VIRY.CZ

Protože teď řeším problém s jiným PC, tak mám trochu strach z toho, aby nebyl nakažen ten můj. Přikládám log z FRST, snad tam nic není...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02
Ran by Petr (administrator) on I5-PETR (10-02-2018 18:08:12)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1703 15063.850 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0320995.inf_amd64_b17c65b77c4167f1\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(The Within Network, LLC) C:\Windows\unsignedthemes.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files\Gramblr\gramblr.exe
() C:\Windows\nv\taskmon.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BitTorrent, Inc.) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [324352 2017-12-18] (ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [55632 2016-03-07] (Locktime Software)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [iFunBox] => C:\Program Files (x86)\i-Funbox DevTeam\ifunbox_x64.exe [2992248 2016-09-21] (i-Funbox.com)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [GameplayTimeTracker] => C:\ProgramData\Gameplay Time Tracker\GameplayTimeTracker.exe [893952 2017-11-27] ()
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [799880 2017-10-30] (Sandboxie Holdings, LLC)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5b11aa51-3e65-4d6c-ac2b-5da5716333a4}: [NameServer] 4.2.2.3,4.2.2.4
Tcpip\..\Interfaces\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9b3542d8-e900-49cb-a94c-d387f2f48965}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-12-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-20] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-20] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-11] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-02-10]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2017-08-31]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-02]
CHR Extension: (Matematické aplikace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-09-08]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-02-09]
CHR Extension: (Who Deleted Me - Unfriend Finder) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll [2017-08-04]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (FBDown Video Downloader) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2017-07-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-02]
CHR Extension: (Counter for Messenger) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldlagicdigidgnhniajpmoddkoakdoca [2018-02-06]
CHR Extension: (Audio EQ) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2017-04-14]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0320995.inf_amd64_b17c65b77c4167f1\atiesrxx.exe [481808 2017-11-28] (AMD)
S3 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-08-10] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1940584 2017-12-18] (ESET)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [11857488 2018-01-27] () [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
R2 JetBrainsLicServerDVT; E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe [5762048 2016-10-06] () [File not signed] <==== ATTENTION
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [322896 2016-03-07] (Locktime Software)
U2 NVU; C:\Windows\nv\taskmon.exe [329728 2014-08-31] () [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [198792 2017-10-30] (Sandboxie Holdings, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-12-18] (TeamViewer GmbH)
R2 UnsignedThemes; C:\WINDOWS\unsignedthemes.exe [22184 2015-03-01] (The Within Network, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
S2 WMS; C:\Windows\wdf\taskmon.exe [329728 2014-08-31] () [File not signed]
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320995.inf_amd64_b17c65b77c4167f1\atikmdag.sys [40380944 2017-11-28] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0320995.inf_amd64_b17c65b77c4167f1\atikmpag.sys [545808 2017-11-28] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2016-08-31] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (LG Electronics Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-03] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-02-03] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2017-11-07] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [199304 2016-11-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-11-10] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2017-11-07] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2017-11-07] (ESET)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-06] (REALiX(tm))
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R1 nbdrv; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [42128 2015-02-05] (SeriousBit)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [129152 2016-03-07] (Locktime Software)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Resplendence Software Projects Sp.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 RTL8023x64; C:\WINDOWS\system32\DRIVERS\Rtnic64.sys [61656 2014-01-23] (Realtek Semiconductor Corporation )
R3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [209544 2017-10-30] (Sandboxie Holdings, LLC)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R2 uxstyle; C:\WINDOWS\system32\Drivers\elytsxu.sys [32424 2015-03-01] (The Within Network, LLC)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 atillk64; \??\E:\AppData\Local\Temp\RarSFX0\atillk64.sys [X] <==== ATTENTION
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-10 18:08 - 2018-02-10 18:08 - 000000000 ____D C:\FRST
2018-02-04 15:54 - 2018-02-04 15:54 - 000000463 _____ C:\Users\Petr\AppData\Roaming\MPQEditor.ini
2018-02-01 12:13 - 2018-02-01 12:13 - 000003552 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-i5-Petr-Petr
2018-01-28 21:02 - 2018-01-28 21:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ScreenToGif
2018-01-28 14:45 - 2018-01-28 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ILLUSION
2018-01-28 14:44 - 2018-01-28 14:44 - 000000000 ____D C:\ILLUSION
2018-01-27 12:15 - 2018-01-27 12:15 - 000000000 ____D C:\Users\Petr\Downloads\LG AirDrive
2018-01-27 12:13 - 2018-01-27 12:13 - 000000000 ____D C:\Users\Petr\Documents\LG Bridge
2018-01-27 12:13 - 2018-01-27 12:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\LG Electronics
2018-01-27 12:12 - 2018-01-27 12:12 - 002356592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2018-01-27 12:12 - 2018-01-27 12:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LGAirDrive_01_11_00.Wdf
2018-01-27 12:12 - 2018-01-27 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Bridge
2018-01-27 12:12 - 2018-01-27 12:12 - 000000000 ____D C:\Program Files (x86)\LG Electronics
2018-01-23 21:07 - 2018-01-23 21:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ADBDriverInstaller
2018-01-23 20:53 - 2018-01-23 20:53 - 000000000 ____D C:\platform-tools
2018-01-23 20:46 - 2018-01-23 20:46 - 000000000 ____D C:\Users\Petr\.android
2018-01-23 18:53 - 2018-01-23 18:54 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-22 10:03 - 2018-01-22 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-01-22 10:03 - 2018-01-22 10:03 - 000000000 ____D C:\ProgramData\ESET
2018-01-22 10:03 - 2018-01-22 10:03 - 000000000 ____D C:\Program Files\ESET
2018-01-22 09:11 - 2018-01-22 09:11 - 000002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-21 16:12 - 2018-01-21 16:12 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project My Screen App
2018-01-21 16:12 - 2018-01-21 16:12 - 000000000 ____D C:\Program Files (x86)\ProjectMyScreenApp
2018-01-21 13:54 - 2018-01-21 13:54 - 000002759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Device Recovery Tool.lnk
2018-01-21 13:54 - 2018-01-21 13:54 - 000000000 ____D C:\ProgramData\LGE
2018-01-21 13:54 - 2018-01-21 13:54 - 000000000 ____D C:\ProgramData\HTC
2018-01-21 13:54 - 2018-01-21 13:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Care Suite
2018-01-21 13:52 - 2018-01-21 13:52 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2018-01-20 00:09 - 2018-01-20 00:09 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Psygnosis
2018-01-20 00:09 - 2018-01-20 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rollcage
2018-01-20 00:09 - 2018-01-20 00:09 - 000000000 ____D C:\Program Files (x86)\Psygnosis
2018-01-19 18:11 - 2018-01-19 18:11 - 000000000 ____D C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2018-01-19 18:11 - 2018-01-19 18:11 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-01-19 07:03 - 2018-01-20 02:42 - 000000000 ____D C:\Users\Petr\AppData\Roaming\procrastitrackerdbs
2018-01-19 07:03 - 2018-01-19 07:03 - 000000000 ____D C:\Program Files (x86)\ProcrastiTracker
2018-01-15 12:46 - 2018-01-15 12:46 - 000006633 _____ C:\Users\Petr\Documents\g.CSV
2018-01-13 13:21 - 2018-01-29 18:08 - 000000000 ____D C:\Program Files\rempl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-10 18:08 - 2016-10-28 09:59 - 000000000 ____D C:\ProgramData\Gramblr
2018-02-10 18:08 - 2014-10-06 17:43 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2018-02-10 18:03 - 2017-08-07 17:35 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6DBB309-B6A9-48F5-A5BA-80A513F846F4}
2018-02-10 16:49 - 2017-08-07 17:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-10 12:29 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-10 11:01 - 2017-01-18 17:05 - 000001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2018-02-10 11:01 - 2017-01-18 17:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-10 10:43 - 2017-08-07 17:38 - 003022986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-10 10:43 - 2017-03-20 05:39 - 001382398 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-10 10:43 - 2017-03-20 05:39 - 000344982 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-10 10:37 - 2017-08-07 17:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-10 07:51 - 2017-08-07 17:28 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-02-10 07:51 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-01-28 14:44 - 2014-10-06 17:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-01-27 11:01 - 2016-10-28 09:59 - 000000000 ____D C:\Program Files\Gramblr
2018-01-25 00:33 - 2017-08-07 17:30 - 000000000 ____D C:\Users\Petr
2018-01-24 16:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-23 18:54 - 2017-11-29 15:57 - 000000000 ____D C:\WINDOWS\Panther
2018-01-22 19:54 - 2016-07-31 19:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-22 12:11 - 2017-01-02 20:55 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Telegram Desktop
2018-01-22 09:15 - 2016-04-24 11:58 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ESET
2018-01-22 09:10 - 2017-12-30 01:27 - 000000000 ____D C:\ProgramData\Gameplay Time Tracker
2018-01-21 18:21 - 2017-04-28 09:45 - 000000000 ___RD C:\Users\Petr\Documents\Scanned Documents
2018-01-21 13:52 - 2016-09-12 10:24 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-19 19:58 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-19 18:11 - 2014-10-31 18:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-16 14:15 - 2018-01-08 12:06 - 000001730 _____ C:\WINDOWS\Sandboxie.ini
2018-01-11 18:01 - 2014-10-07 20:02 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-01-11 18:01 - 2013-08-22 14:25 - 000000167 _____ C:\WINDOWS\win.ini

==================== Files in the root of some directories =======

2014-11-03 15:01 - 2014-11-03 15:06 - 000000127 _____ () C:\Users\Petr\AppData\Roaming\Camdata.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000000408 _____ () C:\Users\Petr\AppData\Roaming\CamLayout.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000000408 _____ () C:\Users\Petr\AppData\Roaming\CamShapes.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000004547 _____ () C:\Users\Petr\AppData\Roaming\CamStudio.cfg
2016-11-01 09:57 - 2016-11-01 09:57 - 005285376 _____ () C:\Users\Petr\AppData\Roaming\chromedriver221.exe
2016-11-01 09:57 - 2016-11-01 09:57 - 000034476 _____ () C:\Users\Petr\AppData\Roaming\disable_webrtc-1.0.6.xpi
2017-03-21 18:17 - 2017-03-21 18:19 - 000000693 _____ () C:\Users\Petr\AppData\Roaming\droid4xinstaller.log
2018-02-04 15:54 - 2018-02-04 15:54 - 000000463 _____ () C:\Users\Petr\AppData\Roaming\MPQEditor.ini
2016-11-01 09:57 - 2016-11-01 09:57 - 018587648 _____ (PhantomJS) C:\Users\Petr\AppData\Roaming\PhantomJSv211.exe
2014-12-22 21:04 - 2014-12-22 21:04 - 000000044 _____ () C:\Users\Petr\AppData\Roaming\twow_sysprepdt.dat
2014-11-03 15:00 - 2014-11-03 15:01 - 000000096 _____ () C:\Users\Petr\AppData\Roaming\version2.xml
2016-11-01 09:57 - 2016-11-01 09:57 - 000701954 _____ () C:\Users\Petr\AppData\Roaming\WebDriver.FirefoxExt2530.zip
2014-10-27 17:54 - 2014-10-27 17:54 - 000000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2018-01-08 12:07 - 2018-01-08 12:07 - 000000046 _____ () C:\Users\Petr\AppData\Roaming\~SiMPLEX.ini
2015-12-15 21:12 - 2015-12-15 21:12 - 000003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-31 20:25 - 2015-02-07 22:12 - 002128896 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2017-11-10 22:21 - 2017-11-10 22:21 - 000000969 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2014-10-06 17:55 - 2015-02-14 11:05 - 000007603 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-03 17:42

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Systém) (Fixed) (Total:99.43 GB) (Free:25.53 GB) NTFS
Drive d: (Data) (Fixed) (Total:732.42 GB) (Free:242.74 GB) NTFS
Drive e: (Programy) (Fixed) (Total:199.09 GB) (Free:32.19 GB) NTFS
\\?\Volume{0cc8d3b3-4d77-11e4-8250-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{e5572f99-0000-0000-0000-b0f118000000}\ () (Fixed) (Total:0.83 GB) (Free:0.34 GB) NTFS

Available physical RAM: 13856.8 MB
Total physical RAM: 16312.07 MB
Percentage of memory in use: 15%

==================== MBR and Partition Table ==================

TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software)
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E5572F99)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=854 MB) - (Type=27)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.02.2018 02
Ran by Petr (10-02-2018 18:08:40)
Running from C:\Users\Petr\Desktop
Windows 10 Pro Version 1703 15063.850 (X64) (2017-08-07 16:37:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1292206800-3816184836-4294836885-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1292206800-3816184836-4294836885-503 - Limited - Disabled)
Guest (S-1-5-21-1292206800-3816184836-4294836885-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1292206800-3816184836-4294836885-1003 - Limited - Enabled)
Petr (S-1-5-21-1292206800-3816184836-4294836885-1001 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe (HKLM\...\{855256E6-1D5C-4F27-9A7B-A158B19E514D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{D47EDA73-1251-4020-93E5-A7AF8B7D3FB5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atom (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\atom) (Version: 1.22.0 - GitHub Inc.)
AVS Audio Converter version 6.1 (HKLM-x32\...\AVS Audio Converter 6.1_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 9.0 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.0.1.566 - Online Media Technologies Ltd.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Microsoft USBDevice (02/19/2016 1.0.0.0) (HKLM\...\01D4AA89568B59E5941907D403E3B682EE413AB7) (Version: 02/19/2016 1.0.0.0 - Microsoft)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: - Piriform Ltd.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
ClockBlocker (HKLM-x32\...\ClockBlocker1.2) (Version: 1.2 - ComroeStudios)
Counter-Strike 1.6 v43g (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Counter-Strike 1.6_is1) (Version: - Valve)
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Deus Ex - HDTP Release 3 (HKLM-x32\...\HDTPr2_is1) (Version: 1.0 - HDTP Team)
Deus Ex GOTY (HKLM-x32\...\GOGPACKDEUSEX_is1) (Version: 2.0.0.11 - GOG.com)
Deus Ex New Vision (HKLM-x32\...\Deus Ex New Vision) (Version: 1.5 - DaveW)
Disk Space Fan 4 4.5.4.152 (HKLM-x32\...\Disk Space Fan 4_is1) (Version: - Disk Space Fan Team)
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.2.0.1 - pXc-coding.com)
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
EGL (HKLM-x32\...\EGL) (Version: - Paul Jackson)
Elevated Installer (HKLM-x32\...\{519CFDE8-7A41-4A5F-8A13-D3897EDAC23E}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 11.0.159.0 - ESET, spol. s r.o.)
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version: - Eurobattle.net)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FFU Loader Driver 1.0.0 (HKLM-x32\...\{7209d085-ed88-4a08-beb2-c49db2b9e838}) (Version: 1.0.0 - Microsoft)
FFU Loader Driver 1.0.0 (HKLM-x32\...\{CA839C49-B3D1-4EA6-BB8A-21937B808771}) (Version: 1.0.0 - Microsoft) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Gameplay Time Tracker version 2.2.0 (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Gameplay Time Tracker_is1) (Version: 2.2.0 - mik61)
Garmin Express (HKLM-x32\...\{42E1A1AC-597A-4A11-B4B4-F47D5611A68B}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{BBD32E06-A24C-45F0-818E-6F51BF68D0BE}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
GitHub Desktop (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\GitHubDesktop) (Version: 1.0.8 - GitHub, Inc.)
GnuWin32: PDCurses version 2.6 (HKLM-x32\...\PDCurses-2.6_is1) (Version: 2.6 - GnuWin32)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - )
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.11.1156 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.17.5274 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Gothic 2 Gold verze 2.6 (HKLM-x32\...\Gothic 2 Gold_is1) (Version: 2.6 - )
Gramblr (HKLM\...\Gramblr) (Version: 2.9.104 - Gramblr Team)
Grand Theft Auto Vice City version 1.1.0.0 (HKLM-x32\...\Grand Theft Auto Vice City_is1) (Version: 1.1.0.0 - Mr DJ)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
iFunbox (v3.0.3939.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3939.1352 - iFunbox DevTeam)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
JPEXS Free Flash Decompiler (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 10.0.0 - JPEXS)
K-Lite Mega Codec Pack 11.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
LatencyMon 6.51 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
LG AirDrive (HKLM-x32\...\{101E5DB3-07FA-4E52-8923-05068C94CF43}) (Version: 1.2.60617.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.40 - LG Electronics)
LG Mobile Drivers (HKLM-x32\...\{C3C008A7-D4A5-4E19-B0D6-72043D6EFE34}) (Version: 4.2.0 - LG Electronics)
LOOT version 0.12.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.12.1 - LOOT Team)
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Media Feature Pack for Windows 10 N and KN (HKLM-x32\...\{ef11e192-acd9-485d-8860-ee2102cc2a69}) (Version: 1.0.0 - Microsoft) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Neighbours From Hell Compilation (HKLM-x32\...\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt) Hidden
Neighbours From Hell Compilation (HKLM-x32\...\InstallShield_{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt)
NetLimiter 4 (HKLM\...\{B07F35DF-26BB-4009-8B49-B97AFB77B632}) (Version: 4.0.19.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.19.0) (Version: 4.0.19.0 - Locktime Software)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nukleární Karel (HKLM-x32\...\{45E67696-E9E3-456F-B2BB-710904002E32}) (Version: 1.0.1 - Albisoft)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
ProcrastiTracker (HKLM-x32\...\ProcrastiTracker) (Version: - )
Project My Screen App (HKLM-x32\...\{64537E9A-4DAE-42F9-BCD8-8AEEB84D1786}) (Version: 8.0.12349 - Microsoft Corporation)
Python 3.6.3 (32-bit) (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\{1bb10b8c-6e63-4897-9fb2-3873ce30d7e1}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 Add to Path (32-bit) (HKLM-x32\...\{04AE65E4-FC7A-43A7-AC1E-E3E019EF07F5}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Core Interpreter (32-bit) (HKLM-x32\...\{52D39C34-E5F5-41AE-88CD-5DE66C9150B4}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (32-bit) (HKLM-x32\...\{F7D9BDE7-2C35-4F7E-AEBE-9F3028451087}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (32-bit) (HKLM-x32\...\{20EB04A7-B5EF-485E-9440-F36214C5501D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (32-bit) (HKLM-x32\...\{CA16E2AA-4499-4FE5-A88C-174612920734}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (32-bit) (HKLM-x32\...\{DA64A828-F7A9-4A19-97BD-3A9A63CEB972}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (32-bit) (HKLM-x32\...\{14843392-E9B3-4031-BCF6-FC00D5791AA8}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{AE89BB1E-1C06-4556-AA05-A6628DE07BA9}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (32-bit) (HKLM-x32\...\{63208505-67AD-4AAC-BD7B-00DE5B83BAF0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (32-bit) (HKLM-x32\...\{6CF91DC2-CED3-410B-88BB-E048C994AA1A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation)
PythonScript plugin for Notepad++ (HKLM-x32\...\{236CEDB4-1B77-4751-A6C9-92EB4200AA3C}) (Version: 1.0.8.0 - Dave Brotherstone)
Quake II - Quad Damage (HKLM-x32\...\1441704824_is1) (Version: 2.0.0.3 - GOG.com)
QuickSFV (HKLM\...\{89B56CFC-0270-4ACF-8BF1-048251FD9E08}) (Version: 3.0.0 - Totally Useful Software, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCI Fast Ethernet Controller Driver (HKLM-x32\...\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}) (Version: 6.112.123.2014 - Realtek)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Rollcage (HKLM-x32\...\{B3C13C56-4BF2-4F10-AE39-1E8C2A688CF3}) (Version: 1.3.8 - Psygnosis)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Sandboxie 5.22 (64-bit) (HKLM\...\Sandboxie) (Version: 5.22 - Sandboxie Holdings, LLC)
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s finální databází 178)_is1) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
South Park - The Stick of Truth verzia 1.0.1380/83 (HKLM-x32\...\South Park - The Stick of Truth_is1) (Version: 1.0.1380/83 - CzTorrent.net)
Spotify (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB)
Sqlectron 1.27.0 (only current user) (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\e54a0a1e-7a73-5189-8b41-9f46acb2c179) (Version: 1.27.0 - The Sqlectron Team)
SSDlife for Ultrabook (HKLM-x32\...\{1A2945BD-0D9F-45D0-836C-75ADD1330369}) (Version: 2.5.82 - BinarySense Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 1.2.6 (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.2.6 - Telegram Messenger LLP)
The Elder Scrolls V Skyrim, âĺđńč˙ 2.0 (HKLM-x32\...\The Elder Scrolls V Skyrim_is1) (Version: 2.0 - Bethesda Softworks)
The Chronicles of Riddick: Escape From Butcher Bay (HKLM-x32\...\{A8DE8C34-7F51-4cc8-B326-C425793EE741}) (Version: 1.0 - hxxp://www.vugames-europe.com)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software)
Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com)
Update for Skype for Business 2015 (KB4011638) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8B0F5A1C-5EFC-423D-91C5-EAB7F8CEC9E7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011638) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8B0F5A1C-5EFC-423D-91C5-EAB7F8CEC9E7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011638) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8B0F5A1C-5EFC-423D-91C5-EAB7F8CEC9E7}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
UxStyle (HKLM\...\{28A17CCB-77BB-49C9-847B-60E076DC43D1}) (Version: 0.2.4.2 - The Within Network, LLC) Hidden
UxStyle (HKLM-x32\...\{6bf90d91-c5db-454e-a7b4-81bc6cbbe13f}) (Version: 0.2.4.2 - The Within Network, LLC)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vietcong & Vietcong: Fist Alpha (HKLM-x32\...\{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}) (Version: 1.06 - )
Virtua Tennis 4™ (HKLM-x32\...\{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA) Hidden
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-2) (Version: 1.0.54.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WhoCrashed 5.54 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.00 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Device Recovery Tool 3.13.36001 (HKLM-x32\...\{934451b9-4a13-4ed7-a34f-a800505b5f89}) (Version: 3.13.36001 - Microsoft)
Windows IP Over USB (HKLM-x32\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
Worms W.M.D. (HKLM-x32\...\1448620034_is1) (Version: 2.0.0.2 - GOG.com)
Worms World Party Remastered (HKLM-x32\...\1433238834_is1) (Version: 2.1.0.2 - GOG.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-11-27] ()
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers1: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} => -> No File
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2013-05-27] (Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-11-27] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01ADB9A2-C2F9-4B05-9E8E-8269E96FF3AD} - System32\Tasks\{04266EFC-5BB2-479D-A1BC-2D70E926B677} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {17F9B78C-C1D2-4CB1-B644-76E3F20243A5} - System32\Tasks\{0A03B37D-8A84-4E7C-A29C-700FD16EDFE3} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.59.104/cs/go/help.faq.installer?LastError=1603
Task: {1BB38BF2-E722-43F3-A045-A7FBDC0BC061} - System32\Tasks\AdobeAAMUpdater-1.0-i5-Petr-Petr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {2FF553AF-4050-46E1-A777-1855C7496480} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-28] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D2E9247-D308-46A7-A4CA-8FED7750A8EF} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {401A3F48-D37F-4966-B3B9-3F632B467ADE} - System32\Tasks\AdobeGCInvoker-1.0-i5-Petr-Petr => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {4394C1DE-148C-4652-8982-1ECC2207A870} - System32\Tasks\{03223E83-9B1D-41C7-B6A8-551C0B195C5D} => C:\WINDOWS\system32\pcalua.exe -a "C:\hry\Warcraft III orig\FT_CDKey_Changer\FTKey.exe" -d "C:\hry\Warcraft III orig\FT_CDKey_Changer"
Task: {4467FA47-CB84-4823-8CA0-EC50DDC5BBF6} - System32\Tasks\{DBAEFEB3-6ABB-49D6-A18C-201301AC427E} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {4491EA1E-3C63-448D-B7F9-D420282DFFFA} - System32\Tasks\{A17716E6-3791-4337-886D-73BC3D44C12A} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {54D7D9D8-E9CB-44E7-B27D-C07D8F794D3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {55039598-0995-44F4-8870-29D4A12383B9} - System32\Tasks\{F243475E-1CC9-4A04-BAEF-3015EEF02FAD} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/abandoninstall?source=lightinstaller&page=tsMain
Task: {67AC2B4A-E641-4BA0-A6B3-2D1485C21068} - System32\Tasks\server => E:\AppData\Local\TempSystem.exe
Task: {6BAA073E-D04C-4F40-80E8-BFAF8D9EA896} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {7F57E8C4-400A-46E9-8237-A3A6A2B8FDE6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-11-27] (Advanced Micro Devices, Inc.)
Task: {809456E4-9AB6-416A-8211-09B065FB7B6A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {A9063117-C94D-4CC3-AE22-A22C2EE004C2} - System32\Tasks\{121A26B9-85DE-4D45-80BB-3E6DA6A20FFB} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {B2A957E3-C513-44FD-A0DA-50A207E4C888} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {BC46826A-F1D8-47D9-87A1-03ABC819C506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C278FD66-3BC4-4D2A-A981-231A30BE9DFD} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1292206800-3816184836-4294836885-1001 => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {C34EBC67-1A27-4EF7-9BCE-D13063FEA3A5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {CF9A773A-DEBE-4E61-AF98-1F63F495138A} - System32\Tasks\{C7B6F82C-45E4-40A7-8483-2D75F8222C5D} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {D341D636-9465-40EB-A6BC-510297575EB0} - System32\Tasks\{32FA096E-4D15-4567-8A70-B047A49211B1} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {EDF660F4-2DB7-4A4C-B710-4022600187DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com

==================== Loaded Modules (Whitelisted) ==============

2017-07-13 19:50 - 2017-07-13 19:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 19:50 - 2017-07-13 19:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-28 09:59 - 2018-01-27 11:01 - 011857488 _____ () C:\Program Files\Gramblr\gramblr.exe
2014-08-31 16:34 - 2014-08-31 16:34 - 000329728 _____ () C:\Windows\nv\taskmon.exe
2017-05-24 14:22 - 2016-10-06 06:40 - 005762048 ____N () E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-02-23 07:29 - 2017-02-23 07:29 - 008909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-09-20 12:41 - 2017-09-20 12:41 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-09-20 12:41 - 2017-09-20 12:41 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 009315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 000011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 001102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2017-03-18 21:59 - 2017-03-20 05:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-04-03 15:48 - 2014-04-03 15:48 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\sharepoint.com -> hxxps://gsosfm.sharepoint.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-10-20 16:10 - 000000786 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 license.piriform.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Control Panel\Desktop\\Wallpaper -> D:\Download\20 Ultra HD 4K Computer Desktop Wallpaper - 1505 [ECLiPSE]\11.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "NSU_agent"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "TEMP.bat"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "RCRN_Autoupdater.exe.lnk"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "iFunBox"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "EZBlocker"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "urlspace"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "ipts"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "MySQL Notifier"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "GameplayTimeTracker"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "SandboxieControl"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CBC7E7EB-3509-4890-9DDF-7F70EC345F6C}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [TCP Query User{68D06E85-E602-40A4-B993-985B1C5F120E}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [{3F23F9AC-0F42-43BD-B94D-C45575B5D9DA}] => (Allow) LPort=3724
FirewallRules: [UDP Query User{68ADFFC2-AC85-47A0-8D98-10E1E66F77FE}C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [TCP Query User{F2623591-9D85-49EB-9F14-076474F00FFD}C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{3FCA6C22-D9C2-4414-911F-87A6B988C71F}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{C1071EE0-0A9A-4B5C-8ED5-EB9886ACDB80}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{F25ADB49-2A76-406C-ADEA-1F3437344A9D}] => (Allow) LPort=3724
FirewallRules: [{9AF90577-C6AB-4D0F-85EB-276FB110874B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{61A572F4-2880-4EAB-ADBB-F096D8AB36E3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6C78B67C-F664-48FD-9318-BD6B1F1581BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9FE0CDAA-E919-4762-8303-FB1994C5EDB4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FB627617-5F8F-480D-83E3-2716147F87EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E09F384D-EE11-4A1D-B144-E37C73B3FD75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{222467F2-AE6B-4FD7-B356-9BC492F02CFF}] => (Allow) D:\Hry\Rise of Nations\thrones.exe
FirewallRules: [{5E30F0D8-7EF3-437C-9B72-6BAB0AC68212}] => (Allow) D:\Hry\Rise of Nations\thrones.exe
FirewallRules: [{015A57E1-2881-4363-BA0D-104CEEF360EA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D7037850-E6E3-4197-9FC2-E6FEF46756D7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{269F0105-6F5A-42A0-83E6-749DEEA64C08}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{C28DEB94-20A7-4A29-BD89-CBB1B96286F0}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{492E3001-B943-403C-AAA6-0EDA0053C8B2}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{617ECBF0-F527-41A0-B7CD-0D5EA9E20C20}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{85AEDF36-43DD-4AA8-8E65-4F14B118B655}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{010100C6-D96A-47BD-8FD9-E40D8607CC1E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{590740B2-F00D-4EAB-B14C-4BAB064EA3BA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9548F665-38DD-4F34-93D2-E200C5B97B43}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ADDBB436-0544-4D60-934F-32BB5535698C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{424AF7CC-89D9-4D20-9DCD-AD3ACE572DF9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{137FE5F1-62C5-4206-AC3C-526B891BCE4A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{12B3A4CD-42EB-41E6-8507-86452E0295DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{38027914-D2C9-4739-88BA-D48711471A52}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{00EED4C4-C503-4C70-8706-7F7D7544771E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{68F83E09-3150-40EE-AE16-383BAD79EE44}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5AC01BA2-068A-4E04-976C-9F607513FB94}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6A2405AD-956F-4622-9EE8-076EE702D41B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{6E707F6C-4047-4336-9DF2-4C354B4C5B76}C:\program files (x86)\eurobattle.net\gproxy.exe] => (Allow) C:\program files (x86)\eurobattle.net\gproxy.exe
FirewallRules: [UDP Query User{1DA7168E-4C26-4703-BF92-6E00DA831E51}C:\program files (x86)\eurobattle.net\gproxy.exe] => (Allow) C:\program files (x86)\eurobattle.net\gproxy.exe
FirewallRules: [TCP Query User{BA142414-D950-421A-8625-A2B0E16791BD}D:\hry\worms world party remastered\w2.exe] => (Allow) D:\hry\worms world party remastered\w2.exe
FirewallRules: [UDP Query User{04950070-295A-43CD-9D39-6AE251D9BB98}D:\hry\worms world party remastered\w2.exe] => (Allow) D:\hry\worms world party remastered\w2.exe
FirewallRules: [0001840b-9203-e739-cfaa-332240c95437] => (Block) E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
FirewallRules: [fedc840b-9203-e739-cfaa-332240c95437] => (Block) E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
FirewallRules: [{4B851FC4-D852-4FAE-B33D-11D4A926A94F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E93B2412-18BD-49FC-9D2E-14387C1DD756}] => (Allow) LPort=3306
FirewallRules: [{FDB79E3D-6594-4964-A7BE-2EC38CEF5BF6}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{B614AA24-5F89-444C-A103-AEFD66EC9DCA}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [UDP Query User{B3D89AF6-DD26-46AC-A87A-55DFE5A9D8BE}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [{C0F2F49E-9C73-4A7B-883E-BA3EA72D2892}] => (Allow) LPort=9143
FirewallRules: [{8AB1E59A-E433-4E7B-8B3B-8392E9E3E2CC}] => (Allow) LPort=2333
FirewallRules: [{EB3591FD-2C33-45F0-8671-39FA6592952B}] => (Allow) C:\Program Files (x86)\Mr DJ\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{807D7C92-BF8C-4259-819B-712CA10F420D}] => (Allow) C:\Program Files (x86)\Mr DJ\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [TCP Query User{73BC0875-8A69-4347-A903-9BA6FAC19C7D}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{91DE944A-DAC9-4C2A-8E0E-E7E5CBF5F73B}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{14767C03-1A14-4415-AACC-A197AF37D892}C:\singlecore_ac\server\database\bin\mysqld.exe] => (Allow) C:\singlecore_ac\server\database\bin\mysqld.exe
FirewallRules: [UDP Query User{CE9AAFFF-F2B6-4F97-9FA1-C2DD9B699215}C:\singlecore_ac\server\database\bin\mysqld.exe] => (Allow) C:\singlecore_ac\server\database\bin\mysqld.exe
FirewallRules: [TCP Query User{7213A33C-F113-4FE8-B043-F2B7A6D74E01}C:\singlecore_ac\server\bin64\spp-world.exe] => (Allow) C:\singlecore_ac\server\bin64\spp-world.exe
FirewallRules: [UDP Query User{94F13BF6-C527-4C06-9728-EC7C0360AED6}C:\singlecore_ac\server\bin64\spp-world.exe] => (Allow) C:\singlecore_ac\server\bin64\spp-world.exe
FirewallRules: [TCP Query User{BA9688A7-84FB-4AE7-A476-3644CF766DA3}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{D3156300-BB23-4204-89E4-23E282B9F03E}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [{7A748556-60A9-459D-B0C5-D80C2C454A74}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{D7A03AF7-04F1-4D0D-BC2A-F948A32BE974}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [TCP Query User{AB1F0C35-C32F-402F-AA34-DFA072571C91}C:\quake iii arena\quake3\quake3.exe] => (Block) C:\quake iii arena\quake3\quake3.exe
FirewallRules: [UDP Query User{CA9EA357-EF1B-46B9-9344-3464DE741452}C:\quake iii arena\quake3\quake3.exe] => (Block) C:\quake iii arena\quake3\quake3.exe
FirewallRules: [{92AF632B-D4CA-47D7-B66D-0DBA3E2CEC8D}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{E4FAA44A-04F3-44B5-A8D7-04882CCE67EB}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B5A49D77-9985-4904-A518-05674FBBB185}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{38A5E753-54AF-4598-9061-A6C31A6C94C5}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{B2CED895-D74D-416E-A12A-646AF4FCE8A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{40807DDA-4193-4AEA-95D1-92E59FBBF1F7}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe
FirewallRules: [UDP Query User{59DDF848-E3DD-49C7-AF68-3FDD76BF4B8A}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe
FirewallRules: [TCP Query User{C0A183FC-521D-45B9-888A-0E999D9AF17F}E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe] => (Allow) E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe
FirewallRules: [UDP Query User{8FBB4EDA-B12D-4233-9473-36959FCC96E8}E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe] => (Allow) E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe
FirewallRules: [TCP Query User{48445B14-94D0-47DB-8DAC-4E8DFDD53FA0}D:\download\warcraft iii\war3.exe] => (Allow) D:\download\warcraft iii\war3.exe
FirewallRules: [UDP Query User{3C637FA2-FF2C-4DC5-9C14-C8DE73722B49}D:\download\warcraft iii\war3.exe] => (Allow) D:\download\warcraft iii\war3.exe
FirewallRules: [{4007D426-00F9-41CA-8777-ACF7C7BE2DE2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C91BBDBC-0D84-44D2-BABE-D444DBAAE38E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{25AC6350-E77B-4606-B19E-9A6A4F648D38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{71A47090-FEF6-4B29-A13D-0F5330F9B3CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/10/2018 06:07:57 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 06:06:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 06:05:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 06:04:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 06:03:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 06:02:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 06:01:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 06:00:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 05:59:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/10/2018 05:58:56 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.


System errors:
=============
Error: (02/10/2018 06:07:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/10/2018 06:07:57 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (02/10/2018 06:06:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/10/2018 06:06:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (02/10/2018 06:05:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/10/2018 06:05:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (02/10/2018 06:04:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/10/2018 06:04:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (02/10/2018 06:03:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/10/2018 06:03:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.


CodeIntegrity:
===================================
Date: 2018-02-10 18:07:50.884
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-10 18:07:50.883
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-10 18:06:29.695
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-02-10 18:06:29.562
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-02-10 18:06:27.711
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-02-10 18:06:20.611
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-02-10 18:06:20.071
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-02-10 18:06:19.983
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-02-10 18:06:09.586
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-10 18:06:09.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4570S CPU @ 2.90GHz
Percentage of memory in use: 15%
Total physical RAM: 16312.07 MB
Available physical RAM: 13856.8 MB
Total Virtual: 18360.07 MB
Available Virtual: 15791.97 MB

==================== Drives ================================

Drive c: (Systém) (Fixed) (Total:99.43 GB) (Free:25.53 GB) NTFS
Drive d: (Data) (Fixed) (Total:732.42 GB) (Free:242.74 GB) NTFS
Drive e: (Programy) (Fixed) (Total:199.09 GB) (Free:32.19 GB) NTFS

\\?\Volume{0cc8d3b3-4d77-11e4-8250-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{e5572f99-0000-0000-0000-b0f118000000}\ () (Fixed) (Total:0.83 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E5572F99)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=854 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =========================

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Scan (Skenovanie) a pockaj na dokoncenie
• Klikni na Clean (Cistenie) a potvrd kliknutim na OK
• AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
• Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

Ahoj, tady je log:
# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 15:38:59 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Petr\AppData\Roaming\Spiritsoft


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Value] - HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|urlspace


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: safe-search-off.com - safe-search-off.com
SearchProvider deleted: ucebnicemapy.cz - ucebnicemapy.cz
SearchProvider deleted: levneucebnice.cz - levneucebnice.cz


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1460 B] - [2018/2/11 15:38:36]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Poprosim o logy z FRST podla tohto navodu (vloz sem obidva logy): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Petr (administrator) on I5-PETR (12-02-2018 21:39:27)
Running from E:\Hlavní složky\Plocha
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1703 15063.850 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0323831.inf_amd64_1212be4b9fe2386c\atiesrxx.exe
(The Within Network, LLC) C:\Windows\unsignedthemes.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files\Gramblr\gramblr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Windows\nv\taskmon.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Obsidian Entertainment) D:\Hry\Pillars of Eternity\PillarsOfEternity.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(GOM & Company) E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [324352 2017-12-18] (ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [55632 2016-03-07] (Locktime Software)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [iFunBox] => C:\Program Files (x86)\i-Funbox DevTeam\ifunbox_x64.exe [2992248 2016-09-21] (i-Funbox.com)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SandboxieControl] => "C:\Program Files\Sandboxie\SbieCtrl.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5b11aa51-3e65-4d6c-ac2b-5da5716333a4}: [NameServer] 4.2.2.3,4.2.2.4
Tcpip\..\Interfaces\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9b3542d8-e900-49cb-a94c-d387f2f48965}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-12-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-20] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-20] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-11] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-02-12]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2017-08-31]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-02]
CHR Extension: (Matematické aplikace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-09-08]
CHR Extension: (uBlock Origin) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-02-09]
CHR Extension: (Who Deleted Me - Unfriend Finder) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll [2017-08-04]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (FBDown Video Downloader) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2017-07-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-02]
CHR Extension: (Counter for Messenger) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldlagicdigidgnhniajpmoddkoakdoca [2018-02-06]
CHR Extension: (Audio EQ) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2017-04-14]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Just Proxy VPN = hide IP + security + unblock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojedkepkekklpjcgdfiahladdbopbooh [2018-02-12]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0323831.inf_amd64_1212be4b9fe2386c\atiesrxx.exe [481144 2018-02-06] (AMD)
S3 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-08-10] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1940584 2017-12-18] (ESET)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [11883088 2018-02-11] () [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
R2 JetBrainsLicServerDVT; E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe [5762048 2016-10-06] () [File not signed] <==== ATTENTION
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [322896 2016-03-07] (Locktime Software)
U2 NVU; C:\Windows\nv\taskmon.exe [329728 2014-08-31] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-12-18] (TeamViewer GmbH)
R2 UnsignedThemes; C:\WINDOWS\unsignedthemes.exe [22184 2015-03-01] (The Within Network, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
S2 WMS; C:\Windows\wdf\taskmon.exe [329728 2014-08-31] () [File not signed]
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [105184 2017-12-29] (Wondershare)
S2 SbieSvc; "C:\Program Files\Sandboxie\SbieSvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0323831.inf_amd64_1212be4b9fe2386c\atikmdag.sys [41578872 2018-02-06] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0323831.inf_amd64_1212be4b9fe2386c\atikmpag.sys [545656 2018-02-06] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2016-08-31] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (LG Electronics Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-21] (Advanced Micro Devices)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-03] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-02-03] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2017-11-07] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [199304 2016-11-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-11-10] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2017-11-07] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2017-11-07] (ESET)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-06] (REALiX(tm))
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R1 nbdrv; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [42128 2015-02-05] (SeriousBit)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [129152 2016-03-07] (Locktime Software)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Resplendence Software Projects Sp.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 RTL8023x64; C:\WINDOWS\system32\DRIVERS\Rtnic64.sys [61656 2014-01-23] (Realtek Semiconductor Corporation )
R3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [209544 2017-10-30] (Sandboxie Holdings, LLC)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R2 uxstyle; C:\WINDOWS\system32\Drivers\elytsxu.sys [32424 2015-03-01] (The Within Network, LLC)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 atillk64; \??\E:\AppData\Local\Temp\RarSFX0\atillk64.sys [X] <==== ATTENTION
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-12 21:39 - 2018-02-12 21:39 - 000000000 ____D C:\FRST
2018-02-12 16:04 - 2018-02-12 16:05 - 000000000 ___HD C:\$WINDOWS.~BT
2018-02-11 19:21 - 2018-02-11 19:24 - 000000617 _____ C:\runcheck.txt
2018-02-11 18:06 - 2018-02-12 16:05 - 000000000 ____D C:\WINDOWS\Panther
2018-02-11 16:59 - 2018-02-11 16:59 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-02-11 16:59 - 2018-02-11 16:59 - 000003074 _____ C:\WINDOWS\System32\Tasks\StartDVR
2018-02-11 16:59 - 2018-02-11 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-02-11 16:59 - 2018-02-11 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\##ID_STRING16##
2018-02-11 16:58 - 2018-02-11 16:58 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\AMD
2018-02-11 16:56 - 2018-02-11 16:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-11 14:21 - 2018-02-11 14:21 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Obsidian Entertainment
2018-02-11 14:10 - 2018-02-11 14:10 - 000000858 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Překlad Pillars of Eternity.lnk
2018-02-11 13:58 - 2018-02-11 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pillars of Eternity [GOG.com]
2018-02-11 09:46 - 2018-02-11 09:46 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2018-02-11 09:43 - 2018-02-11 09:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Wondershare
2018-02-11 09:43 - 2018-02-11 09:44 - 000000000 ____D C:\ProgramData\GraphicsType
2018-02-11 09:43 - 2018-02-11 09:43 - 000000000 ____D C:\Users\Petr\Documents\Wondershare MediaServer
2018-02-06 16:35 - 2018-02-06 16:35 - 001246584 _____ (AMD) C:\WINDOWS\system32\coinst_17.50.dll
2018-02-06 16:35 - 2018-02-06 16:35 - 000018648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2018-02-06 16:35 - 2018-02-06 16:35 - 000018648 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2018-02-06 16:28 - 2018-02-06 16:28 - 000467320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2018-02-06 16:27 - 2018-02-06 16:27 - 002941816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2018-02-06 16:27 - 2018-02-06 16:27 - 002550128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2018-02-06 16:27 - 2018-02-06 16:27 - 001064312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2018-02-06 16:26 - 2018-02-06 16:26 - 000172408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-02-06 16:26 - 2018-02-06 16:26 - 000148344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-02-06 15:12 - 2018-02-06 15:12 - 000121392 _____ C:\WINDOWS\system32\kapp_ci.sbin
2018-02-06 15:12 - 2018-02-06 15:12 - 000117072 _____ C:\WINDOWS\system32\kapp_si.sbin
2018-02-06 15:12 - 2018-02-06 15:12 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2018-02-04 15:54 - 2018-02-04 15:54 - 000000463 _____ C:\Users\Petr\AppData\Roaming\MPQEditor.ini
2018-02-01 12:13 - 2018-02-01 12:13 - 000003552 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-i5-Petr-Petr
2018-01-31 19:11 - 2018-01-31 19:11 - 000155688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2018-01-31 19:11 - 2018-01-31 19:11 - 000126848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2018-01-28 21:02 - 2018-01-28 21:03 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ScreenToGif
2018-01-27 12:15 - 2018-01-27 12:15 - 000000000 ____D C:\Users\Petr\Downloads\LG AirDrive
2018-01-27 12:13 - 2018-01-27 12:13 - 000000000 ____D C:\Users\Petr\Documents\LG Bridge
2018-01-27 12:13 - 2018-01-27 12:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\LG Electronics
2018-01-27 12:12 - 2018-01-27 12:12 - 002356592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2018-01-27 12:12 - 2018-01-27 12:12 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LGAirDrive_01_11_00.Wdf
2018-01-27 12:12 - 2018-01-27 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Bridge
2018-01-27 12:12 - 2018-01-27 12:12 - 000000000 ____D C:\Program Files (x86)\LG Electronics
2018-01-23 21:07 - 2018-01-23 21:07 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ADBDriverInstaller
2018-01-23 20:46 - 2018-01-23 20:46 - 000000000 ____D C:\Users\Petr\.android
2018-01-22 10:03 - 2018-01-22 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-01-22 10:03 - 2018-01-22 10:03 - 000000000 ____D C:\ProgramData\ESET
2018-01-22 10:03 - 2018-01-22 10:03 - 000000000 ____D C:\Program Files\ESET
2018-01-22 09:11 - 2018-01-22 09:11 - 000002354 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-21 13:54 - 2018-01-21 13:54 - 000002759 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Device Recovery Tool.lnk
2018-01-21 13:54 - 2018-01-21 13:54 - 000000000 ____D C:\ProgramData\LGE
2018-01-21 13:54 - 2018-01-21 13:54 - 000000000 ____D C:\ProgramData\HTC
2018-01-21 13:54 - 2018-01-21 13:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Care Suite
2018-01-21 13:52 - 2018-01-21 13:52 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2018-01-20 00:09 - 2018-01-20 00:09 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Psygnosis
2018-01-20 00:09 - 2018-01-20 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rollcage
2018-01-20 00:09 - 2018-01-20 00:09 - 000000000 ____D C:\Program Files (x86)\Psygnosis
2018-01-19 18:11 - 2018-01-19 18:11 - 000000000 ____D C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2018-01-19 18:11 - 2018-01-19 18:11 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-01-19 07:03 - 2018-01-20 02:42 - 000000000 ____D C:\Users\Petr\AppData\Roaming\procrastitrackerdbs
2018-01-15 12:46 - 2018-01-15 12:46 - 000006633 _____ C:\Users\Petr\Documents\g.CSV
2018-01-13 13:21 - 2018-02-11 09:20 - 000000000 ____D C:\Program Files\rempl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-12 21:39 - 2016-10-28 09:59 - 000000000 ____D C:\ProgramData\Gramblr
2018-02-12 21:37 - 2017-08-07 17:35 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6DBB309-B6A9-48F5-A5BA-80A513F846F4}
2018-02-12 21:02 - 2017-08-07 17:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-12 15:56 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-12 09:35 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-11 22:05 - 2014-10-06 17:43 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2018-02-11 18:10 - 2017-08-07 17:38 - 003103116 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-11 18:10 - 2017-03-20 05:39 - 001423030 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-11 18:10 - 2017-03-20 05:39 - 000357528 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-11 18:06 - 2017-08-07 17:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-11 18:06 - 2017-08-07 17:28 - 000433776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-11 18:06 - 2017-08-07 17:28 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-02-11 18:06 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-11 17:56 - 2017-02-08 17:28 - 000000000 ____D C:\Program Files\WhySoSlow
2018-02-11 17:56 - 2016-10-28 09:59 - 000000000 ____D C:\Program Files\Gramblr
2018-02-11 17:19 - 2018-01-08 12:05 - 000000000 ____D C:\Program Files\Sandboxie
2018-02-11 17:12 - 2016-07-31 19:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-11 16:59 - 2016-05-04 14:42 - 000000000 ____D C:\Program Files (x86)\AMD
2018-02-11 16:56 - 2017-08-07 17:28 - 000000000 ____D C:\Program Files\AMD
2018-02-11 16:49 - 2017-04-11 19:50 - 000000000 ____D C:\AMD
2018-02-11 16:48 - 2017-12-30 01:27 - 000000000 ____D C:\ProgramData\Gameplay Time Tracker
2018-02-11 16:48 - 2015-06-26 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2018-02-11 16:46 - 2017-10-21 17:58 - 000000000 ____D C:\Users\Petr\AppData\Roaming\JAM Software
2018-02-11 09:44 - 2016-10-15 10:41 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2018-02-11 09:44 - 2016-07-07 12:13 - 000000000 ____D C:\ProgramData\Wondershare
2018-02-11 09:43 - 2016-10-15 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-02-11 09:43 - 2016-10-15 10:41 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-02-10 11:01 - 2017-01-18 17:05 - 000001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2018-02-10 11:01 - 2017-01-18 17:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-06 16:45 - 2017-05-04 17:48 - 000555896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2018-02-06 16:45 - 2017-05-04 17:48 - 000044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2018-02-06 16:45 - 2017-05-04 17:48 - 000041848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2018-02-06 16:44 - 2017-05-04 17:48 - 000469880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000479608 _____ C:\WINDOWS\system32\dgtrayicon.exe
2018-02-06 16:35 - 2017-05-04 17:48 - 000458104 _____ C:\WINDOWS\system32\GameManager64.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000365944 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000351608 _____ C:\WINDOWS\system32\clinfo.exe
2018-02-06 16:35 - 2017-05-04 17:48 - 000179576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000158584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000150392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000135032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2018-02-06 16:34 - 2017-05-04 17:48 - 000205688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2018-02-06 16:34 - 2017-05-04 17:48 - 000157048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2018-02-06 16:34 - 2017-05-04 17:48 - 000132984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2018-02-06 16:34 - 2017-05-04 17:48 - 000124280 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2018-02-06 16:33 - 2017-05-04 17:48 - 000232824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2018-02-06 16:29 - 2017-05-04 17:48 - 000708984 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2018-02-06 16:29 - 2017-05-04 17:48 - 000414072 _____ C:\WINDOWS\system32\atieah64.exe
2018-02-06 16:29 - 2017-05-04 17:48 - 000334200 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2018-02-06 16:28 - 2017-05-04 17:48 - 000154104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2018-02-06 16:28 - 2017-05-04 17:48 - 000145352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2018-02-06 16:28 - 2017-05-04 17:48 - 000119160 _____ C:\WINDOWS\system32\atidxx64.dll
2018-02-06 16:28 - 2017-05-04 17:48 - 000102776 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2018-02-06 16:27 - 2017-05-04 17:48 - 001471352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2018-02-06 16:27 - 2017-05-04 17:48 - 001064312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2018-02-06 16:27 - 2017-05-04 17:48 - 000068984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2018-02-06 16:26 - 2017-05-04 17:48 - 016043384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2018-02-06 16:26 - 2017-05-04 17:48 - 013615984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2018-02-06 16:26 - 2017-05-04 17:48 - 000113528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2018-02-06 16:26 - 2017-05-04 17:48 - 000098680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2018-02-06 16:20 - 2017-05-04 17:48 - 000874872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2018-02-06 16:20 - 2017-05-04 17:48 - 000702840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2018-02-06 16:20 - 2017-05-04 17:48 - 000552304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2018-02-06 16:20 - 2017-05-04 17:48 - 000382320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2018-02-06 16:10 - 2017-05-04 17:48 - 000445304 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2018-02-06 16:10 - 2017-05-04 17:48 - 000360824 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2018-02-06 15:58 - 2017-05-04 17:48 - 000121360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2018-02-06 15:58 - 2017-05-04 17:48 - 000121360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2018-02-06 15:58 - 2017-05-04 17:48 - 000102000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2018-02-06 15:58 - 2017-05-04 17:48 - 000102000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2018-02-06 15:57 - 2017-05-04 17:48 - 000547776 _____ C:\WINDOWS\system32\amdmiracast.dll
2018-02-06 15:57 - 2017-05-04 17:48 - 000185752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2018-02-06 15:57 - 2017-05-04 17:48 - 000163888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2018-02-06 15:52 - 2017-05-04 17:48 - 000130640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2018-02-06 15:52 - 2017-05-04 17:48 - 000115552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2018-02-06 15:12 - 2017-05-04 17:48 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2018-02-06 15:12 - 2017-05-04 17:48 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2018-02-06 15:12 - 2017-05-04 17:48 - 000858720 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2018-02-06 15:12 - 2017-05-04 17:48 - 000858720 _____ C:\WINDOWS\system32\atiapfxx.blb
2018-02-06 15:12 - 2017-05-04 17:48 - 000000700 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2018-02-06 15:12 - 2017-05-04 17:48 - 000000700 _____ C:\WINDOWS\system32\amd-vulkan64.json
2018-01-28 14:44 - 2014-10-06 17:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-01-25 00:33 - 2017-08-07 17:30 - 000000000 ____D C:\Users\Petr
2018-01-22 12:11 - 2017-01-02 20:55 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Telegram Desktop
2018-01-22 09:15 - 2016-04-24 11:58 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ESET
2018-01-21 18:21 - 2017-04-28 09:45 - 000000000 ___RD C:\Users\Petr\Documents\Scanned Documents
2018-01-21 13:52 - 2016-09-12 10:24 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-19 19:58 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-19 18:11 - 2014-10-31 18:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-16 14:15 - 2018-01-08 12:06 - 000001730 _____ C:\WINDOWS\Sandboxie.ini

==================== Files in the root of some directories =======

2014-11-03 15:01 - 2014-11-03 15:06 - 000000127 _____ () C:\Users\Petr\AppData\Roaming\Camdata.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000000408 _____ () C:\Users\Petr\AppData\Roaming\CamLayout.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000000408 _____ () C:\Users\Petr\AppData\Roaming\CamShapes.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000004547 _____ () C:\Users\Petr\AppData\Roaming\CamStudio.cfg
2016-11-01 09:57 - 2016-11-01 09:57 - 005285376 _____ () C:\Users\Petr\AppData\Roaming\chromedriver221.exe
2016-11-01 09:57 - 2016-11-01 09:57 - 000034476 _____ () C:\Users\Petr\AppData\Roaming\disable_webrtc-1.0.6.xpi
2017-03-21 18:17 - 2017-03-21 18:19 - 000000693 _____ () C:\Users\Petr\AppData\Roaming\droid4xinstaller.log
2018-02-04 15:54 - 2018-02-04 15:54 - 000000463 _____ () C:\Users\Petr\AppData\Roaming\MPQEditor.ini
2016-11-01 09:57 - 2016-11-01 09:57 - 018587648 _____ (PhantomJS) C:\Users\Petr\AppData\Roaming\PhantomJSv211.exe
2014-12-22 21:04 - 2014-12-22 21:04 - 000000044 _____ () C:\Users\Petr\AppData\Roaming\twow_sysprepdt.dat
2014-11-03 15:00 - 2014-11-03 15:01 - 000000096 _____ () C:\Users\Petr\AppData\Roaming\version2.xml
2016-11-01 09:57 - 2016-11-01 09:57 - 000701954 _____ () C:\Users\Petr\AppData\Roaming\WebDriver.FirefoxExt2530.zip
2014-10-27 17:54 - 2014-10-27 17:54 - 000000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2018-01-08 12:07 - 2018-01-08 12:07 - 000000046 _____ () C:\Users\Petr\AppData\Roaming\~SiMPLEX.ini
2015-12-15 21:12 - 2015-12-15 21:12 - 000003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-31 20:25 - 2015-02-07 22:12 - 002128896 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2017-11-10 22:21 - 2017-11-10 22:21 - 000000969 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2014-10-06 17:55 - 2015-02-14 11:05 - 000007603 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-03 17:42

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by Petr (12-02-2018 21:39:54)
Running from E:\Hlavní složky\Plocha
Windows 10 Pro Version 1703 15063.850 (X64) (2017-08-07 16:37:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1292206800-3816184836-4294836885-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1292206800-3816184836-4294836885-503 - Limited - Disabled)
Guest (S-1-5-21-1292206800-3816184836-4294836885-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1292206800-3816184836-4294836885-1003 - Limited - Enabled)
Petr (S-1-5-21-1292206800-3816184836-4294836885-1001 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe (HKLM\...\{855256E6-1D5C-4F27-9A7B-A158B19E514D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.2.1 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{D47EDA73-1251-4020-93E5-A7AF8B7D3FB5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atom (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\atom) (Version: 1.22.0 - GitHub Inc.)
AVS Audio Converter version 6.1 (HKLM-x32\...\AVS Audio Converter 6.1_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 9.0 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.0.1.566 - Online Media Technologies Ltd.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Microsoft USBDevice (02/19/2016 1.0.0.0) (HKLM\...\01D4AA89568B59E5941907D403E3B682EE413AB7) (Version: 02/19/2016 1.0.0.0 - Microsoft)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: - Piriform Ltd.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike 1.6 v43g (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Counter-Strike 1.6_is1) (Version: - Valve)
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Disk Space Fan 4 4.5.4.152 (HKLM-x32\...\Disk Space Fan 4_is1) (Version: - Disk Space Fan Team)
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.2.0.1 - pXc-coding.com)
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
EGL (HKLM-x32\...\EGL) (Version: - Paul Jackson)
Elevated Installer (HKLM-x32\...\{519CFDE8-7A41-4A5F-8A13-D3897EDAC23E}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 11.0.159.0 - ESET, spol. s r.o.)
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version: - Eurobattle.net)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FFU Loader Driver 1.0.0 (HKLM-x32\...\{7209d085-ed88-4a08-beb2-c49db2b9e838}) (Version: 1.0.0 - Microsoft)
FFU Loader Driver 1.0.0 (HKLM-x32\...\{CA839C49-B3D1-4EA6-BB8A-21937B808771}) (Version: 1.0.0 - Microsoft) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Garmin Express (HKLM-x32\...\{42E1A1AC-597A-4A11-B4B4-F47D5611A68B}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{BBD32E06-A24C-45F0-818E-6F51BF68D0BE}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
GitHub Desktop (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\GitHubDesktop) (Version: 1.0.8 - GitHub, Inc.)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.11.1156 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.17.5274 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Gramblr (HKLM\...\Gramblr) (Version: 2.9.116 - Gramblr Team)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
iFunbox (v3.0.3939.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3939.1352 - iFunbox DevTeam)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
JPEXS Free Flash Decompiler (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 10.0.0 - JPEXS)
K-Lite Mega Codec Pack 11.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
LG AirDrive (HKLM-x32\...\{101E5DB3-07FA-4E52-8923-05068C94CF43}) (Version: 1.2.60617.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.40 - LG Electronics)
LG Mobile Drivers (HKLM-x32\...\{C3C008A7-D4A5-4E19-B0D6-72043D6EFE34}) (Version: 4.2.0 - LG Electronics)
LOOT version 0.12.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.12.1 - LOOT Team)
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Media Feature Pack for Windows 10 N and KN (HKLM-x32\...\{ef11e192-acd9-485d-8860-ee2102cc2a69}) (Version: 1.0.0 - Microsoft) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Neighbours From Hell Compilation (HKLM-x32\...\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt) Hidden
Neighbours From Hell Compilation (HKLM-x32\...\InstallShield_{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt)
NetLimiter 4 (HKLM\...\{B07F35DF-26BB-4009-8B49-B97AFB77B632}) (Version: 4.0.19.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.19.0) (Version: 4.0.19.0 - Locktime Software)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nukleární Karel (HKLM-x32\...\{45E67696-E9E3-456F-B2BB-710904002E32}) (Version: 1.0.1 - Albisoft)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.7.0.1280 - GOG.com)
Pillars of Eternity: The White March - Part 1 (HKLM-x32\...\1439895308_is1) (Version: 3.7.0.1280 - GOG.com)
Pillars of Eternity: The White March - Part 2 (HKLM-x32\...\1439897569_is1) (Version: 3.7.0.1280 - GOG.com)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Překlad Pillars of Eternity verze 3.07 (HKLM-x32\...\{0FB1CAE7-E632-4A88-98D7-4BBAE6069783}_is1) (Version: 3.07 - Překlady her)
Python 3.6.3 (32-bit) (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\{1bb10b8c-6e63-4897-9fb2-3873ce30d7e1}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 Add to Path (32-bit) (HKLM-x32\...\{04AE65E4-FC7A-43A7-AC1E-E3E019EF07F5}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Core Interpreter (32-bit) (HKLM-x32\...\{52D39C34-E5F5-41AE-88CD-5DE66C9150B4}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (32-bit) (HKLM-x32\...\{F7D9BDE7-2C35-4F7E-AEBE-9F3028451087}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (32-bit) (HKLM-x32\...\{20EB04A7-B5EF-485E-9440-F36214C5501D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (32-bit) (HKLM-x32\...\{CA16E2AA-4499-4FE5-A88C-174612920734}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (32-bit) (HKLM-x32\...\{DA64A828-F7A9-4A19-97BD-3A9A63CEB972}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (32-bit) (HKLM-x32\...\{14843392-E9B3-4031-BCF6-FC00D5791AA8}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{AE89BB1E-1C06-4556-AA05-A6628DE07BA9}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (32-bit) (HKLM-x32\...\{63208505-67AD-4AAC-BD7B-00DE5B83BAF0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (32-bit) (HKLM-x32\...\{6CF91DC2-CED3-410B-88BB-E048C994AA1A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation)
PythonScript plugin for Notepad++ (HKLM-x32\...\{236CEDB4-1B77-4751-A6C9-92EB4200AA3C}) (Version: 1.0.8.0 - Dave Brotherstone)
Quake II - Quad Damage (HKLM-x32\...\1441704824_is1) (Version: 2.0.0.3 - GOG.com)
QuickSFV (HKLM\...\{89B56CFC-0270-4ACF-8BF1-048251FD9E08}) (Version: 3.0.0 - Totally Useful Software, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCI Fast Ethernet Controller Driver (HKLM-x32\...\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}) (Version: 6.112.123.2014 - Realtek)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Rollcage (HKLM-x32\...\{B3C13C56-4BF2-4F10-AE39-1E8C2A688CF3}) (Version: 1.3.8 - Psygnosis)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Sandboxie 5.22 (64-bit) (HKLM\...\Sandboxie) (Version: 5.22 - Sandboxie Holdings, LLC)
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s finální databází 178)_is1) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
South Park - The Stick of Truth verzia 1.0.1380/83 (HKLM-x32\...\South Park - The Stick of Truth_is1) (Version: 1.0.1380/83 - CzTorrent.net)
Spotify (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB)
Sqlectron 1.27.0 (only current user) (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\e54a0a1e-7a73-5189-8b41-9f46acb2c179) (Version: 1.27.0 - The Sqlectron Team)
SSDlife for Ultrabook (HKLM-x32\...\{1A2945BD-0D9F-45D0-836C-75ADD1330369}) (Version: 2.5.82 - BinarySense Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 1.2.6 (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.2.6 - Telegram Messenger LLP)
The Elder Scrolls V Skyrim, âĺđńč˙ 2.0 (HKLM-x32\...\The Elder Scrolls V Skyrim_is1) (Version: 2.0 - Bethesda Softworks)
The Chronicles of Riddick: Escape From Butcher Bay (HKLM-x32\...\{A8DE8C34-7F51-4cc8-B326-C425793EE741}) (Version: 1.0 - hxxp://www.vugames-europe.com)
The.Elder.Scrolls.V.Skyrim.Special.Edition-KaOs Uninstaller v3.0 (HKLM-x32\...\The.Elder.Scrolls.V.Skyrim.Special.Edition-KaOs_is1) (Version: 3.0 - KaOsKrew)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com)
Update for Skype for Business 2015 (KB4011638) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8B0F5A1C-5EFC-423D-91C5-EAB7F8CEC9E7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011638) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8B0F5A1C-5EFC-423D-91C5-EAB7F8CEC9E7}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011638) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8B0F5A1C-5EFC-423D-91C5-EAB7F8CEC9E7}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9C4F3AF4-21D8-43BD-A69C-517BB96012CF}) (Version: 2.12.0.0 - Microsoft Corporation)
UxStyle (HKLM\...\{28A17CCB-77BB-49C9-847B-60E076DC43D1}) (Version: 0.2.4.2 - The Within Network, LLC) Hidden
UxStyle (HKLM-x32\...\{6bf90d91-c5db-454e-a7b4-81bc6cbbe13f}) (Version: 0.2.4.2 - The Within Network, LLC)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vietcong & Vietcong: Fist Alpha (HKLM-x32\...\{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}) (Version: 1.06 - )
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-2) (Version: 1.0.54.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WhoCrashed 5.54 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.00 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Device Recovery Tool 3.13.36001 (HKLM-x32\...\{934451b9-4a13-4ed7-a34f-a800505b5f89}) (Version: 3.13.36001 - Microsoft)
Windows IP Over USB (HKLM-x32\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
Wondershare Video Converter Ultimate(Build 10.2.1.158) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.2.1.158 - Wondershare Software)
Worms W.M.D. (HKLM-x32\...\1448620034_is1) (Version: 2.0.0.2 - GOG.com)
Worms World Party Remastered (HKLM-x32\...\1433238834_is1) (Version: 2.1.0.2 - GOG.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-11-27] ()
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers1: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} => -> No File
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2013-05-27] (Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-01-31] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01ADB9A2-C2F9-4B05-9E8E-8269E96FF3AD} - System32\Tasks\{04266EFC-5BB2-479D-A1BC-2D70E926B677} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {0A9F75E0-9F65-4E6A-B406-C4B7248611C7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-01-31] (Advanced Micro Devices, Inc.)
Task: {17F9B78C-C1D2-4CB1-B644-76E3F20243A5} - System32\Tasks\{0A03B37D-8A84-4E7C-A29C-700FD16EDFE3} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.59.104/cs/go/help.faq.installer?LastError=1603
Task: {1BB38BF2-E722-43F3-A045-A7FBDC0BC061} - System32\Tasks\AdobeAAMUpdater-1.0-i5-Petr-Petr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {1F984240-E57A-49A6-8D03-F256C2A8E641} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-01-31] (Advanced Micro Devices, Inc.)
Task: {2FF553AF-4050-46E1-A777-1855C7496480} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-28] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D2E9247-D308-46A7-A4CA-8FED7750A8EF} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {401A3F48-D37F-4966-B3B9-3F632B467ADE} - System32\Tasks\AdobeGCInvoker-1.0-i5-Petr-Petr => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {4394C1DE-148C-4652-8982-1ECC2207A870} - System32\Tasks\{03223E83-9B1D-41C7-B6A8-551C0B195C5D} => C:\WINDOWS\system32\pcalua.exe -a "C:\hry\Warcraft III orig\FT_CDKey_Changer\FTKey.exe" -d "C:\hry\Warcraft III orig\FT_CDKey_Changer"
Task: {4467FA47-CB84-4823-8CA0-EC50DDC5BBF6} - System32\Tasks\{DBAEFEB3-6ABB-49D6-A18C-201301AC427E} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {4491EA1E-3C63-448D-B7F9-D420282DFFFA} - System32\Tasks\{A17716E6-3791-4337-886D-73BC3D44C12A} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {54D7D9D8-E9CB-44E7-B27D-C07D8F794D3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {55039598-0995-44F4-8870-29D4A12383B9} - System32\Tasks\{F243475E-1CC9-4A04-BAEF-3015EEF02FAD} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/abandoninstall?source=lightinstaller&page=tsMain
Task: {67AC2B4A-E641-4BA0-A6B3-2D1485C21068} - System32\Tasks\server => E:\AppData\Local\TempSystem.exe
Task: {6BAA073E-D04C-4F40-80E8-BFAF8D9EA896} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {809456E4-9AB6-416A-8211-09B065FB7B6A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {A9063117-C94D-4CC3-AE22-A22C2EE004C2} - System32\Tasks\{121A26B9-85DE-4D45-80BB-3E6DA6A20FFB} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {B2A957E3-C513-44FD-A0DA-50A207E4C888} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {BC46826A-F1D8-47D9-87A1-03ABC819C506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C278FD66-3BC4-4D2A-A981-231A30BE9DFD} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1292206800-3816184836-4294836885-1001 => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {C34EBC67-1A27-4EF7-9BCE-D13063FEA3A5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {CF9A773A-DEBE-4E61-AF98-1F63F495138A} - System32\Tasks\{C7B6F82C-45E4-40A7-8483-2D75F8222C5D} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {D341D636-9465-40EB-A6BC-510297575EB0} - System32\Tasks\{32FA096E-4D15-4567-8A70-B047A49211B1} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {EDF660F4-2DB7-4A4C-B710-4022600187DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com

Log Addition.txt nie je cely. Ak sa nevyjde do 1 prispevku, rozdel ho na viac prispevkov alebo ho zabal do RAR/ZIP archivu a posli ako prilohu.

Máš pravdu, omlouvám se... měl jsem za to, že jsem to sem poslal celé.


==================== Loaded Modules (Whitelisted) ==============

2017-07-13 19:50 - 2017-07-13 19:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 19:50 - 2017-07-13 19:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-28 09:59 - 2018-02-11 17:56 - 011883088 _____ () C:\Program Files\Gramblr\gramblr.exe
2014-08-31 16:34 - 2014-08-31 16:34 - 000329728 _____ () C:\Windows\nv\taskmon.exe
2017-05-24 14:22 - 2016-10-06 06:40 - 005762048 ____N () E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-02-23 07:29 - 2017-02-23 07:29 - 008909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-07-12 13:22 - 2017-07-12 13:22 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-07-12 13:22 - 2017-07-12 13:22 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 009315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 000011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 001102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2017-03-18 21:59 - 2017-03-20 05:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-04-03 15:48 - 2014-04-03 15:48 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-02-11 13:58 - 2017-11-14 13:42 - 002103296 _____ () D:\Hry\Pillars of Eternity\PillarsOfEternity_Data\Mono\mono.dll
2018-02-11 13:58 - 2017-11-14 13:42 - 000188416 _____ () D:\Hry\Pillars of Eternity\PillarsOfEternity_Data\Plugins\GalaxyCSharpGlue.dll
2018-02-11 13:44 - 2017-11-14 13:42 - 003824640 _____ () D:\Hry\Pillars of Eternity\Galaxy.dll
2018-02-11 13:58 - 2017-11-14 13:42 - 000610304 _____ () D:\Hry\Pillars of Eternity\PillarsOfEternity_Data\Plugins\ShroudUnityPlugin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-06-28 06:59 - 2017-06-28 06:59 - 000163840 _____ () E:\Program Files (x86)\GRETECH\GomPlayer\CrashDumpCollector.dll
2017-03-22 18:10 - 2014-07-17 19:31 - 003502080 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\ffdshow\ffdshow.ax
2018-02-11 09:43 - 2017-10-20 10:18 - 000675840 _____ () C:\Program Files (x86)\Wondershare\Video Converter Ultimate\ac3filter.ax

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\sharepoint.com -> hxxps://gsosfm.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-02-11 19:22 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Control Panel\Desktop\\Wallpaper -> D:\Download\20 Ultra HD 4K Computer Desktop Wallpaper - 1505 [ECLiPSE]\11.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "TNOD UP"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "NSU_agent"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "TEMP.bat"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "RCRN_Autoupdater.exe.lnk"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "iFunBox"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "EZBlocker"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "ipts"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "MySQL Notifier"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "GameplayTimeTracker"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "SandboxieControl"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CBC7E7EB-3509-4890-9DDF-7F70EC345F6C}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [TCP Query User{68D06E85-E602-40A4-B993-985B1C5F120E}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [{3F23F9AC-0F42-43BD-B94D-C45575B5D9DA}] => (Allow) LPort=3724
FirewallRules: [UDP Query User{68ADFFC2-AC85-47A0-8D98-10E1E66F77FE}C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [TCP Query User{F2623591-9D85-49EB-9F14-076474F00FFD}C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{3FCA6C22-D9C2-4414-911F-87A6B988C71F}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{C1071EE0-0A9A-4B5C-8ED5-EB9886ACDB80}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{F25ADB49-2A76-406C-ADEA-1F3437344A9D}] => (Allow) LPort=3724
FirewallRules: [{9AF90577-C6AB-4D0F-85EB-276FB110874B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{61A572F4-2880-4EAB-ADBB-F096D8AB36E3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6C78B67C-F664-48FD-9318-BD6B1F1581BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9FE0CDAA-E919-4762-8303-FB1994C5EDB4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FB627617-5F8F-480D-83E3-2716147F87EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E09F384D-EE11-4A1D-B144-E37C73B3FD75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{222467F2-AE6B-4FD7-B356-9BC492F02CFF}] => (Allow) D:\Hry\Rise of Nations\thrones.exe
FirewallRules: [{5E30F0D8-7EF3-437C-9B72-6BAB0AC68212}] => (Allow) D:\Hry\Rise of Nations\thrones.exe
FirewallRules: [{015A57E1-2881-4363-BA0D-104CEEF360EA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D7037850-E6E3-4197-9FC2-E6FEF46756D7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{269F0105-6F5A-42A0-83E6-749DEEA64C08}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{C28DEB94-20A7-4A29-BD89-CBB1B96286F0}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{492E3001-B943-403C-AAA6-0EDA0053C8B2}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{617ECBF0-F527-41A0-B7CD-0D5EA9E20C20}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{85AEDF36-43DD-4AA8-8E65-4F14B118B655}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{010100C6-D96A-47BD-8FD9-E40D8607CC1E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{590740B2-F00D-4EAB-B14C-4BAB064EA3BA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9548F665-38DD-4F34-93D2-E200C5B97B43}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ADDBB436-0544-4D60-934F-32BB5535698C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{424AF7CC-89D9-4D20-9DCD-AD3ACE572DF9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{137FE5F1-62C5-4206-AC3C-526B891BCE4A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{12B3A4CD-42EB-41E6-8507-86452E0295DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{38027914-D2C9-4739-88BA-D48711471A52}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{00EED4C4-C503-4C70-8706-7F7D7544771E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{68F83E09-3150-40EE-AE16-383BAD79EE44}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5AC01BA2-068A-4E04-976C-9F607513FB94}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6A2405AD-956F-4622-9EE8-076EE702D41B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{6E707F6C-4047-4336-9DF2-4C354B4C5B76}C:\program files (x86)\eurobattle.net\gproxy.exe] => (Allow) C:\program files (x86)\eurobattle.net\gproxy.exe
FirewallRules: [UDP Query User{1DA7168E-4C26-4703-BF92-6E00DA831E51}C:\program files (x86)\eurobattle.net\gproxy.exe] => (Allow) C:\program files (x86)\eurobattle.net\gproxy.exe
FirewallRules: [TCP Query User{BA142414-D950-421A-8625-A2B0E16791BD}D:\hry\worms world party remastered\w2.exe] => (Allow) D:\hry\worms world party remastered\w2.exe
FirewallRules: [UDP Query User{04950070-295A-43CD-9D39-6AE251D9BB98}D:\hry\worms world party remastered\w2.exe] => (Allow) D:\hry\worms world party remastered\w2.exe
FirewallRules: [0001840b-9203-e739-cfaa-332240c95437] => (Block) E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
FirewallRules: [fedc840b-9203-e739-cfaa-332240c95437] => (Block) E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
FirewallRules: [{4B851FC4-D852-4FAE-B33D-11D4A926A94F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E93B2412-18BD-49FC-9D2E-14387C1DD756}] => (Allow) LPort=3306
FirewallRules: [{FDB79E3D-6594-4964-A7BE-2EC38CEF5BF6}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{B614AA24-5F89-444C-A103-AEFD66EC9DCA}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [UDP Query User{B3D89AF6-DD26-46AC-A87A-55DFE5A9D8BE}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [{C0F2F49E-9C73-4A7B-883E-BA3EA72D2892}] => (Allow) LPort=9143
FirewallRules: [{8AB1E59A-E433-4E7B-8B3B-8392E9E3E2CC}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{73BC0875-8A69-4347-A903-9BA6FAC19C7D}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{91DE944A-DAC9-4C2A-8E0E-E7E5CBF5F73B}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{14767C03-1A14-4415-AACC-A197AF37D892}C:\singlecore_ac\server\database\bin\mysqld.exe] => (Allow) C:\singlecore_ac\server\database\bin\mysqld.exe
FirewallRules: [UDP Query User{CE9AAFFF-F2B6-4F97-9FA1-C2DD9B699215}C:\singlecore_ac\server\database\bin\mysqld.exe] => (Allow) C:\singlecore_ac\server\database\bin\mysqld.exe
FirewallRules: [TCP Query User{7213A33C-F113-4FE8-B043-F2B7A6D74E01}C:\singlecore_ac\server\bin64\spp-world.exe] => (Allow) C:\singlecore_ac\server\bin64\spp-world.exe
FirewallRules: [UDP Query User{94F13BF6-C527-4C06-9728-EC7C0360AED6}C:\singlecore_ac\server\bin64\spp-world.exe] => (Allow) C:\singlecore_ac\server\bin64\spp-world.exe
FirewallRules: [TCP Query User{BA9688A7-84FB-4AE7-A476-3644CF766DA3}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{D3156300-BB23-4204-89E4-23E282B9F03E}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [{7A748556-60A9-459D-B0C5-D80C2C454A74}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{D7A03AF7-04F1-4D0D-BC2A-F948A32BE974}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [TCP Query User{AB1F0C35-C32F-402F-AA34-DFA072571C91}C:\quake iii arena\quake3\quake3.exe] => (Block) C:\quake iii arena\quake3\quake3.exe
FirewallRules: [UDP Query User{CA9EA357-EF1B-46B9-9344-3464DE741452}C:\quake iii arena\quake3\quake3.exe] => (Block) C:\quake iii arena\quake3\quake3.exe
FirewallRules: [{92AF632B-D4CA-47D7-B66D-0DBA3E2CEC8D}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{E4FAA44A-04F3-44B5-A8D7-04882CCE67EB}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B5A49D77-9985-4904-A518-05674FBBB185}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{38A5E753-54AF-4598-9061-A6C31A6C94C5}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{B2CED895-D74D-416E-A12A-646AF4FCE8A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{40807DDA-4193-4AEA-95D1-92E59FBBF1F7}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe
FirewallRules: [UDP Query User{59DDF848-E3DD-49C7-AF68-3FDD76BF4B8A}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe
FirewallRules: [TCP Query User{C0A183FC-521D-45B9-888A-0E999D9AF17F}E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe] => (Allow) E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe
FirewallRules: [UDP Query User{8FBB4EDA-B12D-4233-9473-36959FCC96E8}E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe] => (Allow) E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe
FirewallRules: [TCP Query User{48445B14-94D0-47DB-8DAC-4E8DFDD53FA0}D:\download\warcraft iii\war3.exe] => (Allow) D:\download\warcraft iii\war3.exe
FirewallRules: [UDP Query User{3C637FA2-FF2C-4DC5-9C14-C8DE73722B49}D:\download\warcraft iii\war3.exe] => (Allow) D:\download\warcraft iii\war3.exe
FirewallRules: [{4007D426-00F9-41CA-8777-ACF7C7BE2DE2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C91BBDBC-0D84-44D2-BABE-D444DBAAE38E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{25AC6350-E77B-4606-B19E-9A6A4F648D38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{71A47090-FEF6-4B29-A13D-0F5330F9B3CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

12-02-2018 15:51:55 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/12/2018 09:39:52 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2018 09:38:52 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2018 09:37:52 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2018 09:36:52 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2018 09:35:52 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2018 09:34:52 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2018 09:33:52 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (02/12/2018 09:32:52 PM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.


System errors:
=============
Error: (02/12/2018 09:39:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/12/2018 09:39:52 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (02/12/2018 09:38:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/12/2018 09:38:52 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (02/12/2018 09:37:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/12/2018 09:37:52 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (02/12/2018 09:36:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/12/2018 09:36:52 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.


CodeIntegrity:
===================================

Date: 2018-02-12 21:36:46.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-12 21:36:46.922
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-12 21:36:42.094
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-12 21:36:42.093
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-12 21:36:41.289
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-12 21:36:41.288
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-12 21:36:40.299
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-02-12 21:36:40.298
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4570S CPU @ 2.90GHz
Percentage of memory in use: 31%
Total physical RAM: 16312.07 MB
Available physical RAM: 11244.99 MB
Total Virtual: 18360.07 MB
Available Virtual: 11807 MB

==================== Drives ================================

Drive c: (Systém) (Fixed) (Total:99.43 GB) (Free:36.54 GB) NTFS
Drive d: (Data) (Fixed) (Total:732.42 GB) (Free:222.19 GB) NTFS
Drive e: (Programy) (Fixed) (Total:199.09 GB) (Free:35.44 GB) NTFS

\\?\Volume{0cc8d3b3-4d77-11e4-8250-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{e5572f99-0000-0000-0000-b0f118000000}\ () (Fixed) (Total:0.83 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E5572F99)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=854 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  VirusTotal: C:\Program Files\Gramblr\gramblr.exe
  VirusTotal: C:\Windows\nv\taskmon.exe
  VirusTotal: E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe
  File: C:\Program Files\Gramblr\gramblr.exe
  File: C:\Windows\nv\taskmon.exe
  File: E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe
  File: C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe
  File: C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe
  File: C:\Users\Petr\AppData\Roaming\chromedriver221.exe
  Folder: C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
  Folder: C:\Program Files\Sandboxie
  
  CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
  S2 SbieSvc; "C:\Program Files\Sandboxie\SbieSvc.exe" [X]
  S3 atillk64; \??\E:\AppData\Local\Temp\RarSFX0\atillk64.sys [X] <==== ATTENTION
  S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
  2018-01-19 18:11 - 2018-01-19 18:11 - 000000000 ____D C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
  
  ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
  ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  ContextMenuHandlers1: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} =>  -> No File
  ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> No File
  ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
  ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  ContextMenuHandlers4: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
  ContextMenuHandlers1_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  ContextMenuHandlers4_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  ContextMenuHandlers5_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  IE trusted site: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\sharepoint.com -> hxxps://gsosfm.sharepoint.com
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Ak sa Fixlog.txt nezmesti do 1 prispevku, zabal ho do archviu RAR alebo ZIP a posli ako prilohu.