Mizí ikony z plochy a nelze spustit aplikace
Napsal: 19 črc 2020 11:03
Chtěl bych požádat o pomoc s kontrolou ntb. Před pár týdny jsem zkoušel nainstalovat jednu starou hru z SD karty. Měl jsem v té době ESET antivirut. Během instalace našel nějaký virus. A ještě mi vyjelo upozornění na napadení nějakých portů. PC jsem poté ještě projel antivirovou kontrolou. Všechno se zdálo být v pořádku. S chodem PC jsem nepozoroval žádné problémy, ale přesto jsem se rozhodl jej pro jistotu přeinstalovat. Po té co jsem provedl reset Windows jsem instaloval (ze stejné SD karty - ale zavirovanou hru jsem již smazal) základní aplikace jako VLC, Epson Scan Utility apod. Od té doby se mi občas stane, že najedu do nějaké složky a najednou mi zmizí všechny ikony z plochy, nebo mi spadne nějaký program a poté mi nejde nic spustit (např chci zapnout Chrome, ale hned jak se otevře okno aplikace, tak se zase hned vypne). Po té, co PC restartuji je zase vše v pořádku.
Chtěl jsem tedy požádat o kontrolu logu, zda se nemůže jednat o nějaký malware. Dále jsem se chtěl zeptat zda je možnost nějak zkontrolovat i danou SD kartu, jestli si problém nemohu zanášet z ní.
Předem děkuji za pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2020 01
Ran by Ondřej (administrator) on LENOVO-PC (LENOVO 20378) (19-07-2020 11:49:05)
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Windows\SysWOW64\ibtsiva.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe <2>
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ActWiz\mcautoreg.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.6.124.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_4\mcapexe.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DsmUserTask.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Pokki, Inc. -> Pokki) C:\Users\Ondřej\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Superfish Inc. -> Superfish, Inc.) C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-06-10] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-03-12] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16093512 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [8235848 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3377440 2020-07-11] (Valve -> Valve Corporation)
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\...\MountPoints2: {1b7e25f5-c845-11ea-8263-e8b1fc4656da} - "F:\MafiaLauncher.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe [2020-07-17] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{981b174d-7733-4e7f-b89d-6545a7c21838}] -> C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe [2014-09-27] (Amazon Services LLC -> Amazon)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2014-12-04] (Lenovo (Beijing) Limited -> )
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-27] (Amazon Services LLC -> Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-09-27] (Amazon Services LLC -> Amazon Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05323514-6ED0-4D8D-BD7B-0FCAF5F1D633} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1075528 2020-05-14] (McAfee, LLC -> McAfee, LLC)
Task: {2D636E53-FB71-4FEC-A7AC-6472B28E8FDB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233760 2013-03-07] (Intel® Services Manager -> Intel Corporation)
Task: {3ACC020E-FB48-46DC-A85F-4103177667F6} - System32\Tasks\{CECF034B-6BCC-4BD6-B507-BDCACE49F592} => C:\WINDOWS\system32\pcalua.exe -a F:\MafiaLauncher.exe -d F:\
Task: {49462BEA-EDD0-47DE-B60B-9E15B3A55CA1} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4185384 2020-05-15] (McAfee, LLC -> McAfee, LLC)
Task: {5A4AC02E-E882-4D85-8A69-22F44A215171} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [151 2013-06-03] () [File not signed]
Task: {62D6904D-01B5-4E56-A98E-5DB26C66E353} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {6C7FC9EF-86F1-48DA-937A-06C55895B669} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17152 2014-08-19] (LENOVO -> Lenovo)
Task: {7C8DD042-4BDB-4937-848F-E9432BA1EC88} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [248136 2014-02-12] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo)
Task: {822F072A-EB40-4A7A-B44B-7D55A5CEB9E7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233760 2013-03-07] (Intel® Services Manager -> Intel Corporation)
Task: {83A4F012-5AEE-40D7-9404-AEC44E6FE8EE} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {8D096067-AC8D-4B43-A1A8-91C404DF1125} - System32\Tasks\{0C0B1F4A-7312-47B8-9670-BA6FF638F6C4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Mafia\Game.exe" -d "c:\program files\Mafia\"
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {8D790C5E-EA38-42FB-AF88-99FB688D2C53} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1075528 2020-05-14] (McAfee, LLC -> McAfee, LLC)
Task: {96BB415B-5D70-44C5-AD32-D097A679DB20} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4592776 2020-05-15] (McAfee, LLC -> McAfee, LLC)
Task: {985E3E9B-1FEA-4A0D-ABAF-89982A03FDE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-17] (Google LLC -> Google LLC)
Task: {AC23AFA5-EB7D-4354-9905-B357DC07F1AE} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {DC69AC93-050F-4363-8121-8375C9BD94D4} - System32\Tasks\SweetLabs App Platform => C:\Users\Ondřej\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [10558696 2020-06-19] (Pokki, Inc. -> Pokki)
Task: {EE7B4FC7-9249-49E3-A802-DC1609681305} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2020-07-18] (McAfee, Inc. -> McAfee, LLC.)
Task: {F039512D-7152-4E59-A1AD-1EE0B56E7DEA} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-08] (McAfee, LLC -> McAfee, LLC)
Task: {F218D7B7-9741-4BB4-AC73-9F0D34328C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-17] (Google LLC -> Google LLC)
Task: {F3268F19-2998-43AD-B9F8-FAD24BBEB5D1} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [256824 2014-09-11] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {F7095568-6A2A-4E32-AC12-63F13DCC5B19} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [78240 2015-08-09] (LENOVO -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3ECA6E43-73A5-4537-8AEE-CAE58ED72786}: [DhcpNameServer] 169.254.224.91
Tcpip\..\Interfaces\{9B0262CF-0EDA-4F71-A83A-212B96CAB6FC}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-3554998910-4206139875-1568112538-1001 -> DefaultScope {4C3A711D-39DF-4872-BF52-FA11D2B96BB0} URL =
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2020-07-19] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-06-08] (McAfee, LLC -> )
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-06-08] (McAfee, LLC -> )
Chrome:
=======
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default [2020-07-19]
CHR Extension: (Dokumenty) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-17]
CHR Extension: (Disk Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-07-17]
CHR Extension: (YouTube) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-17]
CHR Extension: (Tabulky) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-07-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-17]
CHR Extension: (Gmail) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0015111595102574mcinstcleanup; C:\ProgramData\McInstTemp0015111595102574\McInst.exe [839392 2020-06-08] (McAfee, LLC -> McAfee, LLC)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] (Lenovo (Beijing) Limited -> )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 iBtSiva; c:\windows\syswow64\ibtsiva.exe [120016 2014-04-04] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584608 2015-08-09] (LENOVO -> LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1844024 2014-08-01] (Maxthon (Asia) Limited. -> Maxthon)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_4\McApExe.exe [768256 2020-06-08] (McAfee, LLC -> McAfee, LLC)
R3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.6.124.0\\McCSPServiceHost.exe [2726312 2020-05-28] (McAfee, LLC -> McAfee, LLC)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [718200 2020-06-08] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1360496 2020-03-18] (McAfee, LLC. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1742272 2020-05-15] (McAfee, LLC -> McAfee, LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-30] (Intel Corporation-Mobile Wireless Group -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4212808 2020-05-27] (McAfee, LLC -> McAfee, LLC)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab Ltd -> PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab Ltd -> PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-12-04] (Lenovo -> Lenovo)
R2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [319472 2014-07-19] (Lenovo (Beijing) Limited -> Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-12-04] (Lenovo (Beijing) Limited -> )
R2 VisualDiscovery; C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe [1304360 2014-09-28] (Superfish Inc. -> Superfish, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-30] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [24904 2014-03-11] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [528824 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
U3 mfeaack01; no ImagePath
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [382392 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521648 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1000880 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
U3 mfehidk01; no ImagePath
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [595592 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
U3 mfencbdc02; no ImagePath
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108168 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [9121496 2014-06-10] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 VDWFP; C:\windows\system32\Drivers\VDWFP64.sys [39800 2014-05-12] (Superfish Inc. -> Superfish, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [257880 2014-03-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 mfencbdc01; \Device\mfencbdc01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-19 11:49 - 2020-07-19 11:49 - 000028440 _____ C:\Users\Ondřej\Desktop\FRST.txt
2020-07-19 11:48 - 2020-07-19 11:49 - 000000000 ____D C:\FRST
2020-07-19 11:46 - 2020-07-19 11:46 - 002292736 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2020-07-19 11:31 - 2020-07-19 11:31 - 000000000 ____D C:\Program Files\McAfeeDashboard
2020-07-18 22:02 - 2020-07-18 22:02 - 000000000 ____D C:\ProgramData\McInstTemp0015111595102574
2020-07-18 22:00 - 2020-07-18 22:00 - 000002003 _____ C:\Users\Public\Desktop\McAfee LiveSafe.lnk
2020-07-18 22:00 - 2020-07-18 22:00 - 000002003 _____ C:\ProgramData\Desktop\McAfee LiveSafe.lnk
2020-07-18 22:00 - 2020-07-18 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2020-07-18 19:08 - 2020-07-18 19:08 - 000003052 _____ C:\WINDOWS\system32\Tasks\{CECF034B-6BCC-4BD6-B507-BDCACE49F592}
2020-07-18 18:21 - 2020-07-18 18:21 - 000003122 _____ C:\WINDOWS\system32\Tasks\{0C0B1F4A-7312-47B8-9670-BA6FF638F6C4}
2020-07-18 18:14 - 2020-07-18 18:14 - 000000800 _____ C:\Users\Ondřej\Desktop\Mafia.lnk
2020-07-18 18:14 - 2020-07-18 18:14 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2020-07-18 18:14 - 2020-07-18 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2020-07-18 18:14 - 2020-07-18 18:14 - 000000000 ____D C:\Program Files (x86)\Creative
2020-07-18 18:14 - 2002-06-06 14:38 - 000139264 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\eax.dll
2020-07-18 18:14 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2020-07-18 18:10 - 2020-07-18 18:13 - 000000000 ____D C:\Program Files\Mafia
2020-07-18 18:10 - 2002-08-29 17:33 - 000319488 ____R () C:\Users\Ondřej\AppData\Roaming\MafiaSetup.exe
2020-07-18 17:58 - 2002-08-29 17:33 - 000319488 _____ () C:\WINDOWS\SysWOW64\MafiaSetup.exe
2020-07-18 17:56 - 2020-07-18 17:56 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\CyberLink
2020-07-18 17:56 - 2020-07-18 17:56 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CyberLink
2020-07-18 12:25 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2020-07-18 12:25 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2020-07-18 12:25 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2020-07-18 12:25 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2020-07-18 12:25 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2020-07-18 12:25 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2020-07-18 12:25 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2020-07-18 12:25 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2020-07-18 12:25 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2020-07-18 12:25 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2020-07-18 12:25 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2020-07-18 12:25 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2020-07-18 12:25 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2020-07-18 12:25 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2020-07-18 12:25 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2020-07-18 12:25 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2020-07-18 12:25 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2020-07-18 12:25 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2020-07-18 12:25 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2020-07-18 12:25 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2020-07-18 12:25 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2020-07-18 12:25 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2020-07-18 12:25 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2020-07-18 12:25 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2020-07-18 12:25 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2020-07-18 12:25 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2020-07-18 12:25 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2020-07-18 12:25 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2020-07-18 12:25 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2020-07-18 12:25 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2020-07-18 12:25 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2020-07-18 12:25 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2020-07-18 12:25 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2020-07-18 12:25 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2020-07-18 12:25 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2020-07-18 12:25 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2020-07-18 12:25 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2020-07-18 12:25 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2020-07-18 12:25 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2020-07-18 12:25 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2020-07-18 12:25 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2020-07-18 12:25 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2020-07-18 12:25 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2020-07-18 12:25 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2020-07-18 12:25 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2020-07-18 12:25 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2020-07-18 12:25 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2020-07-18 12:25 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2020-07-18 12:25 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2020-07-18 12:25 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2020-07-18 12:25 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2020-07-18 12:25 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2020-07-18 12:25 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2020-07-18 12:25 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2020-07-18 12:25 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2020-07-18 12:25 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2020-07-18 12:25 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2020-07-18 12:25 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2020-07-18 12:25 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2020-07-18 12:25 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2020-07-18 12:25 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2020-07-18 12:25 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2020-07-18 12:25 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2020-07-18 12:25 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2020-07-18 12:25 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2020-07-18 12:25 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2020-07-18 12:25 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2020-07-18 12:25 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2020-07-18 12:25 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2020-07-18 12:25 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2020-07-18 12:25 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2020-07-18 12:25 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2020-07-18 12:25 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2020-07-18 12:25 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2020-07-18 12:25 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2020-07-18 12:25 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2020-07-18 12:25 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2020-07-18 12:25 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2020-07-18 12:25 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2020-07-18 12:25 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2020-07-18 12:25 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2020-07-18 12:25 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2020-07-18 12:25 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2020-07-18 12:25 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2020-07-18 12:25 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2020-07-18 12:25 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2020-07-18 12:25 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2020-07-18 12:25 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2020-07-18 12:25 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2020-07-18 12:25 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2020-07-18 12:25 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2020-07-18 12:25 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2020-07-18 12:25 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2020-07-18 12:25 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2020-07-18 12:25 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2020-07-18 12:25 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2020-07-18 12:25 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2020-07-18 12:25 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2020-07-18 12:20 - 2020-07-18 12:20 - 000000222 _____ C:\Users\Ondřej\Desktop\RollerCoaster Tycoon 2 Triple Thrill Pack.url
2020-07-18 01:31 - 2020-07-18 01:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-07-18 00:46 - 2020-07-18 00:46 - 000000000 _____ C:\Recovery.txt
2020-07-17 19:37 - 2020-07-17 19:37 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\Landfall West
2020-07-17 19:29 - 2020-07-18 12:20 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-07-17 19:29 - 2020-07-17 19:29 - 000000222 _____ C:\Users\Ondřej\Desktop\Stick Fight The Game.url
2020-07-17 19:24 - 2020-07-19 11:31 - 000003260 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2020-07-17 19:24 - 2020-07-18 22:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2020-07-17 19:18 - 2020-07-17 19:18 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Steam
2020-07-17 19:18 - 2020-07-17 19:18 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CEF
2020-07-17 16:38 - 2020-07-17 16:39 - 004270054 _____ C:\Users\Ondřej\Downloads\Nepotvrzeno 225747.crdownload
2020-07-17 16:37 - 2020-07-17 16:37 - 000000898 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-07-17 16:37 - 2020-07-17 16:37 - 000000898 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-07-17 16:37 - 2020-07-17 16:37 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-07-17 16:37 - 2020-07-17 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-07-17 16:37 - 2020-07-17 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-07-17 16:37 - 2020-07-17 16:37 - 000000000 ____D C:\Program Files\VideoLAN
2020-07-17 16:36 - 2020-07-18 22:05 - 000000000 ____D C:\Program Files (x86)\Steam
2020-07-17 16:36 - 2020-07-17 16:37 - 000000000 ____D C:\Program Files\WinRAR
2020-07-17 16:36 - 2020-07-17 16:36 - 000000990 _____ C:\Users\Public\Desktop\Steam.lnk
2020-07-17 16:36 - 2020-07-17 16:36 - 000000990 _____ C:\ProgramData\Desktop\Steam.lnk
2020-07-17 16:36 - 2020-07-17 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-07-17 16:11 - 2020-07-18 22:00 - 000003614 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2020-07-17 16:11 - 2020-07-18 22:00 - 000000000 ____D C:\Program Files\Common Files\AV
2020-07-17 16:04 - 2020-07-17 16:04 - 000003320 _____ C:\WINDOWS\system32\Tasks\SweetLabs App Platform
2020-07-17 16:04 - 2020-07-17 16:04 - 000000961 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2020-07-17 16:04 - 2020-07-17 16:04 - 000000961 _____ C:\ProgramData\Desktop\EPSON Scan.lnk
2020-07-17 16:04 - 2020-07-17 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2020-07-17 16:04 - 2020-07-17 16:04 - 000000000 ____D C:\Program Files (x86)\epson
2020-07-17 16:04 - 2009-10-16 00:00 - 000132560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esdevapp.exe
2020-07-17 16:04 - 2009-10-16 00:00 - 000013824 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxcdev.dll
2020-07-17 16:04 - 2009-03-13 00:00 - 000230912 _____ (Seiko Epson Corp.) C:\WINDOWS\system32\esxuin7c.dll
2020-07-17 16:04 - 2009-03-13 00:00 - 000221184 _____ (Seiko Epson Corp.) C:\WINDOWS\SysWOW64\esint7c.dll
2020-07-17 16:04 - 2009-03-13 00:00 - 000065793 _____ C:\WINDOWS\system32\esfw7c.bin
2020-07-17 16:04 - 2007-11-29 00:00 - 000084992 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\esxwia7c.dll
2020-07-17 16:04 - 2006-03-10 00:00 - 000004608 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\esxwiaml.dll
2020-07-17 15:58 - 2020-07-17 15:58 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-17 15:58 - 2020-07-17 15:58 - 000002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-17 15:58 - 2020-07-17 15:58 - 000002290 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-17 15:57 - 2020-07-17 16:01 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Google
2020-07-17 15:57 - 2020-07-17 15:57 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-17 15:57 - 2020-07-17 15:57 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-17 15:57 - 2020-07-17 15:57 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-17 15:56 - 2020-07-17 15:56 - 000000000 __SHD C:\Users\Ondřej\AppData\LocalLow\EmieUserList
2020-07-17 15:56 - 2020-07-17 15:56 - 000000000 __SHD C:\Users\Ondřej\AppData\LocalLow\EmieSiteList
2020-07-17 15:56 - 2020-07-17 15:56 - 000000000 __SHD C:\Users\Ondřej\AppData\Local\EmieUserList
2020-07-17 15:56 - 2020-07-17 15:56 - 000000000 __SHD C:\Users\Ondřej\AppData\Local\EmieSiteList
2020-07-17 15:48 - 2020-07-19 11:34 - 000001283 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2020-07-17 15:48 - 2020-07-19 11:34 - 000000000 ____D C:\ProgramData\LU
2020-07-17 15:44 - 2020-07-18 21:58 - 000000000 ____D C:\Users\Ondřej\OneDrive
2020-07-17 15:43 - 2020-07-19 11:43 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3554998910-4206139875-1568112538-1001
2020-07-17 15:41 - 2020-07-17 15:41 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Lenovo
2020-07-17 15:39 - 2020-07-17 15:39 - 000000000 ____D C:\Users\Public\Pokki
2020-07-17 15:39 - 2020-07-17 15:39 - 000000000 ____D C:\Users\Ondřej\AppData\Local\NVIDIA Corporation
2020-07-17 15:38 - 2020-07-18 21:52 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Packages
2020-07-17 15:38 - 2020-07-18 18:14 - 000000000 ____D C:\Users\Ondřej\AppData\Local\VirtualStore
2020-07-17 15:38 - 2020-07-17 15:38 - 000001437 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-07-17 15:38 - 2020-07-17 15:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 __SHD C:\Users\Ondřej\IntelGraphicsProfiles
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Macromedia
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Intel
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Adobe
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Power2Go8
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Local\PackageStaging
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Local\NVIDIA
2020-07-17 15:37 - 2020-07-19 11:31 - 000000000 ____D C:\Users\Ondřej\AppData\Local\SweetLabs App Platform
2020-07-17 15:37 - 2020-07-17 17:26 - 000000000 ____D C:\Users\Ondřej
2020-07-17 15:37 - 2020-07-17 15:37 - 000000020 ___SH C:\Users\Ondřej\ntuser.ini
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Šablony
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Soubory cookie
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Poslední
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Okolní tiskárny
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Okolní síť
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Nabídka Start
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Dokumenty
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Documents\Obrázky
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Documents\Hudba
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Documents\Filmy
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Data aplikací
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\AppData\Local\Data aplikací
2020-07-17 15:37 - 2014-03-18 11:55 - 000000369 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-07-17 15:37 - 2014-03-18 11:55 - 000000369 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-19 11:48 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-19 11:42 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-19 11:42 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-19 11:35 - 2014-12-04 15:59 - 000000000 ____D C:\ProgramData\McAfee
2020-07-19 11:32 - 2014-12-04 15:59 - 000000000 ____D C:\Program Files\mcafee
2020-07-19 11:32 - 2014-12-04 15:59 - 000000000 ____D C:\Program Files\Common Files\McAfee
2020-07-18 22:03 - 2014-12-04 16:30 - 000739924 _____ C:\WINDOWS\system32\perfh005.dat
2020-07-18 22:03 - 2014-12-04 16:30 - 000151610 _____ C:\WINDOWS\system32\perfc005.dat
2020-07-18 22:03 - 2014-03-18 11:53 - 001745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-18 22:03 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-07-18 22:03 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2020-07-18 22:00 - 2014-12-04 15:59 - 000000000 ____D C:\Program Files (x86)\McAfee
2020-07-18 21:58 - 2014-12-04 16:03 - 000011120 _____ C:\WINDOWS\SysWOW64\VisualDiscovery.ini
2020-07-18 21:58 - 2014-12-04 16:03 - 000005536 _____ C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
2020-07-18 21:58 - 2014-12-04 16:03 - 000005536 _____ C:\WINDOWS\system32\VisualDiscoveryOff.ini
2020-07-18 21:58 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-18 21:58 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-07-18 21:57 - 2014-12-04 15:58 - 000002560 _____ C:\WINDOWS\system32\VfService.trf
2020-07-18 17:56 - 2014-12-04 16:02 - 000000000 ____D C:\ProgramData\CyberLink
2020-07-18 12:26 - 2013-08-22 13:22 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2020-07-18 12:26 - 2013-08-22 13:22 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2020-07-18 12:26 - 2013-08-22 13:17 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2020-07-18 12:26 - 2013-08-22 13:17 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2020-07-18 12:26 - 2013-08-22 13:17 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2020-07-18 12:26 - 2013-08-22 06:05 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2020-07-18 12:26 - 2013-08-22 06:03 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2020-07-18 12:26 - 2013-08-22 05:59 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2020-07-18 12:26 - 2013-08-22 05:56 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2020-07-18 12:26 - 2013-08-22 05:56 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2020-07-18 12:26 - 2013-08-22 05:51 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2020-07-18 12:26 - 2013-08-22 05:51 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2020-07-18 12:26 - 2013-08-22 05:51 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2020-07-18 12:26 - 2013-08-22 05:51 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2020-07-18 00:46 - 2013-08-22 17:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template
2020-07-17 19:25 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2020-07-17 16:25 - 2014-12-04 15:56 - 000000000 ____D C:\ProgramData\Lenovo
2020-07-17 15:43 - 2014-12-04 15:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-07-17 15:38 - 2013-08-22 16:44 - 000346656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-07-17 15:32 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
==================== Files in the root of some directories ========
2020-07-18 18:10 - 2002-08-29 17:33 - 000319488 ____R () C:\Users\Ondřej\AppData\Roaming\MafiaSetup.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2020 01
Ran by Ondřej (19-07-2020 11:49:45)
Running from C:\Users\Ondřej\Desktop
Windows 8.1 (Update) (X64) (2020-07-17 13:38:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3554998910-4206139875-1568112538-500 - Administrator - Disabled)
Guest (S-1-5-21-3554998910-4206139875-1568112538-501 - Limited - Disabled)
Ondřej (S-1-5-21-3554998910-4206139875-1568112538-1001 - Administrator - Enabled) => C:\Users\Ondřej
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: McAfee Anti-Virus a Antispyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee VirusScan (Disabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus a Antispyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.37.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Host App Service (HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\...\SweetLabs_AP) (Version: 0.269.9.121 - Pokki) <==== ATTENTION
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{96C730E4-F055-4118-BDF3-6E071763853C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.37.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.7.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.39.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Hidden
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R26 - McAfee, LLC)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.7.306 - NVIDIA Corporation) Hidden
Start Menu (HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\...\SweetLabs_Start_Menu) (Version: 0.269.9.121 - Pokki) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superfish Inc. VisualDiscovery (HKLM-x32\...\Superfish Inc. VisualDiscovery) (Version: 1.0.0.5 - Superfish) <==== ATTENTION
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Packages:
=========
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2020-07-18] (LENOVO INC.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_2.0.1.63_x64__6dqnvyezrysvy [2020-07-18] (Dailymotion SA)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_2.1.1.28_x86__q4d96b2w5wcc2 [2014-12-04] (Evernote)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2020-07-18] (FilmOn TV Inc.)
McAfee® Central for Lenovo -> C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_5.0.173.1_x64__bq6yxensn79aw [2020-07-18] (McAfee_Inc)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_1.1.9.6_x64__5grkq8ppsgwt4 [2020-07-17] (LENOVO INC)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2020-07-18] (CYBERLINK COM CORPORATION)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2020-07-18] (Skype) [MS Ad]
Sport Bing -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe [2014-12-04] (Microsoft Corporation) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2020-07-18] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2014-12-04] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2020-07-18] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3554998910-4206139875-1568112538-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2014-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2013-03-07 22:55 - 2013-03-07 22:55 - 000472576 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000013824 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000015872 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2010-12-16 22:16 - 2010-12-16 22:16 - 000195584 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2010-01-13 02:55 - 2010-01-13 02:55 - 000322048 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 000317952 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 002603520 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 009224704 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 001006592 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 014978048 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 000382464 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2010-01-13 02:55 - 2010-01-13 02:55 - 000400384 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2010-01-18 09:34 - 2010-01-18 09:34 - 000062464 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2014-12-04 16:02 - 2014-12-04 16:02 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2014-12-04 16:02 - 2014-12-04 16:02 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000098304 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\configurationManager.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000224256 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\CorePersistenceAPI.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000118272 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\dispatcher.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000075264 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ChannelAdapter.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000019456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\localMessage.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000030208 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\logger.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000318976 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\network.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000220160 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\orchestrator.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000623616 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\payload.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000022528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sealing.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 001489920 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\serializer.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\systemInfo.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000125952 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\uuid.dll
2014-12-04 15:58 - 2014-08-13 02:32 - 000468480 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2014-12-04 16:01 - 2014-12-04 16:01 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
2014-12-04 15:39 - 2014-01-24 08:27 - 000067072 _____ (NVIDIA Corporation) [File not signed] C:\WINDOWS\SYSTEM32\Nv3DAppShExtR.dll
2010-12-16 22:09 - 2010-12-16 22:09 - 001019392 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\LIBEAY32.dll
2010-12-16 22:09 - 2010-12-16 22:09 - 000209408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery => ""="service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\lenovowallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{05B662AE-4BAA-4F04-B8E1-E473C7868694}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C9AB639-3BEA-4C4B-BA12-8A37DEA0B217}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{30CBE486-4A73-46F5-AF93-A69FD55ADDBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{556EDF1E-DD58-4B71-9C18-1AC01BE9AC91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B753AAC0-27B1-4212-AE4E-AB35C0D2FE41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CAA18A17-3089-423C-A79D-52BAA3BB097D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DAE56B8D-6BF0-4E27-9F8F-305DE40AE333}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{9F5560E1-BDDE-4904-A5A8-65D10E5A6D70}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{C5FD553C-F05A-464F-97D1-DA2490857E57}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{CE549FF1-C54F-4390-829A-9301C56CEA4E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{DF86437D-ACE7-4941-AFC9-1AC20484B07E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{DA16AFC2-B218-459E-A31C-120BDCEBF8EB}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{32E1F5A6-C783-4CE0-8661-0F1E801D0B4E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{E865B212-8FB1-4663-B247-BC2DC996DBAB}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{F4D85FE8-221A-49F8-9DDD-36427D629F75}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1FD52F61-EF77-4FDE-B433-696266C7566C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F023DCBF-9830-4D73-B983-0DB6A114B1E0}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5C6B98E4-4EA7-4730-8E12-BDBDE2D4F05E}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe => No File
FirewallRules: [{81419B7D-3B98-4224-9EF9-B6B754DAC805}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5F69F5EC-E197-4F67-A704-0249969D0DE9}] => (Allow) LPort=55100
FirewallRules: [{65EF9A90-201B-4D81-A9E6-DF8B16419D49}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{E267D01A-023C-404A-B543-E3D95DEBCA45}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{98F41AD9-BE38-4B42-B15A-746BB39DB29E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{54413951-95BF-47BF-B135-E88F8B01754D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5F540746-5159-4203-8A81-A3B771962D32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{79644AB2-8205-4BA1-97FA-7065149D2D48}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6A31A24E-1D41-46C5-BB7E-E809C8DEE7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{201E15EC-9B0E-44C8-89D4-EE2B8109B84C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{8F1FCEEF-5B77-492B-8565-08C569FDD200}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [File not signed]
FirewallRules: [{51B247E0-17F6-473B-B1D2-F137BDD70ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [File not signed]
FirewallRules: [{E51DE6FD-E860-47F5-B37B-0879214BB96A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{C49F53D9-6843-4E8C-B41B-982E7AD79283}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
==================== Restore Points =========================
17-07-2020 15:32:42 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/19/2020 11:32:35 AM) (Source: AVLogEvent) (EventID: 5003) (User: NT AUTHORITY)
Description: McShield encountered error while stopping.
Error Code:a7f40610
Error: (07/18/2020 10:01:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 10:00:38 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 10:00:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 10:00:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 10:00:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 09:59:36 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 09:59:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
System errors:
=============
Error: (07/19/2020 11:37:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (07/19/2020 11:32:16 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/19/2020 11:32:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/19/2020 11:32:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/19/2020 11:32:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/18/2020 10:03:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (07/18/2020 10:01:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/18/2020 09:58:54 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
CodeIntegrity:
===================================
Date: 2020-07-18 22:03:40.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.710
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.632
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.554
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.491
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.398
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.335
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfehida.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 9ECN31WW(V1.14) 08/18/2014
Motherboard: LENOVO Lenovo Y50-70
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 26%
Total physical RAM: 16296.27 MB
Available physical RAM: 12044.41 MB
Total Virtual: 19240.27 MB
Available Virtual: 15039.24 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:196.44 GB) (Free:149.24 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.94 GB) NTFS
Drive e: () (Removable) (Total:14.45 GB) (Free:8.2 GB) FAT32
Drive f: (mafia_cd_1) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
\\?\Volume{cd10c07e-3db2-40ea-9215-8507155e637b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.69 GB) NTFS
\\?\Volume{a9fe3c26-8740-4c74-a5c5-7ed2c3a992ed}\ (PBR_DRV) (Fixed) (Total:14.7 GB) (Free:3.84 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C8C7E493)
Partition: GPT.
==========================================================
Disk: 1 (Size: 14.5 GB) (Disk ID: AB9D1828)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)
==================== End of Addition.txt =======================
Chtěl jsem tedy požádat o kontrolu logu, zda se nemůže jednat o nějaký malware. Dále jsem se chtěl zeptat zda je možnost nějak zkontrolovat i danou SD kartu, jestli si problém nemohu zanášet z ní.
Předem děkuji za pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2020 01
Ran by Ondřej (administrator) on LENOVO-PC (LENOVO 20378) (19-07-2020 11:49:05)
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Windows\SysWOW64\ibtsiva.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe <2>
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ActWiz\mcautoreg.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.6.124.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_4\mcapexe.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DsmUserTask.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Pokki, Inc. -> Pokki) C:\Users\Ondřej\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Superfish Inc. -> Superfish, Inc.) C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-06-10] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-03-12] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16093512 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [8235848 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3377440 2020-07-11] (Valve -> Valve Corporation)
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\...\MountPoints2: {1b7e25f5-c845-11ea-8263-e8b1fc4656da} - "F:\MafiaLauncher.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe [2020-07-17] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{981b174d-7733-4e7f-b89d-6545a7c21838}] -> C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe [2014-09-27] (Amazon Services LLC -> Amazon)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2014-12-04] (Lenovo (Beijing) Limited -> )
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-27] (Amazon Services LLC -> Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-09-27] (Amazon Services LLC -> Amazon Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05323514-6ED0-4D8D-BD7B-0FCAF5F1D633} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1075528 2020-05-14] (McAfee, LLC -> McAfee, LLC)
Task: {2D636E53-FB71-4FEC-A7AC-6472B28E8FDB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233760 2013-03-07] (Intel® Services Manager -> Intel Corporation)
Task: {3ACC020E-FB48-46DC-A85F-4103177667F6} - System32\Tasks\{CECF034B-6BCC-4BD6-B507-BDCACE49F592} => C:\WINDOWS\system32\pcalua.exe -a F:\MafiaLauncher.exe -d F:\
Task: {49462BEA-EDD0-47DE-B60B-9E15B3A55CA1} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4185384 2020-05-15] (McAfee, LLC -> McAfee, LLC)
Task: {5A4AC02E-E882-4D85-8A69-22F44A215171} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [151 2013-06-03] () [File not signed]
Task: {62D6904D-01B5-4E56-A98E-5DB26C66E353} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {6C7FC9EF-86F1-48DA-937A-06C55895B669} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17152 2014-08-19] (LENOVO -> Lenovo)
Task: {7C8DD042-4BDB-4937-848F-E9432BA1EC88} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [248136 2014-02-12] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo)
Task: {822F072A-EB40-4A7A-B44B-7D55A5CEB9E7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233760 2013-03-07] (Intel® Services Manager -> Intel Corporation)
Task: {83A4F012-5AEE-40D7-9404-AEC44E6FE8EE} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {8D096067-AC8D-4B43-A1A8-91C404DF1125} - System32\Tasks\{0C0B1F4A-7312-47B8-9670-BA6FF638F6C4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Mafia\Game.exe" -d "c:\program files\Mafia\"
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {8D790C5E-EA38-42FB-AF88-99FB688D2C53} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1075528 2020-05-14] (McAfee, LLC -> McAfee, LLC)
Task: {96BB415B-5D70-44C5-AD32-D097A679DB20} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4592776 2020-05-15] (McAfee, LLC -> McAfee, LLC)
Task: {985E3E9B-1FEA-4A0D-ABAF-89982A03FDE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-17] (Google LLC -> Google LLC)
Task: {AC23AFA5-EB7D-4354-9905-B357DC07F1AE} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {DC69AC93-050F-4363-8121-8375C9BD94D4} - System32\Tasks\SweetLabs App Platform => C:\Users\Ondřej\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [10558696 2020-06-19] (Pokki, Inc. -> Pokki)
Task: {EE7B4FC7-9249-49E3-A802-DC1609681305} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2020-07-18] (McAfee, Inc. -> McAfee, LLC.)
Task: {F039512D-7152-4E59-A1AD-1EE0B56E7DEA} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-08] (McAfee, LLC -> McAfee, LLC)
Task: {F218D7B7-9741-4BB4-AC73-9F0D34328C2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-17] (Google LLC -> Google LLC)
Task: {F3268F19-2998-43AD-B9F8-FAD24BBEB5D1} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [256824 2014-09-11] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {F7095568-6A2A-4E32-AC12-63F13DCC5B19} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [78240 2015-08-09] (LENOVO -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3ECA6E43-73A5-4537-8AEE-CAE58ED72786}: [DhcpNameServer] 169.254.224.91
Tcpip\..\Interfaces\{9B0262CF-0EDA-4F71-A83A-212B96CAB6FC}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-3554998910-4206139875-1568112538-1001 -> DefaultScope {4C3A711D-39DF-4872-BF52-FA11D2B96BB0} URL =
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2020-07-19] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-06-08] (McAfee, LLC -> )
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-06-08] (McAfee, LLC -> )
Chrome:
=======
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default [2020-07-19]
CHR Extension: (Dokumenty) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-17]
CHR Extension: (Disk Google) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-07-17]
CHR Extension: (YouTube) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-17]
CHR Extension: (Tabulky) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-07-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-17]
CHR Extension: (Gmail) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0015111595102574mcinstcleanup; C:\ProgramData\McInstTemp0015111595102574\McInst.exe [839392 2020-06-08] (McAfee, LLC -> McAfee, LLC)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] (Lenovo (Beijing) Limited -> )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 iBtSiva; c:\windows\syswow64\ibtsiva.exe [120016 2014-04-04] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584608 2015-08-09] (LENOVO -> LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1844024 2014-08-01] (Maxthon (Asia) Limited. -> Maxthon)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_4\McApExe.exe [768256 2020-06-08] (McAfee, LLC -> McAfee, LLC)
R3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.6.124.0\\McCSPServiceHost.exe [2726312 2020-05-28] (McAfee, LLC -> McAfee, LLC)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [718200 2020-06-08] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1360496 2020-03-18] (McAfee, LLC. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1742272 2020-05-15] (McAfee, LLC -> McAfee, LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-30] (Intel Corporation-Mobile Wireless Group -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4212808 2020-05-27] (McAfee, LLC -> McAfee, LLC)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab Ltd -> PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab Ltd -> PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-12-04] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-12-04] (Lenovo -> Lenovo)
R2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [319472 2014-07-19] (Lenovo (Beijing) Limited -> Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-12-04] (Lenovo (Beijing) Limited -> )
R2 VisualDiscovery; C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe [1304360 2014-09-28] (Superfish Inc. -> Superfish, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-30] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [24904 2014-03-11] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [528824 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
U3 mfeaack01; no ImagePath
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [382392 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521648 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1000880 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
U3 mfehidk01; no ImagePath
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [595592 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
U3 mfencbdc02; no ImagePath
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108168 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [9121496 2014-06-10] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 VDWFP; C:\windows\system32\Drivers\VDWFP64.sys [39800 2014-05-12] (Superfish Inc. -> Superfish, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [257880 2014-03-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 mfencbdc01; \Device\mfencbdc01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-19 11:49 - 2020-07-19 11:49 - 000028440 _____ C:\Users\Ondřej\Desktop\FRST.txt
2020-07-19 11:48 - 2020-07-19 11:49 - 000000000 ____D C:\FRST
2020-07-19 11:46 - 2020-07-19 11:46 - 002292736 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2020-07-19 11:31 - 2020-07-19 11:31 - 000000000 ____D C:\Program Files\McAfeeDashboard
2020-07-18 22:02 - 2020-07-18 22:02 - 000000000 ____D C:\ProgramData\McInstTemp0015111595102574
2020-07-18 22:00 - 2020-07-18 22:00 - 000002003 _____ C:\Users\Public\Desktop\McAfee LiveSafe.lnk
2020-07-18 22:00 - 2020-07-18 22:00 - 000002003 _____ C:\ProgramData\Desktop\McAfee LiveSafe.lnk
2020-07-18 22:00 - 2020-07-18 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2020-07-18 19:08 - 2020-07-18 19:08 - 000003052 _____ C:\WINDOWS\system32\Tasks\{CECF034B-6BCC-4BD6-B507-BDCACE49F592}
2020-07-18 18:21 - 2020-07-18 18:21 - 000003122 _____ C:\WINDOWS\system32\Tasks\{0C0B1F4A-7312-47B8-9670-BA6FF638F6C4}
2020-07-18 18:14 - 2020-07-18 18:14 - 000000800 _____ C:\Users\Ondřej\Desktop\Mafia.lnk
2020-07-18 18:14 - 2020-07-18 18:14 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
2020-07-18 18:14 - 2020-07-18 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2020-07-18 18:14 - 2020-07-18 18:14 - 000000000 ____D C:\Program Files (x86)\Creative
2020-07-18 18:14 - 2002-06-06 14:38 - 000139264 _____ (Creative Technology Ltd) C:\WINDOWS\SysWOW64\eax.dll
2020-07-18 18:14 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2020-07-18 18:10 - 2020-07-18 18:13 - 000000000 ____D C:\Program Files\Mafia
2020-07-18 18:10 - 2002-08-29 17:33 - 000319488 ____R () C:\Users\Ondřej\AppData\Roaming\MafiaSetup.exe
2020-07-18 17:58 - 2002-08-29 17:33 - 000319488 _____ () C:\WINDOWS\SysWOW64\MafiaSetup.exe
2020-07-18 17:56 - 2020-07-18 17:56 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\CyberLink
2020-07-18 17:56 - 2020-07-18 17:56 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CyberLink
2020-07-18 12:25 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2020-07-18 12:25 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2020-07-18 12:25 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2020-07-18 12:25 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2020-07-18 12:25 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2020-07-18 12:25 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2020-07-18 12:25 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2020-07-18 12:25 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2020-07-18 12:25 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2020-07-18 12:25 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2020-07-18 12:25 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2020-07-18 12:25 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2020-07-18 12:25 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2020-07-18 12:25 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2020-07-18 12:25 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2020-07-18 12:25 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2020-07-18 12:25 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2020-07-18 12:25 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2020-07-18 12:25 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2020-07-18 12:25 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2020-07-18 12:25 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2020-07-18 12:25 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2020-07-18 12:25 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2020-07-18 12:25 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2020-07-18 12:25 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2020-07-18 12:25 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2020-07-18 12:25 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2020-07-18 12:25 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2020-07-18 12:25 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2020-07-18 12:25 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2020-07-18 12:25 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2020-07-18 12:25 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2020-07-18 12:25 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2020-07-18 12:25 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2020-07-18 12:25 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2020-07-18 12:25 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2020-07-18 12:25 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2020-07-18 12:25 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2020-07-18 12:25 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2020-07-18 12:25 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2020-07-18 12:25 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2020-07-18 12:25 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2020-07-18 12:25 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2020-07-18 12:25 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2020-07-18 12:25 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2020-07-18 12:25 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2020-07-18 12:25 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2020-07-18 12:25 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2020-07-18 12:25 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2020-07-18 12:25 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2020-07-18 12:25 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2020-07-18 12:25 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2020-07-18 12:25 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2020-07-18 12:25 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2020-07-18 12:25 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2020-07-18 12:25 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2020-07-18 12:25 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2020-07-18 12:25 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2020-07-18 12:25 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2020-07-18 12:25 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2020-07-18 12:25 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2020-07-18 12:25 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2020-07-18 12:25 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2020-07-18 12:25 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2020-07-18 12:25 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2020-07-18 12:25 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2020-07-18 12:25 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2020-07-18 12:25 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2020-07-18 12:25 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2020-07-18 12:25 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2020-07-18 12:25 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2020-07-18 12:25 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2020-07-18 12:25 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2020-07-18 12:25 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2020-07-18 12:25 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2020-07-18 12:25 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2020-07-18 12:25 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2020-07-18 12:25 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2020-07-18 12:25 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2020-07-18 12:25 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2020-07-18 12:25 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2020-07-18 12:25 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2020-07-18 12:25 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2020-07-18 12:25 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2020-07-18 12:25 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2020-07-18 12:25 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2020-07-18 12:25 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2020-07-18 12:25 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2020-07-18 12:25 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2020-07-18 12:25 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2020-07-18 12:25 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2020-07-18 12:25 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2020-07-18 12:25 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2020-07-18 12:25 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2020-07-18 12:25 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2020-07-18 12:25 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2020-07-18 12:25 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2020-07-18 12:25 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2020-07-18 12:25 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2020-07-18 12:25 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2020-07-18 12:25 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2020-07-18 12:25 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2020-07-18 12:25 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2020-07-18 12:25 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2020-07-18 12:25 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2020-07-18 12:25 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2020-07-18 12:25 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2020-07-18 12:25 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2020-07-18 12:25 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2020-07-18 12:25 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2020-07-18 12:20 - 2020-07-18 12:20 - 000000222 _____ C:\Users\Ondřej\Desktop\RollerCoaster Tycoon 2 Triple Thrill Pack.url
2020-07-18 01:31 - 2020-07-18 01:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-07-18 00:46 - 2020-07-18 00:46 - 000000000 _____ C:\Recovery.txt
2020-07-17 19:37 - 2020-07-17 19:37 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\Landfall West
2020-07-17 19:29 - 2020-07-18 12:20 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-07-17 19:29 - 2020-07-17 19:29 - 000000222 _____ C:\Users\Ondřej\Desktop\Stick Fight The Game.url
2020-07-17 19:24 - 2020-07-19 11:31 - 000003260 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2020-07-17 19:24 - 2020-07-18 22:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2020-07-17 19:18 - 2020-07-17 19:18 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Steam
2020-07-17 19:18 - 2020-07-17 19:18 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CEF
2020-07-17 16:38 - 2020-07-17 16:39 - 004270054 _____ C:\Users\Ondřej\Downloads\Nepotvrzeno 225747.crdownload
2020-07-17 16:37 - 2020-07-17 16:37 - 000000898 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-07-17 16:37 - 2020-07-17 16:37 - 000000898 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-07-17 16:37 - 2020-07-17 16:37 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-07-17 16:37 - 2020-07-17 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-07-17 16:37 - 2020-07-17 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-07-17 16:37 - 2020-07-17 16:37 - 000000000 ____D C:\Program Files\VideoLAN
2020-07-17 16:36 - 2020-07-18 22:05 - 000000000 ____D C:\Program Files (x86)\Steam
2020-07-17 16:36 - 2020-07-17 16:37 - 000000000 ____D C:\Program Files\WinRAR
2020-07-17 16:36 - 2020-07-17 16:36 - 000000990 _____ C:\Users\Public\Desktop\Steam.lnk
2020-07-17 16:36 - 2020-07-17 16:36 - 000000990 _____ C:\ProgramData\Desktop\Steam.lnk
2020-07-17 16:36 - 2020-07-17 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2020-07-17 16:11 - 2020-07-18 22:00 - 000003614 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2020-07-17 16:11 - 2020-07-18 22:00 - 000000000 ____D C:\Program Files\Common Files\AV
2020-07-17 16:04 - 2020-07-17 16:04 - 000003320 _____ C:\WINDOWS\system32\Tasks\SweetLabs App Platform
2020-07-17 16:04 - 2020-07-17 16:04 - 000000961 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2020-07-17 16:04 - 2020-07-17 16:04 - 000000961 _____ C:\ProgramData\Desktop\EPSON Scan.lnk
2020-07-17 16:04 - 2020-07-17 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2020-07-17 16:04 - 2020-07-17 16:04 - 000000000 ____D C:\Program Files (x86)\epson
2020-07-17 16:04 - 2009-10-16 00:00 - 000132560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esdevapp.exe
2020-07-17 16:04 - 2009-10-16 00:00 - 000013824 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxcdev.dll
2020-07-17 16:04 - 2009-03-13 00:00 - 000230912 _____ (Seiko Epson Corp.) C:\WINDOWS\system32\esxuin7c.dll
2020-07-17 16:04 - 2009-03-13 00:00 - 000221184 _____ (Seiko Epson Corp.) C:\WINDOWS\SysWOW64\esint7c.dll
2020-07-17 16:04 - 2009-03-13 00:00 - 000065793 _____ C:\WINDOWS\system32\esfw7c.bin
2020-07-17 16:04 - 2007-11-29 00:00 - 000084992 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\esxwia7c.dll
2020-07-17 16:04 - 2006-03-10 00:00 - 000004608 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\esxwiaml.dll
2020-07-17 15:58 - 2020-07-17 15:58 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-17 15:58 - 2020-07-17 15:58 - 000002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-17 15:58 - 2020-07-17 15:58 - 000002290 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-17 15:57 - 2020-07-17 16:01 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Google
2020-07-17 15:57 - 2020-07-17 15:57 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-17 15:57 - 2020-07-17 15:57 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-17 15:57 - 2020-07-17 15:57 - 000000000 ____D C:\Program Files (x86)\Google
2020-07-17 15:56 - 2020-07-17 15:56 - 000000000 __SHD C:\Users\Ondřej\AppData\LocalLow\EmieUserList
2020-07-17 15:56 - 2020-07-17 15:56 - 000000000 __SHD C:\Users\Ondřej\AppData\LocalLow\EmieSiteList
2020-07-17 15:56 - 2020-07-17 15:56 - 000000000 __SHD C:\Users\Ondřej\AppData\Local\EmieUserList
2020-07-17 15:56 - 2020-07-17 15:56 - 000000000 __SHD C:\Users\Ondřej\AppData\Local\EmieSiteList
2020-07-17 15:48 - 2020-07-19 11:34 - 000001283 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2020-07-17 15:48 - 2020-07-19 11:34 - 000000000 ____D C:\ProgramData\LU
2020-07-17 15:44 - 2020-07-18 21:58 - 000000000 ____D C:\Users\Ondřej\OneDrive
2020-07-17 15:43 - 2020-07-19 11:43 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3554998910-4206139875-1568112538-1001
2020-07-17 15:41 - 2020-07-17 15:41 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Lenovo
2020-07-17 15:39 - 2020-07-17 15:39 - 000000000 ____D C:\Users\Public\Pokki
2020-07-17 15:39 - 2020-07-17 15:39 - 000000000 ____D C:\Users\Ondřej\AppData\Local\NVIDIA Corporation
2020-07-17 15:38 - 2020-07-18 21:52 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Packages
2020-07-17 15:38 - 2020-07-18 18:14 - 000000000 ____D C:\Users\Ondřej\AppData\Local\VirtualStore
2020-07-17 15:38 - 2020-07-17 15:38 - 000001437 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-07-17 15:38 - 2020-07-17 15:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 __SHD C:\Users\Ondřej\IntelGraphicsProfiles
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Macromedia
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Intel
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Adobe
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Power2Go8
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Local\PackageStaging
2020-07-17 15:38 - 2020-07-17 15:38 - 000000000 ____D C:\Users\Ondřej\AppData\Local\NVIDIA
2020-07-17 15:37 - 2020-07-19 11:31 - 000000000 ____D C:\Users\Ondřej\AppData\Local\SweetLabs App Platform
2020-07-17 15:37 - 2020-07-17 17:26 - 000000000 ____D C:\Users\Ondřej
2020-07-17 15:37 - 2020-07-17 15:37 - 000000020 ___SH C:\Users\Ondřej\ntuser.ini
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Šablony
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Soubory cookie
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Poslední
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Okolní tiskárny
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Okolní síť
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Nabídka Start
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Dokumenty
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Documents\Obrázky
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Documents\Hudba
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Documents\Filmy
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\Data aplikací
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-07-17 15:37 - 2020-07-17 15:37 - 000000000 _SHDL C:\Users\Ondřej\AppData\Local\Data aplikací
2020-07-17 15:37 - 2014-03-18 11:55 - 000000369 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2020-07-17 15:37 - 2014-03-18 11:55 - 000000369 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-19 11:48 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-19 11:42 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-19 11:42 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-19 11:35 - 2014-12-04 15:59 - 000000000 ____D C:\ProgramData\McAfee
2020-07-19 11:32 - 2014-12-04 15:59 - 000000000 ____D C:\Program Files\mcafee
2020-07-19 11:32 - 2014-12-04 15:59 - 000000000 ____D C:\Program Files\Common Files\McAfee
2020-07-18 22:03 - 2014-12-04 16:30 - 000739924 _____ C:\WINDOWS\system32\perfh005.dat
2020-07-18 22:03 - 2014-12-04 16:30 - 000151610 _____ C:\WINDOWS\system32\perfc005.dat
2020-07-18 22:03 - 2014-03-18 11:53 - 001745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-18 22:03 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-07-18 22:03 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2020-07-18 22:00 - 2014-12-04 15:59 - 000000000 ____D C:\Program Files (x86)\McAfee
2020-07-18 21:58 - 2014-12-04 16:03 - 000011120 _____ C:\WINDOWS\SysWOW64\VisualDiscovery.ini
2020-07-18 21:58 - 2014-12-04 16:03 - 000005536 _____ C:\WINDOWS\SysWOW64\VisualDiscoveryOff.ini
2020-07-18 21:58 - 2014-12-04 16:03 - 000005536 _____ C:\WINDOWS\system32\VisualDiscoveryOff.ini
2020-07-18 21:58 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-18 21:58 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-07-18 21:57 - 2014-12-04 15:58 - 000002560 _____ C:\WINDOWS\system32\VfService.trf
2020-07-18 17:56 - 2014-12-04 16:02 - 000000000 ____D C:\ProgramData\CyberLink
2020-07-18 12:26 - 2013-08-22 13:22 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2020-07-18 12:26 - 2013-08-22 13:22 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2020-07-18 12:26 - 2013-08-22 13:17 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2020-07-18 12:26 - 2013-08-22 13:17 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2020-07-18 12:26 - 2013-08-22 13:17 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2020-07-18 12:26 - 2013-08-22 06:05 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2020-07-18 12:26 - 2013-08-22 06:03 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2020-07-18 12:26 - 2013-08-22 05:59 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2020-07-18 12:26 - 2013-08-22 05:56 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2020-07-18 12:26 - 2013-08-22 05:56 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2020-07-18 12:26 - 2013-08-22 05:51 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2020-07-18 12:26 - 2013-08-22 05:51 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2020-07-18 12:26 - 2013-08-22 05:51 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2020-07-18 12:26 - 2013-08-22 05:51 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2020-07-18 00:46 - 2013-08-22 17:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template
2020-07-17 19:25 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2020-07-17 16:25 - 2014-12-04 15:56 - 000000000 ____D C:\ProgramData\Lenovo
2020-07-17 15:43 - 2014-12-04 15:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-07-17 15:38 - 2013-08-22 16:44 - 000346656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-07-17 15:32 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
==================== Files in the root of some directories ========
2020-07-18 18:10 - 2002-08-29 17:33 - 000319488 ____R () C:\Users\Ondřej\AppData\Roaming\MafiaSetup.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2020 01
Ran by Ondřej (19-07-2020 11:49:45)
Running from C:\Users\Ondřej\Desktop
Windows 8.1 (Update) (X64) (2020-07-17 13:38:14)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3554998910-4206139875-1568112538-500 - Administrator - Disabled)
Guest (S-1-5-21-3554998910-4206139875-1568112538-501 - Limited - Disabled)
Ondřej (S-1-5-21-3554998910-4206139875-1568112538-1001 - Administrator - Enabled) => C:\Users\Ondřej
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: McAfee Anti-Virus a Antispyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee VirusScan (Disabled - Up to date) {2624E002-54CC-27F9-FD39-B2DD14D41191}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus a Antispyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.37.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.23 - Lenovo)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Host App Service (HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\...\SweetLabs_AP) (Version: 0.269.9.121 - Pokki) <==== ATTENTION
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{96C730E4-F055-4118-BDF3-6E071763853C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.37.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.7.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.39.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.1.0.61 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Hidden
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R26 - McAfee, LLC)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.50 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.7.306 - NVIDIA Corporation) Hidden
Start Menu (HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\...\SweetLabs_Start_Menu) (Version: 0.269.9.121 - Pokki) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superfish Inc. VisualDiscovery (HKLM-x32\...\Superfish Inc. VisualDiscovery) (Version: 1.0.0.5 - Superfish) <==== ATTENTION
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Packages:
=========
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2020-07-18] (LENOVO INC.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_2.0.1.63_x64__6dqnvyezrysvy [2020-07-18] (Dailymotion SA)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_2.1.1.28_x86__q4d96b2w5wcc2 [2014-12-04] (Evernote)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2020-07-18] (FilmOn TV Inc.)
McAfee® Central for Lenovo -> C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_5.0.173.1_x64__bq6yxensn79aw [2020-07-18] (McAfee_Inc)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_1.1.9.6_x64__5grkq8ppsgwt4 [2020-07-17] (LENOVO INC)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2020-07-18] (CYBERLINK COM CORPORATION)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2020-07-18] (Skype) [MS Ad]
Sport Bing -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.258_x64__8wekyb3d8bbwe [2014-12-04] (Microsoft Corporation) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2020-07-18] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2014-12-04] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2020-07-18] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2020-07-18] (Zinio LLC)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3554998910-4206139875-1568112538-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2014-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2013-03-07 22:55 - 2013-03-07 22:55 - 000472576 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000013824 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000015872 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2010-12-16 22:16 - 2010-12-16 22:16 - 000195584 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2010-01-13 02:55 - 2010-01-13 02:55 - 000322048 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 000317952 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 002603520 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 009224704 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 001006592 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 014978048 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2010-12-17 22:56 - 2010-12-17 22:56 - 000382464 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2010-01-13 02:55 - 2010-01-13 02:55 - 000400384 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2010-01-18 09:34 - 2010-01-18 09:34 - 000062464 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2014-12-04 16:02 - 2014-12-04 16:02 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2014-12-04 16:02 - 2014-12-04 16:02 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000098304 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\configurationManager.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000224256 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\CorePersistenceAPI.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000118272 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\dispatcher.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000075264 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ChannelAdapter.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000019456 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\localMessage.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000030208 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\logger.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000318976 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\network.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000220160 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\orchestrator.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000623616 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\payload.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000022528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sealing.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 001489920 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\serializer.dll
2013-03-07 22:54 - 2013-03-07 22:54 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\systemInfo.dll
2013-03-07 22:53 - 2013-03-07 22:53 - 000125952 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\uuid.dll
2014-12-04 15:58 - 2014-08-13 02:32 - 000468480 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2014-12-04 16:01 - 2014-12-04 16:01 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
2014-12-04 15:39 - 2014-01-24 08:27 - 000067072 _____ (NVIDIA Corporation) [File not signed] C:\WINDOWS\SYSTEM32\Nv3DAppShExtR.dll
2010-12-16 22:09 - 2010-12-16 22:09 - 001019392 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\LIBEAY32.dll
2010-12-16 22:09 - 2010-12-16 22:09 - 000209408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VisualDiscovery => ""="service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-3554998910-4206139875-1568112538-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\lenovowallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{05B662AE-4BAA-4F04-B8E1-E473C7868694}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C9AB639-3BEA-4C4B-BA12-8A37DEA0B217}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{30CBE486-4A73-46F5-AF93-A69FD55ADDBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{556EDF1E-DD58-4B71-9C18-1AC01BE9AC91}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B753AAC0-27B1-4212-AE4E-AB35C0D2FE41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CAA18A17-3089-423C-A79D-52BAA3BB097D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DAE56B8D-6BF0-4E27-9F8F-305DE40AE333}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{9F5560E1-BDDE-4904-A5A8-65D10E5A6D70}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{C5FD553C-F05A-464F-97D1-DA2490857E57}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{CE549FF1-C54F-4390-829A-9301C56CEA4E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{DF86437D-ACE7-4941-AFC9-1AC20484B07E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{DA16AFC2-B218-459E-A31C-120BDCEBF8EB}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{32E1F5A6-C783-4CE0-8661-0F1E801D0B4E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{E865B212-8FB1-4663-B247-BC2DC996DBAB}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{F4D85FE8-221A-49F8-9DDD-36427D629F75}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1FD52F61-EF77-4FDE-B433-696266C7566C}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F023DCBF-9830-4D73-B983-0DB6A114B1E0}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5C6B98E4-4EA7-4730-8E12-BDBDE2D4F05E}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe => No File
FirewallRules: [{81419B7D-3B98-4224-9EF9-B6B754DAC805}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5F69F5EC-E197-4F67-A704-0249969D0DE9}] => (Allow) LPort=55100
FirewallRules: [{65EF9A90-201B-4D81-A9E6-DF8B16419D49}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{E267D01A-023C-404A-B543-E3D95DEBCA45}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{98F41AD9-BE38-4B42-B15A-746BB39DB29E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{54413951-95BF-47BF-B135-E88F8B01754D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5F540746-5159-4203-8A81-A3B771962D32}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{79644AB2-8205-4BA1-97FA-7065149D2D48}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6A31A24E-1D41-46C5-BB7E-E809C8DEE7A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{201E15EC-9B0E-44C8-89D4-EE2B8109B84C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\StickFightTheGame\StickFight.exe () [File not signed]
FirewallRules: [{8F1FCEEF-5B77-492B-8565-08C569FDD200}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [File not signed]
FirewallRules: [{51B247E0-17F6-473B-B1D2-F137BDD70ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE () [File not signed]
FirewallRules: [{E51DE6FD-E860-47F5-B37B-0879214BB96A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{C49F53D9-6843-4E8C-B41B-982E7AD79283}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
==================== Restore Points =========================
17-07-2020 15:32:42 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/19/2020 11:32:35 AM) (Source: AVLogEvent) (EventID: 5003) (User: NT AUTHORITY)
Description: McShield encountered error while stopping.
Error Code:a7f40610
Error: (07/18/2020 10:01:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 10:00:38 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 10:00:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 10:00:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 10:00:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 09:59:36 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
Error: (07/18/2020 09:59:23 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014
System errors:
=============
Error: (07/19/2020 11:37:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (07/19/2020 11:32:16 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/19/2020 11:32:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/19/2020 11:32:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/19/2020 11:32:14 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/18/2020 10:03:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (07/18/2020 10:01:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (07/18/2020 09:58:54 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
CodeIntegrity:
===================================
Date: 2020-07-18 22:03:40.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.710
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.632
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.554
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.491
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.398
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.335
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-07-18 22:03:40.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfehida.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 9ECN31WW(V1.14) 08/18/2014
Motherboard: LENOVO Lenovo Y50-70
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 26%
Total physical RAM: 16296.27 MB
Available physical RAM: 12044.41 MB
Total Virtual: 19240.27 MB
Available Virtual: 15039.24 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:196.44 GB) (Free:149.24 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.94 GB) NTFS
Drive e: () (Removable) (Total:14.45 GB) (Free:8.2 GB) FAT32
Drive f: (mafia_cd_1) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
\\?\Volume{cd10c07e-3db2-40ea-9215-8507155e637b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.69 GB) NTFS
\\?\Volume{a9fe3c26-8740-4c74-a5c5-7ed2c3a992ed}\ (PBR_DRV) (Fixed) (Total:14.7 GB) (Free:3.84 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C8C7E493)
Partition: GPT.
==========================================================
Disk: 1 (Size: 14.5 GB) (Disk ID: AB9D1828)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0C)
==================== End of Addition.txt =======================