\architect.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 5\ws.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\OEM\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8491888 2015-06-15] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-11] (AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\Run: [World of Tanks] => D:\streamovaní\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\Run: [DAEMON Tools Lite Automount] => D:\DAEMON Tools Lite\DTAgent.exe [4299968 2016-05-30] (Disc Soft Ltd)
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {85d107a1-4774-11e7-a58c-4ccc6a63ea8d} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {85d1091a-4774-11e7-a58c-4ccc6a63ea8d} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {d707c929-1c29-11e7-a57f-4ccc6a63ea8d} - "F:\HiSuiteDownLoader.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{10f0da50-1a84-4bd0-af74-6d56e90f4be5}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {25B8C3DA-A995-4F04-BA2E-64314152C094} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {30413324-0C85-472E-A4DE-EB46153EDA68} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {346DB61E-D543-4824-8DC3-6C84CC26E6AD} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {4FEF224E-BC59-4613-9CDB-553BFCC40D18} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {5C81680C-5CB4-44ED-88F1-8AA11CF3ABBF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {CA3F6D11-3DCE-4186-B8E4-BD90B6F01A0D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {CC5EEEE3-58CE-4669-8C41-8DF90639C3E1} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {D48FD56E-5B0F-4F7D-BC73-3ED61A334305} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_29530
SearchScopes: HKU\S-1-5-21-2397228066-33011197-2458139791-1001 -> {E6004778-B210-40B1-8EDE-A0441E4D24F4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-26] (Oracle Corporation)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-07-05] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-26] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-07-05] (pdfforge GmbH)

FireFox:
========
FF DefaultProfile: rerlsdjg.default
FF ProfilePath: C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\rerlsdjg.default [2017-11-03]
FF Homepage: Mozilla\Firefox\Profiles\rerlsdjg.default -> seznam.cz
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\rerlsdjg.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-11]
FF Extension: (Avast SafePrice) - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\rerlsdjg.default\Extensions\sp@avast.com.xpi [2017-10-15]
FF Extension: (Avast Online Security) - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\rerlsdjg.default\Extensions\wrc@avast.com.xpi [2017-09-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-12-01] ()
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-07-05] (pdfforge GmbH)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-12-01] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-26] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-05-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2397228066-33011197-2458139791-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\OEM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\1546234812.js [2017-11-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\1546234812.cfg [2017-11-03] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: arecghjatuphgrivus
CHR NewTab: arecghjatuphgrivus -> Active:"chrome-extension://cfhickkmnojlomldelgmlbibjchfpopa/stubby.html"
CHR Profile: C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus [2017-11-03] <==== ATTENTION
CHR Extension: (Prezentace) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-03]
CHR Extension: (Dokumenty) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-03]
CHR Extension: (Disk Google) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-16]
CHR Extension: (YouTube) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-16]
CHR Extension: (Muzik Fury) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\cfhickkmnojlomldelgmlbibjchfpopa [2017-10-06]
CHR Extension: (Avast SafePrice) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-11-03]
CHR Extension: (Tabulky) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-18]
CHR Extension: (Avast Online Security) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-11-03]
CHR Extension: (Gmail) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-06]
CHR HKU\S-1-5-21-2397228066-33011197-2458139791-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-11] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-11] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-08-06] ()
R3 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-11-17] (NVIDIA Corporation)
R3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2709176 2017-07-05] (pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1051312 2017-07-05] (pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [859312 2017-07-05] (pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2016-11-28] ()
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [4696960 2016-11-28] (PS Media s.r.o.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-11] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-11] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-11] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-11] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-08] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-11] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1029872 2017-11-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-11] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-11] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-11] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-11-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-11-28] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_f9309145156afb40\nvlddmkm.sys [14456912 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-11-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 MBAMFarflt; \??\C:\WINDOWS\system32\drivers\farflt.sys [X]
S3 MBAMProtection; \??\C:\WINDOWS\system32\drivers\mbam.sys [X]
S3 MBAMWebProtection; \??\C:\WINDOWS\system32\drivers\mwac.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-03 20:22 - 2017-11-03 20:23 - 000020284 _____ C:\Users\OEM\Downloads\FRST.txt
2017-11-03 20:22 - 2017-11-03 20:22 - 002403328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64 (1).exe
2017-11-03 20:22 - 2017-11-03 20:22 - 000000000 ____D C:\FRST
2017-11-03 20:21 - 2017-11-03 20:21 - 002403328 _____ (Farbar) C:\Users\OEM\Downloads\FRST64.exe
2017-11-03 20:21 - 2017-11-03 20:21 - 000508576 _____ (TweakBit) C:\Users\OEM\Downloads\_TB_LA_PCR_NEW_DSK-repairkit.exe
2017-11-03 18:06 - 2017-11-03 18:06 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-03 16:26 - 2017-11-03 16:29 - 000000000 ____D C:\AdwCleaner
2017-11-03 16:26 - 2017-11-03 16:26 - 008261584 _____ (Malwarebytes) C:\Users\OEM\Downloads\adwcleaner_7.0.4.0.exe
2017-11-03 15:51 - 2017-11-03 16:14 - 000000000 ____D C:\Program Files (x86)\Vector Magic
2017-11-03 15:24 - 2017-11-03 15:25 - 010490744 _____ C:\Users\OEM\Downloads\VectorMagicSetup_pc_1_15.exe
2017-11-03 15:15 - 2017-11-03 15:15 - 000000000 ____D C:\Users\OEM\AppData\Roaming\Trimble Connect for SketchUp
2017-11-03 15:12 - 2017-11-03 15:12 - 000000000 ____D C:\Users\OEM\AppData\Roaming\Thinstall
2017-11-03 13:57 - 2017-11-03 13:57 - 000000000 ____D C:\Users\OEM\AppData\Roaming\SketchUp
2017-11-03 13:56 - 2017-11-03 13:56 - 000001608 _____ C:\Users\Public\Desktop\SketchUp 2017.lnk
2017-11-03 13:56 - 2017-11-03 13:56 - 000000000 ____D C:\ProgramData\SketchUp
2017-11-03 13:56 - 2017-11-03 13:56 - 000000000 ____D C:\ProgramData\Reprise
2017-11-03 13:56 - 2017-11-03 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2017
2017-11-03 13:49 - 2017-11-03 13:50 - 155205312 _____ (Trimble, Inc.) C:\Users\OEM\Downloads\SketchUpMake-en-x64.exe
2017-10-11 16:44 - 2017-10-11 16:44 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 16:44 - 2017-09-30 06:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-11 16:44 - 2017-09-30 06:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-11 16:44 - 2017-09-30 06:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-11 16:44 - 2017-09-30 06:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-11 16:44 - 2017-09-30 06:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-11 16:44 - 2017-09-30 06:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-11 16:44 - 2017-09-30 06:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-11 16:44 - 2017-09-30 06:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-11 16:44 - 2017-09-30 06:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-11 16:44 - 2017-09-30 06:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-11 16:44 - 2017-09-30 06:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 16:44 - 2017-09-30 06:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-11 16:44 - 2017-09-30 06:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-11 16:44 - 2017-09-30 06:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-11 16:44 - 2017-09-30 06:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-11 16:44 - 2017-09-30 06:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-11 16:44 - 2017-09-30 06:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-11 16:44 - 2017-09-30 06:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-11 16:44 - 2017-09-30 06:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-11 16:44 - 2017-09-30 06:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-11 16:44 - 2017-09-30 06:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-11 16:44 - 2017-09-30 06:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-11 16:44 - 2017-09-30 06:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-11 16:44 - 2017-09-30 06:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-11 16:44 - 2017-09-30 06:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-11 16:44 - 2017-09-30 06:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-11 16:44 - 2017-09-30 06:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-11 16:44 - 2017-09-30 06:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-11 16:44 - 2017-09-30 06:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-11 16:44 - 2017-09-30 06:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-11 16:44 - 2017-09-30 06:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-11 16:44 - 2017-09-30 06:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-11 16:44 - 2017-09-30 06:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-11 16:44 - 2017-09-30 06:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-11 16:44 - 2017-09-30 06:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-11 16:44 - 2017-09-30 06:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-11 16:44 - 2017-09-30 06:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-11 16:44 - 2017-09-30 06:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-11 16:44 - 2017-09-30 06:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-11 16:44 - 2017-09-30 06:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-11 16:44 - 2017-09-30 06:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-11 16:44 - 2017-09-30 06:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-11 16:44 - 2017-09-30 06:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-11 16:44 - 2017-09-30 06:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-11 16:44 - 2017-09-30 06:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-11 16:44 - 2017-09-30 06:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-11 16:44 - 2017-09-30 06:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-11 16:44 - 2017-09-30 03:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-11 16:44 - 2017-09-30 03:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-11 16:44 - 2017-09-30 03:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-11 16:44 - 2017-09-30 03:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-11 16:44 - 2017-09-30 03:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-11 16:44 - 2017-09-30 03:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-11 16:44 - 2017-09-30 03:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-11 16:44 - 2017-09-30 03:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-11 16:44 - 2017-09-30 03:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-11 16:44 - 2017-09-30 03:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-11 16:44 - 2017-09-30 03:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-11 16:44 - 2017-09-30 03:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-11 16:44 - 2017-09-30 03:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-11 16:44 - 2017-09-30 03:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-11 16:44 - 2017-09-30 03:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-11 16:44 - 2017-09-30 03:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-11 16:44 - 2017-09-30 03:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-11 16:44 - 2017-09-30 03:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-11 16:44 - 2017-09-30 03:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-11 16:44 - 2017-09-30 03:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-11 16:44 - 2017-09-30 03:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-11 16:44 - 2017-09-30 03:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-11 16:44 - 2017-09-30 03:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-11 16:44 - 2017-09-30 03:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-11 16:44 - 2017-09-30 03:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-11 16:44 - 2017-09-30 03:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-11 16:44 - 2017-09-30 03:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-11 16:44 - 2017-09-30 03:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-11 16:44 - 2017-09-29 08:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-11 16:44 - 2017-09-29 08:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-11 16:44 - 2017-09-29 08:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-11 16:44 - 2017-09-29 08:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-11 16:44 - 2017-09-29 08:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-11 16:44 - 2017-09-29 08:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-11 16:44 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-11 16:44 - 2017-09-29 08:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-11 16:44 - 2017-09-29 08:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-11 16:44 - 2017-09-29 08:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-11 16:44 - 2017-09-29 08:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-11 16:44 - 2017-09-29 08:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-11 16:44 - 2017-09-29 08:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-11 16:44 - 2017-09-29 08:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-11 16:44 - 2017-09-29 08:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-11 16:44 - 2017-09-29 08:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-11 16:44 - 2017-09-29 08:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-11 16:44 - 2017-09-29 08:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-11 16:44 - 2017-09-29 08:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-11 16:44 - 2017-09-29 08:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-11 16:44 - 2017-09-29 08:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-11 16:44 - 2017-09-29 08:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-11 16:44 - 2017-09-29 08:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-11 16:44 - 2017-09-29 08:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-11 16:44 - 2017-09-29 08:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-11 16:44 - 2017-09-29 08:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-11 16:44 - 2017-09-29 08:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-11 16:44 - 2017-09-29 08:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-11 16:44 - 2017-09-29 08:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-11 16:44 - 2017-09-29 08:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-11 16:44 - 2017-09-29 08:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-11 16:44 - 2017-09-29 08:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-11 16:44 - 2017-09-29 08:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-11 16:44 - 2017-09-29 08:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-11 16:44 - 2017-09-29 08:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-11 16:44 - 2017-09-29 08:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-11 16:44 - 2017-09-29 08:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-11 16:44 - 2017-09-29 08:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-11 16:44 - 2017-09-29 08:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-11 16:44 - 2017-09-29 08:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-11 16:44 - 2017-09-29 08:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-11 16:44 - 2017-09-29 08:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-11 16:44 - 2017-09-29 08:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-11 16:44 - 2017-09-29 08:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-11 16:44 - 2017-09-29 08:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-11 16:44 - 2017-09-29 08:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-11 16:44 - 2017-09-29 08:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-11 16:44 - 2017-09-29 08:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-11 16:44 - 2017-09-29 08:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-11 16:44 - 2017-09-29 08:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-11 16:44 - 2017-09-29 08:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-11 16:44 - 2017-09-29 08:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-11 16:44 - 2017-09-29 08:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-11 16:44 - 2017-09-29 08:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-11 16:44 - 2017-09-29 08:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-11 16:44 - 2017-09-29 08:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-11 16:44 - 2017-09-29 08:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-11 16:44 - 2017-09-29 08:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-11 16:44 - 2017-09-29 08:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-11 16:44 - 2017-09-29 08:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-11 16:44 - 2017-09-29 08:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-11 16:44 - 2017-09-29 08:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-11 16:44 - 2017-09-29 08:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-11 16:44 - 2017-09-29 08:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-11 16:44 - 2017-09-29 08:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-11 16:44 - 2017-09-29 08:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-11 16:44 - 2017-09-29 08:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-11 16:44 - 2017-09-29 08:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-11 16:44 - 2017-09-29 08:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-11 16:44 - 2017-09-29 08:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-11 16:44 - 2017-09-29 08:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-11 16:44 - 2017-09-29 08:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-11 16:44 - 2017-09-29 08:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-11 16:44 - 2017-09-29 08:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-11 16:44 - 2017-09-29 08:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-11 16:44 - 2017-09-29 08:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-11 16:44 - 2017-09-29 08:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-11 16:44 - 2017-09-29 08:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-11 16:44 - 2017-09-29 08:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-11 16:44 - 2017-09-29 08:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-11 16:44 - 2017-09-29 08:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-11 16:44 - 2017-09-29 08:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-11 16:44 - 2017-09-29 08:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-11 16:44 - 2017-09-29 08:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-11 16:44 - 2017-09-29 08:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-11 16:44 - 2017-09-29 08:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-11 16:44 - 2017-09-29 08:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-11 16:44 - 2017-09-29 08:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-11 16:44 - 2017-09-29 08:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-11 16:44 - 2017-09-29 08:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-11 16:44 - 2017-09-29 08:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-11 16:44 - 2017-09-29 08:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-11 16:44 - 2017-09-29 08:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-11 16:44 - 2017-09-29 08:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-11 16:44 - 2017-09-29 08:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-11 16:44 - 2017-09-29 08:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-11 16:44 - 2017-09-29 08:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-11 16:44 - 2017-09-29 08:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-11 16:44 - 2017-09-29 08:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-11 16:44 - 2017-09-29 08:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-11 16:44 - 2017-09-29 08:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-11 16:44 - 2017-09-29 08:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-11 16:44 - 2017-09-29 08:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-11 16:44 - 2017-09-29 08:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-11 16:44 - 2017-09-29 08:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-11 16:44 - 2017-09-29 08:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-11 16:44 - 2017-09-29 08:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-11 16:44 - 2017-09-29 08:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-11 16:44 - 2017-09-29 08:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-11 16:44 - 2017-09-29 08:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-11 16:44 - 2017-09-29 08:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-11 16:44 - 2017-09-29 08:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-11 16:44 - 2017-09-29 08:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-11 16:44 - 2017-09-29 08:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-11 16:44 - 2017-09-29 08:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-11 16:44 - 2017-09-29 08:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-11 16:44 - 2017-09-29 08:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-11 16:44 - 2017-09-29 08:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-11 16:44 - 2017-09-29 08:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-11 16:44 - 2017-09-29 08:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-11 16:44 - 2017-09-29 08:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-11 16:44 - 2017-09-29 08:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-11 16:44 - 2017-09-29 08:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-11 16:44 - 2017-09-29 08:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-11 16:44 - 2017-09-29 08:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-11 16:44 - 2017-09-29 08:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-11 16:44 - 2017-09-29 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-11 16:44 - 2017-09-29 08:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-11 16:44 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-11 16:44 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-11 16:44 - 2017-09-20 16:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-11 16:44 - 2017-09-20 16:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-11 16:44 - 2017-09-20 16:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-11 16:44 - 2017-09-19 00:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-11 16:44 - 2017-09-19 00:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-11 16:44 - 2017-09-19 00:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-11 16:44 - 2017-09-19 00:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-11 16:44 - 2017-09-19 00:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-11 16:44 - 2017-09-19 00:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-11 16:44 - 2017-09-19 00:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-11 16:44 - 2017-09-19 00:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-11 16:44 - 2017-09-18 23:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-11 16:44 - 2017-09-18 23:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-11 16:44 - 2017-09-18 23:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-11 16:44 - 2017-09-18 23:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-11 16:44 - 2017-09-18 23:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-11 16:44 - 2017-09-18 23:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-11 15:52 - 2017-10-11 15:52 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-10-08 08:21 - 2017-10-08 08:21 - 000000846 _____ C:\Users\OEM\Desktop\(64х)Farming Simulator 17.lnk
2017-10-07 14:54 - 2017-10-07 14:55 - 000000000 ____D C:\Users\OEM\Downloads\Farming Simulator 17 by xatab
2017-10-07 14:51 - 2017-10-07 14:51 - 000021726 _____ C:\Users\OEM\Downloads\Farming-Simulator-17-v1.4.4-21-DLC.torrent
2017-10-07 14:44 - 2017-10-07 14:45 - 023518648 _____ (Disc Soft Ltd) C:\Users\OEM\Downloads\DTLite1040-0190.exe
2017-10-06 14:22 - 2017-10-07 14:47 - 000000000 ____D C:\Users\OEM\Downloads\Farming.Simulator.17-RELOADED
2017-10-06 14:21 - 2017-10-06 14:21 - 000021771 _____ C:\Users\OEM\Downloads\Farming Simulator 17 PC BY RIOT3.torrent
2017-10-06 14:19 - 2017-10-06 14:19 - 000158485 _____ C:\Users\OEM\Downloads\Nepotvrzeno 730703.crdownload
2017-10-05 18:45 - 2017-10-05 18:45 - 000006175 _____ C:\Users\OEM\AppData\Local\recently-used.xbel
2017-10-05 15:46 - 2017-10-05 15:46 - 000001072 _____ C:\Users\OEM\Desktop\(64х)Euro Truck Simulator.lnk
2017-10-05 15:41 - 2017-10-05 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2017-10-05 15:41 - 2017-10-05 15:41 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2017-10-05 15:40 - 2017-10-05 15:40 - 009052192 _____ (Cheat Engine ) C:\Users\OEM\Downloads\cheat-engine-6-4-en-win.exe
2017-10-05 15:30 - 2017-10-05 15:30 - 000000000 ____D C:\Games
2017-10-05 15:10 - 2017-10-05 15:20 - 000000000 ____D C:\Users\OEM\Downloads\Euro Truck Simulator 2 xatab
2017-10-05 15:10 - 2017-10-05 15:10 - 000020747 _____ C:\Users\OEM\Downloads\Euro_Truck_Simulator_2_xatab.torrent
2017-10-04 17:08 - 2017-10-04 17:08 - 000000818 _____ C:\Users\Public\Desktop\Dynamic Photo HDR 6.lnk
2017-10-04 17:08 - 2017-10-04 17:08 - 000000000 ____D C:\Users\OEM\Documents\DPHDR6
2017-10-04 17:08 - 2017-10-04 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dynamic Photo HDR 6
2017-10-04 17:08 - 2017-10-04 17:08 - 000000000 ____D C:\Program Files\DPHDR6
2017-10-04 17:04 - 2017-10-04 17:05 - 026181248 _____ (Mediachance.com ) C:\Users\OEM\Downloads\dphdr6_x64.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-03 20:19 - 2016-12-29 04:36 - 000000000 ____D C:\Users\OEM\AppData\LocalLow\Mozilla
2017-11-03 20:17 - 2017-04-06 18:26 - 000000000 ____D C:\Users\OEM\AppData\Roaming\VariCAD
2017-11-03 18:54 - 2017-06-25 08:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-03 18:20 - 2017-07-28 19:29 - 000002912 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2397228066-33011197-2458139791-1001
2017-11-03 18:20 - 2017-06-25 08:15 - 000004964 _____ C:\WINDOWS\System32\Tasks\Mafoing Cache
2017-11-03 18:20 - 2017-06-25 08:15 - 000003648 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1489419573
2017-11-03 18:20 - 2017-06-25 08:15 - 000003458 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-03 18:20 - 2017-06-25 08:15 - 000003430 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1482692995
2017-11-03 18:20 - 2017-06-25 08:15 - 000003406 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2651F355-5BC6-4DAF-B336-4FE9F6497238}
2017-11-03 18:20 - 2017-06-25 08:15 - 000003234 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-03 18:20 - 2017-06-25 08:15 - 000003198 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-03 18:20 - 2017-06-25 08:15 - 000003170 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-03 18:20 - 2017-06-25 08:15 - 000003018 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-03 18:20 - 2017-06-25 08:15 - 000002998 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-03 18:20 - 2017-06-25 08:15 - 000002908 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-03 18:20 - 2017-06-25 08:15 - 000002866 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-03 18:20 - 2017-06-25 08:15 - 000002828 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-11-03 18:20 - 2017-06-25 08:15 - 000002826 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-B9R7BG1-OEM
2017-11-03 18:20 - 2017-06-25 08:15 - 000002552 _____ C:\WINDOWS\System32\Tasks\{9C638A81-8D09-4C4F-9970-EAB69C3D0EC2}
2017-11-03 18:20 - 2017-06-25 08:15 - 000002320 _____ C:\WINDOWS\System32\Tasks\{A7A0E2AC-773F-415F-985F-06EB16A7B8A5}
2017-11-03 18:20 - 2017-06-25 08:15 - 000002276 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-11-03 18:20 - 2017-06-25 08:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-11-03 18:05 - 2017-08-15 07:02 - 000000000 ____D C:\Users\OEM\Desktop\WARFACE UPDATE
2017-11-03 18:04 - 2017-05-30 15:40 - 000000000 ____D C:\Users\OEM\AppData\Roaming\uTorrent
2017-11-03 16:39 - 2017-06-25 08:10 - 000000000 ____D C:\Users\OEM
2017-11-03 16:38 - 2016-12-25 20:08 - 001029872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-11-03 16:35 - 2017-06-25 11:08 - 002586774 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-03 16:35 - 2017-03-20 05:43 - 001162550 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-03 16:35 - 2017-03-20 05:43 - 000276986 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-03 16:35 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-03 16:35 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-03 16:31 - 2017-04-06 18:26 - 000000190 _____ C:\Users\OEM\AppData\Roaming\varicad-work.ini
2017-11-03 16:30 - 2017-06-25 08:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-03 16:30 - 2016-09-13 13:18 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-03 16:29 - 2017-03-18 12:40 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2017-11-03 16:15 - 2016-09-13 13:08 - 000000000 ____D C:\Users\OEM\AppData\Local\Packages
2017-11-03 16:13 - 2017-09-06 16:04 - 000000000 ____D C:\Program Files\PDFCreator
2017-11-03 16:13 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-03 16:13 - 2017-02-21 19:20 - 000000000 ____D C:\Users\OEM\AppData\Roaming\inkscape
2017-11-03 16:13 - 2017-01-21 16:44 - 000000000 ____D C:\Users\OEM\AppData\Roaming\DAEMON Tools Lite
2017-11-03 16:13 - 2016-12-26 13:25 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-03 15:03 - 2017-07-06 11:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-03 12:34 - 2016-09-13 13:08 - 000000000 ____D C:\Users\OEM\AppData\Roaming\Adobe
2017-10-30 19:22 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-30 19:20 - 2017-03-02 17:34 - 000000000 ___RD C:\Users\OEM\OneDrive
2017-10-30 19:20 - 2016-09-13 13:10 - 000002426 _____ C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-17 17:28 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-16 17:34 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-16 17:33 - 2017-06-25 08:09 - 005037520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-15 19:10 - 2017-03-18 22:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-15 19:10 - 2017-03-18 22:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-15 19:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-15 19:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-13 01:21 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 01:21 - 2017-03-18 22:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-11 16:46 - 2016-11-28 12:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 16:44 - 2016-11-28 12:20 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-11 15:52 - 2017-06-25 11:07 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-10-11 15:52 - 2017-06-25 08:15 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-10-11 15:52 - 2017-03-06 16:33 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-10-11 15:52 - 2017-03-06 16:33 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-10-11 15:52 - 2017-03-06 16:33 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-10-11 15:52 - 2017-03-06 16:33 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-10-11 15:52 - 2016-12-25 20:08 - 001020536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.150972348223403
2017-10-11 15:52 - 2016-12-25 20:08 - 000587168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-10-11 15:52 - 2016-12-25 20:08 - 000363440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-10-11 15:52 - 2016-12-25 20:08 - 000201352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-10-11 15:52 - 2016-12-25 20:08 - 000147776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-10-11 15:52 - 2016-12-25 20:08 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-10-11 15:52 - 2016-12-25 20:08 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-10-11 15:52 - 2016-12-25 20:08 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-10-11 15:52 - 2016-12-25 20:07 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-10 09:25 - 2017-02-25 17:13 - 000000221 _____ C:\Users\OEM\Desktop\Call of Duty Modern Warfare 3.url
2017-10-08 09:28 - 2017-08-06 16:38 - 000000000 ____D C:\Users\OEM\AppData\Local\Argo
2017-10-08 08:21 - 2017-06-25 14:04 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-10-08 08:21 - 2017-06-03 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2017-10-08 08:21 - 2016-09-13 13:11 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-07 14:47 - 2017-01-21 16:45 - 000000000 ____D C:\Users\OEM\AppData\Local\Disc_Soft_Ltd
2017-10-07 13:55 - 2017-03-15 08:44 - 000000000 ____D C:\Users\OEM\AppData\Roaming\.minecraft
2017-10-05 15:58 - 2016-12-29 10:22 - 000000000 ____D C:\Users\OEM\Documents\Euro Truck Simulator 2
2017-10-05 14:36 - 2017-08-25 08:36 - 000000000 ____D C:\Users\OEM\AppData\Roaming\TS3Client

==================== Files in the root of some directories =======

2017-04-06 18:26 - 2017-11-03 16:31 - 000000190 _____ () C:\Users\OEM\AppData\Roaming\varicad-work.ini
2016-09-13 13:29 - 2016-09-13 13:29 - 001065984 _____ () C:\Users\OEM\AppData\Local\file__0.localstorage
2017-07-06 20:47 - 2017-07-09 17:49 - 000029696 _____ () C:\Users\OEM\AppData\Local\MSGBOX.EXE
2017-10-05 18:45 - 2017-10-05 18:45 - 000006175 _____ () C:\Users\OEM\AppData\Local\recently-used.xbel
2017-06-25 08:10 - 2017-06-25 08:10 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-27 12:17

==================== End of FRST.txt ============================

Re: Prosím kontrolu

Napsal: 03 lis 2017 20:33
od Rudy
Zdravím!
OK. Toto je v pořádku. Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Prosím kontrolu

Napsal: 03 lis 2017 20:43
od Duge77
# AdwCleaner 7.0.4.0 - Logfile created on Fri Nov 03 19:41:37 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1136 B] - [2017/11/3 15:29:30]
C:/AdwCleaner/AdwCleaner[S0].txt - [980 B] - [2017/11/3 15:27:50]
C:/AdwCleaner/AdwCleaner[S1].txt - [1080 B] - [2017/11/3 19:41:22]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

Re: Prosím kontrolu

Napsal: 03 lis 2017 21:52
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {85d107a1-4774-11e7-a58c-4ccc6a63ea8d} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {85d1091a-4774-11e7-a58c-4ccc6a63ea8d} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {d707c929-1c29-11e7-a57f-4ccc6a63ea8d} - "F:\HiSuiteDownLoader.exe"
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\1546234812.js [2017-11-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\1546234812.cfg [2017-11-03] <==== ATTENTION
CHR Profile: C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus [2017-11-03] <==== ATTENTION
c:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
Uložte do C:\Users\OEM\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím kontrolu

Napsal: 04 lis 2017 10:46
od Duge77
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by OEM (04-11-2017 10:44:22) Run:1
Running from C:\Users\OEM\Desktop
Loaded Profiles: OEM (Available Profiles: OEM & Pc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {85d107a1-4774-11e7-a58c-4ccc6a63ea8d} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {85d1091a-4774-11e7-a58c-4ccc6a63ea8d} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\...\MountPoints2: {d707c929-1c29-11e7-a57f-4ccc6a63ea8d} - "F:\HiSuiteDownLoader.exe"
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\1546234812.js [2017-11-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\1546234812.cfg [2017-11-03] <==== ATTENTION
CHR Profile: C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus [2017-11-03] <==== ATTENTION
c:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl

EmptyTemp:
End
*****************

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85d107a1-4774-11e7-a58c-4ccc6a63ea8d} => key removed successfully
HKLM\Software\Classes\CLSID\{85d107a1-4774-11e7-a58c-4ccc6a63ea8d} => key not found.
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85d1091a-4774-11e7-a58c-4ccc6a63ea8d} => key removed successfully
HKLM\Software\Classes\CLSID\{85d1091a-4774-11e7-a58c-4ccc6a63ea8d} => key not found.
HKU\S-1-5-21-2397228066-33011197-2458139791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d707c929-1c29-11e7-a57f-4ccc6a63ea8d} => key removed successfully
HKLM\Software\Classes\CLSID\{d707c929-1c29-11e7-a57f-4ccc6a63ea8d} => key not found.
C:\Program Files\mozilla firefox\defaults\pref\1546234812.js => moved successfully
C:\Program Files\mozilla firefox\1546234812.cfg => moved successfully
C:\Users\OEM\AppData\Local\Google\Chrome\User Data\arecghjatuphgrivus => moved successfully
c:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8675328 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 86967530 B
Java, Flash, Steam htmlcache => 109048310 B
Windows/system/drivers => 20480 B
Edge => 11468309 B
Chrome => 0 B
Firefox => 83758150 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 1634 B
NetworkService => 0 B
OEM => 289934280 B
Pc => 0 B

RecycleBin => 14966216 B
EmptyTemp: => 576.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:44:34 ====

Re: Prosím kontrolu

Napsal: 04 lis 2017 11:29
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím kontrolu

Napsal: 04 lis 2017 12:45
od Duge77
Samozřejmě, prohlížeč jede jako před tím, jste machři, poslal jsem Vám příspěvek na provoz Děkuji.. :idea: :idea: :idea:

Re: Prosím kontrolu

Napsal: 04 lis 2017 12:55
od Rudy
Rádo se stalo a my děkujeme za příspěvek! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz