VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosba o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=154933

Stránka 1 z 1

Prosba o kontrolu

Napsal: 03 říj 2018 09:22
od Joohny_loo5er
Ahoj. Chtěl bych vás požádat o kontrolu mého PC. Mám důvodné podezření, že tam něco je. Projel jsem to čím se dalo. Našel jsem nějaký závadný vbs script c:/intell/root/russian.vbs. Níže logy ze scanu:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by Joohny (administrator) on JOOHNY-PC (03-10-2018 10:18:25)
Running from C:\Users\Joohny\Desktop
Loaded Profiles: Joohny (Available Profiles: Joohny & Kristýnka & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\jmesoft\Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Lenovo) C:\Users\Joohny\AppData\Local\Apps\2.0\M506JN2P.VET\YBQX9N7G.MNQ\lsb...tion_2d7b41b05b24775e_0001.0006_6c5982beb50abfca\LSB.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [jmekey] => C:\Windows\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-16] ()
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [98304 2017-10-27] (Apple Computer, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2018-05-30] (LogMeIn Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3207968 2018-09-08] (Valve Corporation)
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-10] (Piriform Ltd)
HKU\S-1-5-21-133748398-2835648025-190285218-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [36864 2018-04-12] (Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{8cb8d271-d59a-4cee-a1ce-427dc0a2f672}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9de24c5f-852c-4903-835a-6c573db0ce75}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ab7e46a6-3dbf-4e5a-b7ac-1d5d2bfc0ad5}: [DhcpNameServer] 77.236.192.130 77.236.192.150

Internet Explorer:
==================
HKU\S-1-5-21-133748398-2835648025-190285218-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
HKU\S-1-5-21-133748398-2835648025-190285218-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
HKU\S-1-5-21-133748398-2835648025-190285218-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-133748398-2835648025-190285218-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LEND
SearchScopes: HKU\S-1-5-21-133748398-2835648025-190285218-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-133748398-2835648025-190285218-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LEND
SearchScopes: HKU\S-1-5-21-133748398-2835648025-190285218-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-133748398-2835648025-190285218-1000 -> {9ED902C0-372F-4F07-8CC5-855D89C86772} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-12] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-12] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-133748398-2835648025-190285218-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF DefaultProfile: l3y69cz1.default
FF ProfilePath: C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default [2018-10-03]
FF user.js: detected! => C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\user.js [2015-08-21]
FF Extension: (Link To Hyperlink) - C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\Extensions\apps-16@tejji.com.xpi [2016-04-29] [Legacy]
FF Extension: (MEGA) - C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\Extensions\firefox@mega.co.nz.xpi [2017-10-05]
FF Extension: (Download Status Bar) - C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-09-27] [Legacy]
FF Extension: (WX Download Status Bar) - C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\Extensions\{a1c84bb7-d5fc-4906-90b4-965e520b29bf}.xpi [2018-05-07]
FF Extension: (Flash and Video Download) - C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-08-28]
FF Extension: (Adblock Plus) - C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-09-02]
FF Extension: (Firefox Monitor) - C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\features\{5435ddaf-7bd5-4ca3-be2c-42c62c9512e7}\fxmonitor@mozilla.org.xpi [2018-09-30]
FF Extension: (Telemetry coverage) - C:\Users\Joohny\AppData\Roaming\Mozilla\Firefox\Profiles\l3y69cz1.default\features\{5435ddaf-7bd5-4ca3-be2c-42c62c9512e7}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-30] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-07-30] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-07-30] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default [2018-10-02]
CHR Extension: (Prezentace Google) - C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-20]
CHR Extension: (Docs) - C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-20]
CHR Extension: (Disk Google) - C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-20]
CHR Extension: (YouTube) - C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-20]
CHR Extension: (Gmail) - C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\Joohny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-05-08] (BitRaider, LLC)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6677048 2015-06-17] (GOG.com)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3346856 2018-05-30] (LogMeIn Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-16] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2018-04-30] () [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2017-05-08] (BitRaider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-06-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-06-26] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2017-05-22] (LogMeIn Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlei.inf_amd64_8735c2124cd1e7cf\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-04-28] (EldoS Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-04-12] (Realtek Semiconductor Corporation )
S3 rusb3hub; C:\WINDOWS\system32\drivers\rusb3hub.sys [101376 2011-11-21] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\WINDOWS\system32\drivers\rusb3xhc.sys [217088 2011-11-21] (Renesas Electronics Corporation)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] ()
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] ()
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 zghsmdm; C:\WINDOWS\system32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (ZTE Incorporated)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 10:18 - 2018-10-03 10:19 - 000022589 _____ C:\Users\Joohny\Desktop\FRST.txt
2018-10-03 10:18 - 2018-10-03 10:18 - 000000000 ____D C:\FRST
2018-10-03 10:17 - 2018-10-03 10:17 - 002414080 _____ (Farbar) C:\Users\Joohny\Desktop\FRST64.exe
2018-10-03 09:43 - 2018-10-03 09:53 - 000000000 ____D C:\AdwCleaner
2018-10-03 09:38 - 2018-10-03 09:38 - 007592144 _____ (Malwarebytes) C:\Users\Joohny\Downloads\adwcleaner_7.2.4.0.exe
2018-10-03 09:37 - 2018-10-03 09:37 - 000000000 ____D C:\Users\Joohny\AppData\Local\mbamtray
2018-10-03 09:37 - 2018-10-03 09:37 - 000000000 ____D C:\Users\Joohny\AppData\Local\mbam
2018-10-03 08:30 - 2018-10-03 08:30 - 006980216 _____ (ESET spol. s r.o.) C:\Users\Joohny\Downloads\esetonlinescanner_csy.exe
2018-10-03 08:25 - 2018-10-03 08:25 - 080498888 _____ (Malwarebytes ) C:\Users\Joohny\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.463-1.0.7113.exe
2018-10-02 08:13 - 2018-10-02 08:13 - 000062491 _____ C:\Users\Kristýnka\Downloads\scan.pdf
2018-09-27 12:52 - 2018-10-02 11:44 - 000000000 ____D C:\Users\Joohny\Downloads\wsclient.20180927
2018-09-21 08:36 - 2018-09-21 08:36 - 000048546 _____ C:\Users\Kristýnka\Downloads\0053_180921071714_001.pdf
2018-09-19 20:38 - 2018-09-19 20:38 - 000000023 _____ C:\Users\Kristýnka\Desktop\p.txt
2018-09-16 18:47 - 2018-09-16 18:47 - 000000000 ____D C:\Users\Joohny\AppData\LocalLow\Suncrash
2018-09-16 18:46 - 2018-09-16 18:46 - 000000000 ____D C:\Users\Joohny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Judgment Apocalypse Survival Simulation
2018-09-16 15:30 - 2018-09-22 16:40 - 000003316 _____ C:\WINDOWS\System32\Tasks\Win Update
2018-09-16 15:30 - 2018-09-16 15:30 - 000000000 ____D C:\Users\Joohny\AppData\LocalLow\Ludeon Studios
2018-09-13 18:12 - 2018-09-13 18:12 - 000001270 _____ C:\Users\Joohny\Desktop\Northgard Svafnir Clan of the Snake.lnk
2018-09-13 18:12 - 2018-09-13 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Northgard Svafnir Clan of the Snake
2018-09-13 18:12 - 2018-09-13 18:12 - 000000000 ____D C:\Program Files (x86)\Northgard Svafnir Clan of the Snake
2018-09-13 17:54 - 2018-08-31 09:43 - 001524152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-09-13 17:54 - 2018-08-31 09:42 - 001636232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-09-13 17:54 - 2018-08-31 09:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-13 17:54 - 2018-08-31 09:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-09-13 17:54 - 2018-08-31 09:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-13 17:54 - 2018-08-31 09:22 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-13 17:54 - 2018-08-31 09:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-13 17:54 - 2018-08-31 08:55 - 001455960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-09-13 17:54 - 2018-08-31 08:53 - 001327504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-09-13 17:54 - 2018-08-31 08:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-13 17:54 - 2018-08-31 05:44 - 001222440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-09-13 17:54 - 2018-08-31 05:44 - 001030952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-09-13 17:54 - 2018-08-31 05:43 - 002719216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-13 17:54 - 2018-08-31 05:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-13 17:54 - 2018-08-31 05:42 - 009090016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-13 17:54 - 2018-08-31 05:42 - 007520064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-09-13 17:54 - 2018-08-31 05:42 - 007436192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-09-13 17:54 - 2018-08-31 05:42 - 002824672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-09-13 17:54 - 2018-08-31 05:42 - 002461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-13 17:54 - 2018-08-31 05:42 - 001767064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-13 17:54 - 2018-08-31 05:42 - 001458552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-13 17:54 - 2018-08-31 05:42 - 001258352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-13 17:54 - 2018-08-31 05:42 - 001142000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-13 17:54 - 2018-08-31 05:42 - 001097720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-09-13 17:54 - 2018-08-31 05:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-13 17:54 - 2018-08-31 05:28 - 006570040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-09-13 17:54 - 2018-08-31 05:28 - 006043680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-09-13 17:54 - 2018-08-31 05:28 - 001989496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-13 17:54 - 2018-08-31 05:28 - 001514352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-13 17:54 - 2018-08-31 05:28 - 001129728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-09-13 17:54 - 2018-08-31 05:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-13 17:54 - 2018-08-31 05:26 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-09-13 17:54 - 2018-08-31 05:21 - 022008320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-09-13 17:54 - 2018-08-31 05:20 - 022715904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-13 17:54 - 2018-08-31 05:18 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-09-13 17:54 - 2018-08-31 05:16 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-13 17:54 - 2018-08-31 05:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-09-13 17:54 - 2018-08-31 05:16 - 004382720 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-09-13 17:54 - 2018-08-31 05:15 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-09-13 17:54 - 2018-08-31 05:15 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-13 17:54 - 2018-08-31 05:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-13 17:54 - 2018-08-31 05:15 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-09-13 17:54 - 2018-08-31 05:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-13 17:54 - 2018-08-31 05:14 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-09-13 17:54 - 2018-08-31 05:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-13 17:54 - 2018-08-31 05:11 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-09-13 17:54 - 2018-08-31 05:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-13 17:54 - 2018-08-31 05:11 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-13 17:54 - 2018-08-31 05:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-13 17:54 - 2018-08-31 05:11 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-09-13 17:54 - 2018-08-31 05:10 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-09-13 17:54 - 2018-08-31 05:10 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-13 17:54 - 2018-08-31 05:10 - 001375744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-09-13 17:54 - 2018-08-31 05:10 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-09-13 17:54 - 2018-08-31 05:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-13 17:54 - 2018-08-31 05:07 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-13 17:54 - 2018-08-28 09:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-13 17:54 - 2018-08-28 08:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-13 17:54 - 2018-08-28 08:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-13 17:54 - 2018-08-09 11:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-13 17:54 - 2018-08-09 11:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-13 17:54 - 2018-08-09 11:16 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-09-13 17:54 - 2018-08-09 11:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-13 17:54 - 2018-08-09 11:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-13 17:54 - 2018-08-09 11:12 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-09-13 17:54 - 2018-08-09 11:11 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-09-13 17:54 - 2018-08-09 11:11 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-09-13 17:54 - 2018-08-09 11:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-13 17:54 - 2018-08-09 10:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-13 17:54 - 2018-08-09 10:23 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-09-13 17:54 - 2018-08-09 10:21 - 002894848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-09-13 17:54 - 2018-08-09 10:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-13 17:54 - 2018-08-09 07:02 - 001035144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-09-13 17:54 - 2018-08-09 07:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-13 17:54 - 2018-08-09 06:54 - 001019016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-09-13 17:54 - 2018-08-09 06:53 - 002765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-09-13 17:54 - 2018-08-09 06:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-13 17:54 - 2018-08-09 06:53 - 000932136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-09-13 17:54 - 2018-08-09 06:53 - 000482480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-09-13 17:54 - 2018-08-09 06:30 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-09-13 17:54 - 2018-08-09 06:29 - 002253584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-09-13 17:54 - 2018-08-09 06:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-13 17:54 - 2018-08-09 06:29 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-09-13 17:54 - 2018-08-09 06:28 - 003395072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-09-13 17:54 - 2018-08-09 06:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-13 17:54 - 2018-08-09 06:25 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-09-13 17:54 - 2018-08-09 06:25 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-09-13 17:54 - 2018-08-09 06:24 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-09-13 17:54 - 2018-08-09 06:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-13 17:54 - 2018-08-09 06:23 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-09-13 17:54 - 2018-08-09 06:23 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-09-13 17:54 - 2018-08-09 06:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-13 17:54 - 2018-08-09 06:22 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-13 17:54 - 2018-08-09 06:22 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-09-13 17:54 - 2018-08-09 06:21 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-09-13 17:54 - 2018-08-09 06:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-13 17:54 - 2018-08-09 06:11 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-09-13 17:54 - 2018-08-09 06:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-13 17:54 - 2018-08-09 06:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-13 17:54 - 2018-08-09 06:09 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-13 17:53 - 2018-08-31 09:46 - 000542504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-09-13 17:53 - 2018-08-31 09:45 - 000348328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-09-13 17:53 - 2018-08-31 09:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-13 17:53 - 2018-08-31 09:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-13 17:53 - 2018-08-31 09:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-13 17:53 - 2018-08-31 09:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-13 17:53 - 2018-08-31 09:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-13 17:53 - 2018-08-31 09:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-13 17:53 - 2018-08-31 09:24 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-09-13 17:53 - 2018-08-31 08:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-13 17:53 - 2018-08-31 08:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-13 17:53 - 2018-08-31 08:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-13 17:53 - 2018-08-31 08:37 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-13 17:53 - 2018-08-31 08:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-13 17:53 - 2018-08-31 08:37 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-09-13 17:53 - 2018-08-31 05:50 - 000273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-09-13 17:53 - 2018-08-31 05:50 - 000270648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-09-13 17:53 - 2018-08-31 05:44 - 001064744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-09-13 17:53 - 2018-08-31 05:44 - 000568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-09-13 17:53 - 2018-08-31 05:44 - 000136488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-09-13 17:53 - 2018-08-31 05:44 - 000076256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-09-13 17:53 - 2018-08-31 05:42 - 000983080 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-13 17:53 - 2018-08-31 05:42 - 000885928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-09-13 17:53 - 2018-08-31 05:42 - 000604640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-09-13 17:53 - 2018-08-31 05:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-13 17:53 - 2018-08-31 05:42 - 000494472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-09-13 17:53 - 2018-08-31 05:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-13 17:53 - 2018-08-31 05:28 - 000568568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-09-13 17:53 - 2018-08-31 05:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-13 17:53 - 2018-08-31 05:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-13 17:53 - 2018-08-31 05:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-13 17:53 - 2018-08-31 05:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-13 17:53 - 2018-08-31 05:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-13 17:53 - 2018-08-31 05:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-13 17:53 - 2018-08-31 05:14 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-09-13 17:53 - 2018-08-31 05:14 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-09-13 17:53 - 2018-08-31 05:13 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-09-13 17:53 - 2018-08-31 05:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-13 17:53 - 2018-08-31 05:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-13 17:53 - 2018-08-31 05:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-13 17:53 - 2018-08-31 05:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-13 17:53 - 2018-08-31 05:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-13 17:53 - 2018-08-31 05:10 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-09-13 17:53 - 2018-08-31 05:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-13 17:53 - 2018-08-31 05:10 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-09-13 17:53 - 2018-08-31 05:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-13 17:53 - 2018-08-31 05:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-13 17:53 - 2018-08-31 05:09 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-09-13 17:53 - 2018-08-31 05:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-13 17:53 - 2018-08-31 05:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-13 17:53 - 2018-08-31 05:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-13 17:53 - 2018-08-31 05:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-13 17:53 - 2018-08-31 03:57 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-09-13 17:53 - 2018-08-28 08:56 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-09-13 17:53 - 2018-08-28 08:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-13 17:53 - 2018-08-28 07:51 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-09-13 17:53 - 2018-08-14 04:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-13 17:53 - 2018-08-14 04:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-13 17:53 - 2018-08-09 11:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-13 17:53 - 2018-08-09 11:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-13 17:53 - 2018-08-09 11:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-13 17:53 - 2018-08-09 11:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-13 17:53 - 2018-08-09 11:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-13 17:53 - 2018-08-09 11:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-13 17:53 - 2018-08-09 11:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-13 17:53 - 2018-08-09 11:13 - 000521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-09-13 17:53 - 2018-08-09 11:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-13 17:53 - 2018-08-09 11:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-13 17:53 - 2018-08-09 11:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-13 17:53 - 2018-08-09 11:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-13 17:53 - 2018-08-09 11:11 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-09-13 17:53 - 2018-08-09 11:11 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-09-13 17:53 - 2018-08-09 11:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-13 17:53 - 2018-08-09 11:10 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-09-13 17:53 - 2018-08-09 11:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-13 17:53 - 2018-08-09 11:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-13 17:53 - 2018-08-09 11:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-13 17:53 - 2018-08-09 11:09 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-09-13 17:53 - 2018-08-09 10:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-13 17:53 - 2018-08-09 10:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-13 17:53 - 2018-08-09 10:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-13 17:53 - 2018-08-09 10:23 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-09-13 17:53 - 2018-08-09 10:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-13 17:53 - 2018-08-09 10:22 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-09-13 17:53 - 2018-08-09 10:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-13 17:53 - 2018-08-09 10:22 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-09-13 17:53 - 2018-08-09 10:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-13 17:53 - 2018-08-09 10:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-13 17:53 - 2018-08-09 10:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-13 17:53 - 2018-08-09 10:21 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-09-13 17:53 - 2018-08-09 10:20 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-09-13 17:53 - 2018-08-09 10:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-13 17:53 - 2018-08-09 10:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-13 17:53 - 2018-08-09 10:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-09-13 17:53 - 2018-08-09 06:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-13 17:53 - 2018-08-09 06:54 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-09-13 17:53 - 2018-08-09 06:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-13 17:53 - 2018-08-09 06:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-13 17:53 - 2018-08-09 06:54 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-09-13 17:53 - 2018-08-09 06:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-13 17:53 - 2018-08-09 06:53 - 000714792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-09-13 17:53 - 2018-08-09 06:53 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-09-13 17:53 - 2018-08-09 06:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-13 17:53 - 2018-08-09 06:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-13 17:53 - 2018-08-09 06:29 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-09-13 17:53 - 2018-08-09 06:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-13 17:53 - 2018-08-09 06:27 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-09-13 17:53 - 2018-08-09 06:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-13 17:53 - 2018-08-09 06:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-13 17:53 - 2018-08-09 06:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-13 17:53 - 2018-08-09 06:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-13 17:53 - 2018-08-09 06:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-13 17:53 - 2018-08-09 06:26 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-09-13 17:53 - 2018-08-09 06:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-13 17:53 - 2018-08-09 06:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-13 17:53 - 2018-08-09 06:26 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-09-13 17:53 - 2018-08-09 06:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-13 17:53 - 2018-08-09 06:25 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-09-13 17:53 - 2018-08-09 06:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-13 17:53 - 2018-08-09 06:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-13 17:53 - 2018-08-09 06:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-13 17:53 - 2018-08-09 06:24 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-09-13 17:53 - 2018-08-09 06:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-13 17:53 - 2018-08-09 06:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-13 17:53 - 2018-08-09 06:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-13 17:53 - 2018-08-09 06:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-13 17:53 - 2018-08-09 06:11 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-09-13 17:53 - 2018-08-09 06:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-13 17:53 - 2018-08-09 06:11 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-09-13 17:53 - 2018-08-09 06:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-13 17:53 - 2018-08-09 06:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-13 17:53 - 2018-08-09 06:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-13 17:53 - 2018-08-09 06:10 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-09-13 17:53 - 2018-08-09 06:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-13 17:53 - 2018-08-09 06:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-13 17:53 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-13 17:53 - 2018-08-09 05:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls
2018-09-09 07:40 - 2018-09-09 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Wonders III [GOG.com]
2018-09-07 18:54 - 2018-09-07 18:55 - 000000000 ____D C:\Users\Joohny\AppData\Local\calibre-cache
2018-09-07 18:49 - 2018-09-15 08:40 - 000000000 ____D C:\Users\Joohny\Knihovna Calibre
2018-09-07 18:49 - 2018-09-07 18:55 - 000000000 ____D C:\Users\Joohny\AppData\Roaming\calibre
2018-09-07 18:49 - 2018-09-07 18:49 - 000001029 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2018-09-07 18:49 - 2018-09-07 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2018-09-07 18:49 - 2018-09-07 18:49 - 000000000 ____D C:\Program Files (x86)\Calibre2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-03 10:16 - 2016-12-02 19:00 - 000000000 ____D C:\Users\Joohny\AppData\LocalLow\Mozilla
2018-10-03 10:15 - 2018-05-12 11:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-03 10:15 - 2016-06-28 17:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-03 10:15 - 2015-04-04 09:33 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-03 10:15 - 2015-04-04 09:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-03 10:01 - 2016-11-06 05:04 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-03 10:00 - 2015-05-19 20:21 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-03 10:00 - 2015-04-22 18:04 - 000000000 ___RD C:\Users\Joohny\iCloudDrive
2018-10-03 09:58 - 2018-05-12 12:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-03 09:58 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-03 09:57 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-10-03 09:52 - 2017-12-05 10:29 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2018-10-03 09:52 - 2017-08-17 19:48 - 000000000 ____D C:\Program Files\Samorost 3
2018-10-03 08:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-03 08:36 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-03 08:32 - 2018-05-12 11:44 - 001956088 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-03 08:32 - 2018-04-12 17:50 - 000808228 _____ C:\WINDOWS\system32\perfh005.dat
2018-10-03 08:32 - 2018-04-12 17:50 - 000186472 _____ C:\WINDOWS\system32\perfc005.dat
2018-10-03 08:32 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-03 08:30 - 2018-05-13 10:11 - 000000000 ____D C:\Users\Joohny\AppData\Local\D3DSCache
2018-10-03 08:20 - 2018-05-12 12:24 - 000000000 ____D C:\inetpub
2018-10-02 18:57 - 2016-08-22 23:53 - 000000000 ____D C:\Users\Joohny\Downloads\Movies
2018-10-02 17:55 - 2017-12-14 19:58 - 000000000 ____D C:\Users\Joohny\AppData\Local\Packages
2018-10-02 17:45 - 2015-04-05 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-10-02 17:41 - 2015-05-19 20:26 - 000000000 ____D C:\Users\Joohny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-02 17:34 - 2015-04-05 10:51 - 000000000 ____D C:\Users\Joohny\AppData\Roaming\DAEMON Tools Lite
2018-10-02 17:33 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-02 17:33 - 2016-01-15 18:21 - 000000000 ____D C:\Users\Joohny\AppData\Local\CrashDumps
2018-10-02 17:28 - 2015-07-24 18:40 - 000000000 ____D C:\Users\Joohny\AppData\Roaming\vlc
2018-10-01 08:44 - 2018-06-19 18:42 - 000000000 ____D C:\Users\Kristýnka\AppData\LocalLow\Mozilla
2018-09-26 21:05 - 2018-06-19 13:38 - 000000000 ____D C:\Users\Kristýnka\Desktop\fotky eshop - katalog
2018-09-24 09:34 - 2018-05-12 12:10 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-133748398-2835648025-190285218-1000
2018-09-24 09:34 - 2018-05-12 11:49 - 000002429 _____ C:\Users\Joohny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-24 09:34 - 2016-11-06 09:22 - 000000000 ___RD C:\Users\Joohny\OneDrive
2018-09-22 16:40 - 2017-10-26 16:13 - 000000000 ____D C:\Users\Joohny\Desktop\GAMES
2018-09-19 21:02 - 2018-07-26 10:17 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-09-19 21:01 - 2018-07-26 10:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-19 21:01 - 2018-06-19 18:41 - 000000000 ____D C:\Users\Kristýnka\AppData\Local\Packages
2018-09-19 19:37 - 2018-06-19 18:44 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-133748398-2835648025-190285218-1005
2018-09-19 19:37 - 2018-06-19 18:43 - 000000000 ___RD C:\Users\Kristýnka\OneDrive
2018-09-19 19:37 - 2018-06-19 18:41 - 000002438 _____ C:\Users\Kristýnka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-16 18:44 - 2017-08-08 19:06 - 000000000 ____D C:\games
2018-09-15 08:40 - 2018-05-12 11:49 - 000000000 ____D C:\Users\Joohny
2018-09-13 20:09 - 2018-05-12 11:40 - 000400984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-13 20:08 - 2017-08-20 13:56 - 000000000 ____D C:\Program Files\CCleaner
2018-09-13 20:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-09-13 20:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-13 20:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-13 20:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-09-13 20:06 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-13 17:59 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-11 19:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-09-10 12:13 - 2018-05-18 12:13 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-09-10 09:34 - 2018-06-19 18:41 - 000000000 ____D C:\Users\Kristýnka
2018-09-09 16:03 - 2017-09-26 19:13 - 000000000 ____D C:\Users\Joohny\AppData\Roaming\AIMP
2018-09-09 07:43 - 2015-04-05 12:00 - 000000000 ____D C:\Users\Joohny\Documents\My Games
2018-09-09 07:36 - 2015-04-05 10:54 - 000000000 ____D C:\GOG Games
2018-09-09 06:54 - 2017-04-14 12:17 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-07 18:49 - 2015-05-08 15:09 - 000000000 ____D C:\Users\Joohny\AppData\Roaming\uTorrent
2018-09-05 01:04 - 2018-04-12 01:41 - 000835144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-09-05 01:04 - 2018-04-12 01:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-06-10 12:06 - 2015-03-11 11:36 - 000000226 _____ () C:\Program Files (x86)\update-CitiesSkyline.bat
2017-06-10 12:06 - 2014-05-25 04:38 - 000000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2017-12-09 16:31 - 2017-12-09 16:31 - 000005368 _____ () C:\Users\Joohny\AppData\Roaming\froggy_scorebox
2017-12-09 16:31 - 2017-12-09 16:31 - 000000910 _____ () C:\Users\Joohny\AppData\Roaming\pl_accounts.pl_acc
2017-12-09 16:31 - 2017-12-09 16:31 - 000000556 _____ () C:\Users\Joohny\AppData\Roaming\Troll.options
2018-06-11 12:58 - 2018-06-11 13:47 - 000000054 _____ () C:\Users\Joohny\AppData\Roaming\~SiMPLEX.ini
2016-03-30 20:52 - 2016-03-30 20:52 - 000007605 _____ () C:\Users\Joohny\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-12 11:40

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Joohny (03-10-2018 10:19:46)
Running from C:\Users\Joohny\Desktop
Windows 10 Home Version 1803 17134.285 (X64) (2018-05-12 10:11:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-133748398-2835648025-190285218-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-133748398-2835648025-190285218-503 - Limited - Disabled)
Guest (S-1-5-21-133748398-2835648025-190285218-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-133748398-2835648025-190285218-1004 - Limited - Enabled)
Joohny (S-1-5-21-133748398-2835648025-190285218-1000 - Administrator - Enabled) => C:\Users\Joohny
Kristýnka (S-1-5-21-133748398-2835648025-190285218-1005 - Limited - Enabled) => C:\Users\Kristýnka
WDAGUtilityAccount (S-1-5-21-133748398-2835648025-190285218-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Nature 3 for S.T.A.L.K.E.R - Call of Pripyat (HKLM-x32\...\Absolute Nature 3 Lite_is1) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Age of Wonders III (HKLM-x32\...\1207660893_is1) (Version: 1.801 - GOG.com)
Age of Wonders III: Dragon's Throne Scenario (HKLM-x32\...\1207660883_is1) (Version: 1.801 - GOG.com)
Age of Wonders III: Elven Resurgence Scenario (HKLM-x32\...\1207660873_is1) (Version: 1.801 - GOG.com)
Age of Wonders III: Eternal Lords (HKLM-x32\...\1428937263_is1) (Version: 1.801 - GOG.com)
Age of Wonders III: Golden Realms (HKLM-x32\...\1207665893_is1) (Version: 1.801 - GOG.com)
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
AutoHotkey 1.1.22.06 (HKLM\...\AutoHotkey) (Version: 1.1.22.06 - Lexikos)
Banished (HKLM-x32\...\1207660783_is1) (Version: 2.5.0.9 - GOG.com)
Barbie(TM) - Princezna a švadlenka (HKLM-x32\...\Barbie(TM) - Princezna a švadlenka_is1) (Version: - CD Projekt)
Barbie(TM) Deníček - Tajemství střední školy (HKLM-x32\...\Barbie(TM) Deníček - Tajemství střední školy_is1) (Version: - CD Projekt)
Barbie(TM) Dobrodružství s koňmi(TM) (HKLM-x32\...\{F827DB7E-9F8F-46BA-9F22-46CE2CEE1D7E}) (Version: 1.00.0000 - )
Barbie(TM) od Labutího jezera (HKLM-x32\...\{F85A7717-4DF5-48A4-8D9E-F84F549A787A}) (Version: 1.00.000 - )
Barbie(TM): Malá mořská víla(TM) CD-ROM (HKLM-x32\...\Barbie(TM) Malá mořská víla(TM) CD-ROM_is1) (Version: - CD Projekt)
Battle Chasers Nightwar (HKLM-x32\...\1345854066_is1) (Version: v.22997 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{71640766-157F-4DE8-B45F-69B76B0F5FCE}) (Version: 3.31.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 20170929 - GOG.com)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
Darkwood (HKLM-x32\...\1578751181_is1) (Version: 1.0 - GOG.com)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Disney Popelka (HKLM-x32\...\{2048F008-BDCD-485E-B552-B60E15BDC668}) (Version: 1.0 - Disney Interactive)
Disney Princess - My Fairytale Adventure (HKLM-x32\...\{34647679-5D7E-455C-9DC6-618FA3B7FE1A}) (Version: 1.00.0000 - Disney Interactive Studios)
Disney's You Can Fly! with Tinker Bell (HKLM-x32\...\{B5071AC4-B0E3-11D5-AA2E-0008C760B784}) (Version: - )
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Distrust (HKLM-x32\...\Distrust_is1) (Version: - )
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.0.0.3 - GOG.com)
Divinity Original Sin 2 (HKLM-x32\...\Divinity Original Sin 2_is1) (Version: - )
DMP Altera 3.5 (HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\DMP Altera 3.5) (Version: - )
Endless Space 2 Supremacy (HKLM-x32\...\Endless Space 2 Supremacy_is1) (Version: - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free FLAC to MP3 Converter 1.4 (HKLM-x32\...\{A54C01BD-1277-4722-B42B-EC9800A90B1E}_is1) (Version: 1.4 - PolySoft Solutions)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Heroes of Might and Magic IV Gold verze 3.0c (HKLM-x32\...\{67FA88C6-ECC7-45AD-9615-3FB4AFE3E131}_is1) (Version: 3.0c - )
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
CHUCHEL (HKLM-x32\...\1825910123_is1) (Version: 1.0.0 - GOG.com)
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
Inquisitor - Deluxe Edition (HKLM-x32\...\Inquisitor - Deluxe Edition_is1) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{56E3752E-E2E6-4F7C-AC04-24BC03A78F09}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Judgment Apocalypse Survival Simulation (HKLM\...\SKIDROW - Judgment Apocalypse Survival Simulation) (Version: - SKIDROW)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 11.1.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.1.0 - )
League of Legends (HKLM-x32\...\{657DFCCF-B080-44B1-9AEA-61676011A1AE}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.4.11.0608 - Lenovo)
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.6008 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.6008 - CyberLink Corp.)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.3609 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\dda9ca0b023f4c56) (Version: 1.6.3.5 - Lenovo)
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
Magic 2015 - Garruks Revenge (HKLM-x32\...\Magic 2015 - Garruks Revenge_is1) (Version: - )
MediaCoder iPhone Edition 0.8.47 (HKLM-x32\...\MediaCoder iPhone Edition) (Version: 0.8.47 - Broad Intelligence)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
My Riding Stables - Life with Horses (HKLM-x32\...\MyRidingStables) (Version: 1.0 - Sproing Interactive GmbH)
Northgard Svafnir Clan of the Snake (HKLM-x32\...\Northgard Svafnir Clan of the Snake_is1) (Version: - )
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.82 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_is1) (Version: - )
Ovládací panel NVIDIA 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.82 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 2.3.1.58816 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{b3ac671e-f46c-4379-9c5b-6c6931985463}) (Version: 2.3.1.58816 - Grinding Gear Games)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.10 - ProtectDisc Software GmbH)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Remote Play PS4 (HKLM-x32\...\{ED0768BB-8B3F-47CF-A62B-99FD92EE660B}) (Version: 2.6.0.02270 - Sony Interactive Entertainment Inc.)
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.01] (HKLM-x32\...\{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1) (Version: 1.6.01 - CENEGA)
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005] (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0005 - THQ)
Samorost 3 (HKLM\...\c2Ftb3Jvc3Qz_is1) (Version: 1 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Serviio (HKLM\...\Serviio) (Version: 1.9.2 - Six Lines Ltd)
Sid Meier's Civilization V Brave New World (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uVg==_is1) (Version: 1 - )
Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version: - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellaris Distant Stars (HKLM-x32\...\Stellaris Distant Stars_is1) (Version: - )
Surviving Mars (HKLM-x32\...\Surviving Mars_is1) (Version: - )
The House of Da Vinci (HKLM\...\SKIDROW - The House of Da Vinci) (Version: - SKIDROW)
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vaporum (HKLM-x32\...\1211269088_is1) (Version: patch_3 - GOG.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Goo 1.30 (HKLM-x32\...\World of Goo 1.30) (Version: - )
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2017-09-26] (AIMP DevTeam)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWoW64\WSCM64.dll [2015-02-27] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\System\aimp_menu64.dll [2017-09-26] (AIMP DevTeam)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-07-30] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-08-27] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01002F97-A2C2-49C8-95E3-DB813379EF9B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {071B2D8B-2B1E-496F-B831-3ABF2A69ABD9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {0BA3D00F-F866-4AAD-9490-99A717882F73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {1A0B4201-20A0-476D-8F08-A5D292EDF736} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {22A1B7A3-63A3-402B-9B37-E15126DAAC35} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {23875E78-9038-44B2-9E73-4D837C7F99CF} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {26E9FE62-A2CC-4CB4-81CE-CE7BDC222C96} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {290098AD-7EBB-44F7-924C-7976A71E37EB} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {2C4F708F-5AC8-4D98-8F4B-46042F1A1033} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {3078F6D4-E86D-432B-9307-FD024405C23F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {32A0CA42-7F39-4DC6-A8EB-CF52237F4CA9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {390A53A4-FC78-4A6E-945A-2F163067D479} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {3AD4AC4B-18FE-4553-91A3-68F8A3FE67B2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {41DE32B8-109A-43B2-A4BF-A305956B9EEE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {43909BCC-8580-4E27-9FED-3B7776B6FB28} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {474AB846-32F0-4ED5-8312-D8D684893EBF} - System32\Tasks\{6E673946-0142-402A-BB46-26C1BA919AC7} => C:\Windows\system32\pcalua.exe -a E:\DirectX\dxsetup.exe -d E:\DirectX
Task: {4ED8CB6D-8410-440F-8A23-4F120B18F7FF} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {593E3BB2-9C32-4E14-A445-2F7226B730F4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6125CEA1-86D2-41E7-9430-F69A3FF90463} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6D074E1A-6556-4ECB-8CD2-24E143250A5A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6DFB75E2-A3F4-483B-A33B-FCF0DEE02F0B} - System32\Tasks\Win Update => c:\Intell\POOL\russian.vbs
Task: {70CFA522-0C11-4557-AA66-1C0C2427C8E9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {70E8B1E9-2001-4E6F-ABF0-0988260F9D0B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7111FFE3-22C4-4EB1-B31A-E525DDF96220} - \Lenovo\Lenovo Service Bridge\S-1-5-21-133748398-2835648025-190285218-1000 -> No File <==== ATTENTION
Task: {7419316F-4D56-436E-9DDF-23A6D581B76E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7434B960-F996-4A18-A184-9ABEEBDAAABE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {74EFFF5A-7738-4D72-956B-6C5634C3202E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76B1D892-74B1-4544-98DA-649C360A373D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {77CB60A7-8B3B-4D23-80EA-3BC0CF8A584F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-13] (Adobe Systems Incorporated)
Task: {7EAC1889-B87C-4196-8D71-26DFD2BCBF4C} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {81FF536C-0261-4EDE-B511-955841D14A68} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {824221A9-D146-4EDA-93EB-1B505683DBA9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {861AEB97-0EE5-4ADC-BBAA-0779FC152BED} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {88E15806-0D50-4B5A-BB6B-9AC85893E42C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8A269B03-9462-41C6-BDC6-3B13E257210D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9E1CDE6B-A96A-4803-96BD-BC267B980A32} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A4BAE43E-436C-4124-B9D8-C61A3378AE17} - System32\Tasks\{8EF28EB9-967E-4F33-96CD-0272AEE89807} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}\setup.exe" -c -runfromtemp -removeonly
Task: {BCC70C74-C2A3-4266-B7CF-39CBEF55916F} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {BDD4777F-19EB-482E-8CB2-0117C478B5FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C01304AA-638C-4BFE-BCD8-55C582B81971} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C2C72B5C-391F-47C6-90D1-E1F8F0E5509D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C3A61931-C298-4C23-9E75-2FF5F0C98AFC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C5EC77FF-5EF7-47D7-8085-DF809BF2C243} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C8FEFB62-6459-4A67-9D33-D73D7344980A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {D145C821-06A1-45F2-9BCF-D9C000C9BC04} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D32CDB2B-F508-400A-8E1F-331B0839DDAB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D963D94F-24C3-4B4D-B840-597F9E50FF75} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DADBDD35-7E69-4591-8ED6-AD1E586C2463} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28] (Oracle Corporation)
Task: {DB092EB6-F7FE-43E4-AE8E-BE916B099076} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {DFB18A06-5554-4043-BC78-424D57FD12C1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {E1321C41-8804-4419-B191-D4536E9BD974} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E8053339-E7AA-4D6C-A837-4429048D1576} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF9C3D8E-B407-4E37-B788-688B3CC09940} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-04-15] ()
Task: {F033D37E-1571-4998-BF2A-F6D3CB9E5E8F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {F7621336-FC2C-4770-9133-D6B150C6ACB0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {F9F1934E-65AE-488F-9168-029C757AE560} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FD26A8FB-A545-48C5-95DA-1BD6E1F54B57} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {FD511686-EF86-4490-9D08-D447342F4400} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {FF96F0AB-3C66-40C8-924A-5DA8D04B6688} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {FFC43A3E-56E7-4E03-B4CF-94F356162827} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Joohny\Documents\Vodafone\petradam\quick\FXLauncher.bat.lnk -> C:\Program Files (x86)\ThinApp\Kenan2\FXLauncher.bat.exe (No File)

==================== Loaded Modules (Whitelisted) ==============

2012-06-08 22:27 - 2011-03-16 05:47 - 000032768 _____ () C:\Windows\jmesoft\Service.exe
2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 06:56 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-05-24 18:44 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-30 20:10 - 2018-04-30 20:10 - 000413696 _____ () C:\Program Files\Serviio\bin\ServiioService.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-11-06 09:42 - 2015-02-27 15:38 - 000721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2018-09-13 17:54 - 2018-08-31 05:12 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-12 19:36 - 2018-09-12 19:36 - 035124736 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-09-12 19:36 - 2018-09-12 19:36 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-09-12 19:36 - 2018-09-12 19:36 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 16:18 - 2017-09-26 16:18 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-12 19:36 - 2018-09-12 19:36 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-09-01 06:57 - 2018-09-05 22:14 - 001055520 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-09-01 06:57 - 2018-08-27 22:52 - 098006816 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-01 06:57 - 2018-08-27 22:52 - 004443424 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-09-01 06:57 - 2018-08-27 22:52 - 000100128 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-09-26 09:34 - 2018-09-26 09:34 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-26 09:34 - 2018-09-26 09:34 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 14:34 - 2017-10-05 14:34 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-05 13:26 - 2018-05-06 11:19 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-09-26 09:34 - 2018-09-26 09:34 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-08-31 01:55 - 2018-08-31 01:56 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-08-31 01:55 - 2018-08-31 01:56 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-17 19:54 - 2018-08-17 20:01 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-08-17 19:54 - 2018-08-17 20:01 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-03-30 15:06 - 2018-03-30 15:07 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-09-26 09:34 - 2018-09-26 09:34 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-31 01:55 - 2018-08-31 01:56 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-26 09:34 - 2018-09-26 09:34 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 01:55 - 2018-08-31 01:56 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-28 20:03 - 2018-07-28 20:03 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-26 09:34 - 2018-09-26 09:34 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-05-19 20:24 - 2018-09-05 22:14 - 000876320 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-19 20:24 - 2018-09-08 22:31 - 002646304 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-19 20:24 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-12-14 20:26 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 20:26 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 20:26 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-12-14 20:26 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2015-05-19 20:24 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-19 20:24 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-12-14 20:26 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2015-05-19 20:24 - 2018-09-08 22:31 - 001015584 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 09:06 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-10-26 18:28 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Joohny:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\desktop.ini:gs5sys [2816]
AlternateDataStreams: C:\Users\Joohny\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\Joohny\Local Settings:gs5sys [2560]
AlternateDataStreams: C:\Users\Joohny\Soubory cookie:gs5sys [2560]
AlternateDataStreams: C:\Users\Joohny\Šablony:gs5sys [2048]
AlternateDataStreams: C:\Users\Joohny\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Joohny\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Joohny\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Joohny\AppData\Local\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\Joohny\AppData\Local\History:gs5sys [2560]
AlternateDataStreams: C:\Users\Joohny\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2048]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-12-02 19:28 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-133748398-2835648025-190285218-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joohny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 77.236.192.130 - 77.236.192.150
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "jmekey"
HKLM\...\StartupApproved\Run32: => "jmesoft"
HKLM\...\StartupApproved\Run32: => "ModeSwitch"
HKLM\...\StartupApproved\Run32: => "Lenovo Registration"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\StartupApproved\Run: => "Intel"
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-133748398-2835648025-190285218-1000\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{507F341B-7B73-48E3-A70C-F919CD8EA800}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{89D136FD-0ADE-4CF7-9F89-81DB1F34BB6B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe
FirewallRules: [{83FD5C9B-A623-4A8A-96AB-04C1858F4ADA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{7F168A8A-6AED-41D3-A253-304F133505A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{A77D1F30-482F-4A45-8FC5-63F861705D12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{4AFF4D22-ECDB-4FD4-B9B9-D3BAAF3606BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{E6B7A056-D9C0-4E5A-A930-0B41648AFE05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{9DDF691A-28E3-4FEB-960F-43984EF21A45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BD0196C6-771D-4097-8BA7-68575596BECF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{28213CB1-F563-4B86-9E91-DCFFD5A6A134}] => (Allow) C:\Users\Joohny\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{78ECE1C4-25D1-4D5B-8301-A34CEBA9D7BC}] => (Allow) C:\Users\Joohny\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{021F0B01-CF16-48AE-B796-9544BF9549B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{03462558-C088-41B5-9731-AC0ED34B084F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB633DCD-616E-4C6F-9568-17F7FB7B817A}] => (Allow) C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe
FirewallRules: [{5C510B5C-E60D-4697-A37B-9347FAA27687}] => (Allow) C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe
FirewallRules: [{B7A16A69-5F95-4E4E-B995-F33895E6CCB1}] => (Allow) C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{6CF70D7F-9149-48C8-8615-EBD71525FFA6}] => (Allow) C:\Program Files (x86)\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe
FirewallRules: [UDP Query User{D93966B2-5507-490A-A302-532FF1A0D736}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{44F29662-3159-474F-958D-01B2333BCAC2}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{C0E89B99-0C89-4A63-B6C7-20602E7B59E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9DF2EAC7-F555-4189-B001-6E927D4FC5C4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CB6841B7-B4B4-4A2A-B547-0E7D4BACA0FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7EA4E7C6-79B3-4AA6-8D7C-7F7D5FF53FD6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{24922CED-AA54-4102-B5EF-7C16E27FDE24}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{92267CAF-9ED1-4367-A55E-6D8F53F6224B}] => (Allow) LPort=1900
FirewallRules: [{6C0C4802-9E7E-4540-B80B-48ECD1BADE76}] => (Allow) LPort=2869
FirewallRules: [{E2E3B4B6-F850-4B21-85D5-30857DD499A6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{36B62C29-3C89-4023-8105-C25FD7089018}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{9D146898-271E-407E-A72B-103E53B20AC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{36719309-ECA7-488C-9F9B-21AB9CE8A6A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{A498BB33-AFBE-4738-8CE2-D8C9B0C07471}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{071B5918-0E56-4189-B5EA-E0FC7B771835}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{96831011-033D-4DCB-888E-5BC966FFE9EE}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{FFCEC833-883D-4352-8DFC-56714F39C438}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{D309445F-82F3-4979-9BD8-8C12CC1E3D46}] => (Allow) D:\Program Files (x86)\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe
FirewallRules: [{A080D5E8-1F76-4CE9-B98A-74466B8D84A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney's Princess Enchanted Journey\play.exe
FirewallRules: [{9DFA97CA-F427-4F64-8DE9-2A6856F59D16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney's Princess Enchanted Journey\play.exe
FirewallRules: [{BAE64735-37A6-4AB1-BFBE-CA91CDECC303}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney Fairies Tinker Bell's Adventure\FairiesPC.exe
FirewallRules: [{B896A0CE-40B4-4AC7-9DDA-9663966198AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney Fairies Tinker Bell's Adventure\FairiesPC.exe
FirewallRules: [{1C935F72-62DB-4772-AE6A-2A79217C19ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney Tangled\Rapunzel.exe
FirewallRules: [{E0CE45F6-E68C-4161-80AA-53808ED75D6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney Tangled\Rapunzel.exe
FirewallRules: [{363D7413-1082-4A4F-BD74-59ED3AE5BAC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney-Pixar Brave\Brave.exe
FirewallRules: [{6AE6EFBC-9F73-46DB-8865-3F8392DB873B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney-Pixar Brave\Brave.exe
FirewallRules: [{27A21139-FDD0-47EA-A0A3-A0410629B7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess and The Frog\PrincessAndFrog.exe
FirewallRules: [{7E1A20DE-4A1A-442A-A737-3C65A3634F82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Princess and The Frog\PrincessAndFrog.exe
FirewallRules: [{A4DFF3C5-885B-4139-BEEF-6B2695048884}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney Princess My Fairytale Adventure\DisneyPrincess.exe
FirewallRules: [{B21F07E6-3656-4BE1-9343-E7652DC9CF04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disney Princess My Fairytale Adventure\DisneyPrincess.exe
FirewallRules: [{D3160CEC-4B40-4B52-8FC9-CC66AE2E46ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B388ADD3-DA17-4D00-A103-5C6ED9780FAE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{507E6BD7-A859-4D2E-B6E9-EDBFDE98423D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F9528AD4-CE23-4667-ACCC-2103ECB9B37F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{727B71C7-E6AE-4B97-8628-0C9965B7C804}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King's Bounty - The Legend\KB.exe
FirewallRules: [{CDCB1C05-E094-4118-B354-031CB6113208}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King's Bounty - The Legend\KB.exe
FirewallRules: [{A1D0147C-070E-45F0-BE10-172B3130BB9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King's Bounty - The Legend\save_fixer.exe
FirewallRules: [{EE101C39-B17C-400C-840E-992064CBB631}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\King's Bounty - The Legend\save_fixer.exe
FirewallRules: [{1175732C-5689-4704-B913-1607759D143E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{521FBCA3-6318-47A1-8E45-430C92F2DBA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{B008272E-CE1C-4BC5-9F56-31F0E1AD01AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackguards\Blackguards.exe
FirewallRules: [{D0309021-7996-47BE-AD09-8993FF33E999}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackguards\Blackguards.exe
FirewallRules: [{4F803B7B-DED5-4CF8-ACAD-30A3CAC67BA7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{4A048AF7-8D83-40B0-A809-71731EB18088}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{1568EC0B-AE61-4F33-BD7B-5965D6A4AC22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{245D1F62-890D-4991-8505-FCEE0C640DDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{2CB02E53-7ECE-40CA-9CD5-25302CB5DA87}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [{AF75E3D3-0503-4AF9-A767-42CB147FE2BF}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{FD246DDC-3C9C-4624-82F9-118B41D14B3A}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe
FirewallRules: [{2B8210B3-FC02-41FF-B5A2-7A5205F7CDF7}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe
FirewallRules: [{EE38BF97-87B6-4117-A469-6D3637D3A2EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8C64A414-B45B-4540-A0D9-0E8BE183544A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A592E12C-1A3D-47EF-B479-EE7A24D528C2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{37D68A7D-C2D8-46E0-8772-5F0537EF189D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{64408260-62FF-472E-9D31-76E5E53D3365}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{550F96F4-A567-4C33-962C-0E1286D56E6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BF9EB2D7-FA33-4D7E-890F-247B2139C7B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B721EBCE-BE28-4707-9D6E-5CF3AD02DE58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{43C49682-E540-4628-9F58-2629ECEE48CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{2D1E6412-A250-43B4-9282-02EA2F6CD9C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{4BB1CA35-FEB8-4DA0-BDFC-EDC08BF0FEEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{AE64E693-863B-49D0-B579-B3206AC71919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{25D049C0-F789-41D0-85F5-845558CE77B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{41FC00C0-4357-4DB2-8915-D4D6EA5073A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{A01423BB-0ECC-4651-812E-A546F19BE89F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{0BBEDE26-0600-4BD4-8FDC-0B9ADBB2BF4C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{66D877D7-119D-4ABD-AB69-68DCECA3771D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [TCP Query User{BF5158E1-D80A-4912-A805-8FDCD966EDDF}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe
FirewallRules: [UDP Query User{A08472D3-8628-4AB5-9162-268C383521A0}C:\gog games\age of wonders iii\aow3.exe] => (Block) C:\gog games\age of wonders iii\aow3.exe
FirewallRules: [{699F80F9-9AB5-4755-83A9-FC85D0D4C6E7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{4291FA03-787F-4D16-B90D-153FAFB97419}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{C9E9300C-02C5-4944-89F0-D27D3B253B86}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9F5A918E-1562-4B72-8127-AD1E8823E762}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Restore Points =========================

02-10-2018 17:42:20 Removed Graveyard Keeper Alpha

==================== Faulty Device Manager Devices =============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/03/2018 10:00:11 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (10/03/2018 09:56:29 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (10/03/2018 08:29:58 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (10/02/2018 07:59:23 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (10184,G,0) Pokus o otevření souboru C:\Users\Joohny\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (10/02/2018 07:54:40 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

Error: (09/30/2018 09:16:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18015

Error: (09/30/2018 09:16:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18015

Error: (09/30/2018 09:16:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (10/03/2018 10:01:08 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service závisí na službě Intel(R) Management and Security Application Local Management Service, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (10/03/2018 10:00:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 10:00:10 AM) (Source: DCOM) (EventID: 10016) (User: Joohny-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Joohny-PC\Joohny (SID: S-1-5-21-133748398-2835648025-190285218-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 09:58:42 AM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: Při pokusu o přístup ke kořenovému adresáři historie C:\inetpub\history zjistila pomocná služba hostitele aplikace chybu. Adresář buď neexistuje, nebo jeho oprávnění nepovolují přístup službě historie. Funkce historie konfigurací je prozatím zakázána a bude povolena po vyřešení problému. Chcete-li tento problém vyřešit, zkontrolujte, zda adresář existuje a zda k němu má skupina Administrators přístup pro čtení a zápis. Datové pole obsahuje číslo chyby.

Error: (10/03/2018 09:56:30 AM) (Source: DCOM) (EventID: 10016) (User: Joohny-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Joohny-PC\Joohny (SID: S-1-5-21-133748398-2835648025-190285218-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 09:56:16 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 09:56:16 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/03/2018 09:56:16 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-09-14 20:15:36.038
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-14 20:15:36.016
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-14 20:15:35.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-14 20:15:35.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-14 20:15:35.931
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-14 20:15:35.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-14 20:15:35.226
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2018-09-14 20:15:35.118
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 41%
Total physical RAM: 8156.87 MB
Available physical RAM: 4797.32 MB
Total Virtual: 16348.87 MB
Available Virtual: 12428.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:905.8 GB) (Free:200.82 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:465.76 GB) (Free:181.93 GB) NTFS

\\?\Volume{2a4a6944-b1a7-11e1-a471-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS
\\?\Volume{94f36e96-0000-0000-0000-f07fe2000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 94F36E96)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=905.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1B99A58A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Prosba o kontrolu

Napsal: 03 říj 2018 17:31
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Prosba o kontrolu

Napsal: 04 říj 2018 06:41
od Joohny_loo5er
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-01.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-04-2018
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ab7e46a6-3dbf-4e5a-b7ac-1d5d2bfc0ad5}|DhcpNameServer - "77.236.192.130"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|DhcpNameServer - "77.236.192.130"

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3174 octets] - [03/10/2018 09:53:04]
AdwCleaner[C00].txt - [2994 octets] - [03/10/2018 09:53:25]
AdwCleaner[S01].txt - [1630 octets] - [04/10/2018 07:36:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Re: Prosba o kontrolu

Napsal: 04 říj 2018 21:30
od Conder
:arrow: Poprosim o obidva nove logy z FRST.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz