Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Paulie (22-03-2019 13:30:53)
Running from C:\Users\Paulie\Desktop
Windows 10 Home Version 1803 17134.648 (X64) (2018-05-24 15:23:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-265973849-1346121208-2514518910-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-265973849-1346121208-2514518910-503 - Limited - Disabled)
Guest (S-1-5-21-265973849-1346121208-2514518910-501 - Limited - Disabled)
Paulie (S-1-5-21-265973849-1346121208-2514518910-1001 - Administrator - Enabled) => C:\Users\Paulie
WDAGUtilityAccount (S-1-5-21-265973849-1346121208-2514518910-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
Active Directory Authentication Library for SQL Server (HKLM\...\{4EE99065-01C6-49DD-9EC6-E08AA5B13491}) (Version: 14.0.1000.169 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{05f918ac-9392-4f5d-8399-68c4c70550b0}) (Version: 19.60.1 - Intel Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.3.2369 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-1610W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Connect (HKLM-x32\...\MAGIX_connector_is1) (Version: 2.6.1.117 - MAGIX Software GmbH)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{83D9E6C0-5F20-49B4-9ACF-80A24A1A045D}) (Version: 12.10.49.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
inst (HKLM-x32\...\{92FADD51-71F3-4B70-BD12-823CA7B124FC}) (Version: 1.0.0.0 - Creative Software Solutions GmbH)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4568 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{520F0634-40C0-453F-8C84-4EFAE89989A8}) (Version: 19.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
John's Background Switcher 4.7 (HKLM-x32\...\{DD3DAD13-289E-440E-A5D3-3EFB25305018}_is1) (Version: 4.7 - johnsadventures.com)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{32A69CB3-D657-4B43-8BB5-1A8CC6E93D3E}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{76CF9EF4-ABA0-484E-8042-12B99499AF5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2017 (HKLM-x32\...\Microsoft SQL Server SQL2017) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2017 Policies  (HKLM-x32\...\{256EDCB9-A64D-433C-A1DC-C76F02475915}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service  (HKLM\...\{2C98144D-D8DD-42C4-895B-EDB35041A220}) (Version: 14.0.17199.0 - Microsoft Corporation)
Microsoft SQL Server Data-Tier Application Framework (x86) (HKLM-x32\...\{FA16D5FD-8A0B-4984-A1F1-E9FF01D1D7FC}) (Version: 14.0.3811.1 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 17.3 (HKLM-x32\...\{422d7f9a-52c7-4ac7-82a9-2c2d77d67254}) (Version: 14.0.17199.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 (HKLM\...\{9D78F5D4-79D2-4FC6-AC56-F364A0ABC54F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 Shell (Isolated) (HKLM-x32\...\{d2981c27-a434-4c9a-96c7-0209e97c4eac}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 Language Support (HKLM-x32\...\{bd4ef7af-dfb1-472e-8fa4-1b97f360a3e7}) (Version: 14.0.23107.20 - Microsoft Corporation)
Modelio Open Source 3.6.1 (HKLM-x32\...\Modelio Open Source3.6) (Version: 3.6.1.201703061558 - Modeliosoft)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
OfficeOne AutoDateTime 5.4 (HKLM\...\AutoDateTime_is1) (Version: 5.4 - OfficeOne)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8544 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{5B47029B-1E62-30FF-906E-694851C22782}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM-x32\...\{6CE9A8AA-C478-4706-BD28-95993D52B5A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM-x32\...\{D17B5D3D-3BC7-4AFA-AD90-600B5453826E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Integration Services Scale Out Management Portal (HKLM\...\{6BD8D100-B16C-409E-B0EA-BF508D7874EC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Integration Services Scale Out Management Portal (HKLM\...\{91C5EE43-29D1-4720-AB65-5E2E0FE25990}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Management Studio Extensions (HKLM-x32\...\{26C73DFA-14AB-4066-AEBB-888ABB3E0CDB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Management Studio Extensions (HKLM-x32\...\{57C31A85-E01A-4F92-9123-B44A5CF492FF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{281BC3BA-FCB0-4056-B2B6-01D567D0D88C}) (Version: 14.0.17199.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{382143F2-DEC2-45A9-BFFD-1F2FE2232D88}) (Version: 14.0.17199.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{E4611504-7D47-4F50-83ED-D87154D9E903}) (Version: 14.0.17199.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{E13E53A6-A0CD-4BCE-840D-50167AA410EB}) (Version: 14.0.17199.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{A80192B3-F977-4EBE-B209-515C9E0760A2}) (Version: 14.0.17199.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Vita Concert Grand LE (HKLM\...\{C81BA934-5770-4610-A423-5CB7C9EEE548}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VMware Horizon Client (HKLM\...\{05C278BF-0040-4867-9EC7-F2E949447D74}) (Version: 4.6.1.9881 - VMware, Inc.) Hidden
VMware Horizon Client (HKLM-x32\...\{efa9232c-9a90-4dec-b9b6-4c3eafcce845}) (Version: 4.6.1.9881 - VMware, Inc.)
VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{558A7123-E2EC-48E3-8275-B508E64E0C7E}) (Version: 1.0.0.31054 - VMware, Inc.) Hidden
VMware Horizon Media Engine 3.0.0.389 (64-bit) (HKLM\...\{940FD693-44D7-488A-ACE3-164B6169D4D8}) (Version: 3.0.0.389 - VMware, Inc.) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Аrdamаx Kеylogger 4.4.2 (HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Аrdamаx Kеylogger 4.4.2) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-265973849-1346121208-2514518910-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-265973849-1346121208-2514518910-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Programy\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Programy\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Programy\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {001A2872-C545-49D4-9D15-E62038FD2C1A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {088B0413-FB66-4AD4-BAED-04B020F773D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {0C49640E-A22D-413F-84B3-01BC75150BB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {1028237B-53D1-4F17-BA4E-D93F33D306F1} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc. -> HP Inc.)
Task: {1875289A-5BDF-410C-9075-7EC8BC661948} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe (Dropbox, Inc -> DropboxOEM)
Task: {19B7995C-DD34-405D-8E64-773BC65034A6} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {24F147E8-01D3-42A6-8415-C236E9A20AB5} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {29133DD0-EEA3-45BC-B807-1AD5884602A7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2A3E58B4-AC33-4159-80EA-1E5E7F2D04A0} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {37E297E7-5932-4E0B-AE48-B7FB6CBC0199} - System32\Tasks\HPCeeScheduleForPaulie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {47716E7A-1D3B-456A-8F8C-86CC9D6ADD5B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {6861B2D7-F53C-4206-8B6E-81C0A8E64D29} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {6D225826-849C-4FF7-AB8F-BC8EF1870DD8} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe (HP Inc. -> )
Task: {773AABCF-91AC-4313-8428-1B089773BE25} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7F11D812-A86D-4976-98ED-35713F9F4027} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {8EB41A9C-7BD9-403B-ACEC-969B92E8B645} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe (HP Inc. -> HP Inc.)
Task: {8FF2227A-502C-48FB-892B-828654E810A7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {94B45689-8C89-47AE-80B1-9C4EA39316D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B3BE97FC-1C42-4DED-BEFB-8ED9F15D8197} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B73BFD54-338B-42F5-95A8-07C9C60F8D2C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C1383196-58BE-48A1-91C4-F02AA734A6C6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C3261258-5ADB-488A-9CC7-F2FF80F060E1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C3823823-231C-4A38-AE9E-9A0992A49467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C99C0964-97BC-4EE2-AC1E-423FD15514E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.)
Task: {CF883E84-884B-4990-85EB-6A2FCFCE807A} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
Task: {D4177F66-8D72-4295-9405-99F80FB036AC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {E229AEC2-D04D-4956-80D8-50B86FA3B61A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (Hewlett Packard -> HP Inc.)
Task: {E277B359-F6F8-4B81-B4B5-30CC6AC9C98D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E400513A-3AEA-47EF-A3D4-2A0AF748337E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {E71B36B9-F5FC-4256-B369-A6CEC95E70CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EA1737DA-6FA9-4D88-9DDC-E7FCA3A4364D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F3E31C3E-510F-4C46-BDCF-4E0BC6A70982} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F9E6208F-C40E-4D49-B004-C6CE1E19D40E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPaulie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdаmаx Keylogger 4.4.2\Аrdаmаx Keylogger 4.4.2.lnk -> C:\CCP\CCP.exe () <==== Cyrillic
Shortcut: C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Аrdamаx Kеylogger 4.4.2\Аrdamаx Kеylogger 4.4.2.lnk -> C:\CCP\CCP.exe () <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2018-02-16 17:54 - 2015-12-01 08:22 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-02-16 17:54 - 2015-12-01 08:22 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-05-24 19:38 - 2015-11-01 19:31 - 002749952 _____ () [File not signed] C:\CCP\CCP.exe
2018-02-16 17:54 - 2014-05-22 19:27 - 000580096 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
2018-02-16 17:54 - 2014-05-22 13:50 - 004513792 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2018-02-16 17:54 - 2013-09-25 15:35 - 000282112 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2018-02-16 17:54 - 2014-05-22 19:25 - 001537024 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
2017-05-18 07:56 - 2016-10-07 14:17 - 001309184 _____ (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
2015-11-01 19:46 - 2015-11-01 19:46 - 000081408 _____ () [File not signed] C:\CCP\CCP.01
2018-02-16 17:53 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-02-16 17:54 - 2014-05-22 19:12 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-02-16 17:54 - 2013-10-10 21:55 - 002040320 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2018-02-16 17:54 - 2011-02-28 11:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2018-02-16 17:54 - 2013-06-12 19:06 - 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-02-16 17:54 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2018-02-16 17:54 - 2014-01-09 17:36 - 000082944 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2018-02-16 17:54 - 2014-02-06 21:13 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2018-02-16 17:54 - 2014-02-06 21:13 - 017904640 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2019-03-16 19:15 - 2019-03-16 19:15 - 001567232 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPAudioSwitch\915a93bc288cb667c4ead9459692161c\HPAudioSwitch.ni.exe
2019-03-16 19:15 - 2019-03-16 19:15 - 000764928 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\a1d8f678b50292d989072e1b75e72ba8\log4net.ni.dll
2019-03-16 19:15 - 2019-03-16 19:15 - 000129536 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\18abc1546f7fd36f2144e91ae6116b8d\Hardcodet.Wpf.TaskbarNotification.ni.dll
2019-03-16 19:15 - 2019-03-16 19:15 - 001549312 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\818fad3eb6b481a0e888c5e2569a1694\NAudio.ni.dll
2019-03-16 17:06 - 2019-03-16 17:06 - 002227200 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\d508d68b9ef0a63c73ee9a19899d2723\Newtonsoft.Json.ni.dll
2019-03-16 19:15 - 2019-03-16 19:15 - 000141312 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\9384196ea1e1fa6c9b853d15a9e3b0c9\Interop.IWshRuntimeLibrary.ni.dll
2019-03-16 19:14 - 2019-03-16 19:14 - 000157184 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\1668d1605fb0f8a3d29dde8f8eca81de\HPJumpStartBridge.ni.exe
2019-03-16 17:06 - 2019-03-16 17:06 - 000156672 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\d57427d47df888072a3fba37cb5fbc9b\BRIDGECommon.ni.dll
2019-03-16 19:13 - 2019-03-16 19:13 - 000131072 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\da9536e4bf0377da8087602018abd978\CommonPortable.ni.dll
2019-03-16 19:13 - 2019-03-16 19:13 - 000329728 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\1c5fcbc1a3f2911d73a7c32ef131ffed\CleanStartController.ni.dll
2019-03-16 19:13 - 2019-03-16 19:13 - 000116736 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\47f42201dcccf7c0704064c76e07f94c\BridgeExtension.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2019-03-20 20:53 - 000000894 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 view-localhost # view localhost server

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paulie\AppData\Roaming\johnsadventures.com\Background Switcher\ActiveBackground.jpg
DNS Servers: 146.102.41.11 - 146.102.41.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "VMware Netlink 3 HV Install Utility"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\StartupApproved\Run: => "BackgroundSwitcher"
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8093B5DE-C955-4DFF-9F5D-953AF5FB22AF}] => (Allow) LPort=54925
FirewallRules: [{96D45EDE-3755-4377-8088-8767631A8DA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A628BF2A-1B99-44F7-B7F2-5C5CDDD26902}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{574F11BB-ABF3-44D7-A761-352D5E5DCA06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{08BFDAB8-97F4-43A1-89D1-2D1FAA103DAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B6AEB7D0-297F-40E1-884E-5A62B20008F2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{78C1BB3C-2BCF-4F24-B4CB-A3312A4FC2BC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{46F9C270-08B7-4C95-A319-67B0BCEE2874}] => (Allow) C:\Users\Paulie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8F42FE36-FD95-4BD6-B3C6-394943607AB9}] => (Allow) C:\Users\Paulie\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6940648C-1784-422C-BEB0-658477C1FAF2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File
FirewallRules: [{50FA2C91-A9D3-4E73-B685-7C9A1B268CC7}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{90C89D02-9C21-4ECD-86AE-F72C58D677BD}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{C95B6E92-9C24-4130-87F7-ADC5F8F1B2F2}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{910E0838-52F4-4C51-8127-C067F870F2FC}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{5D978C8A-AA53-42ED-A79D-D15EE5211B19}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{E5A894F7-FD07-4A68-BBFE-749B7F67B066}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{A0EE0D8A-1296-4E71-B0B0-B6D97C290343}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A165B07-B7C4-4661-AC7B-EAF23B458450}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2BADD18-6544-4916-B503-B1F82D951904}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{FB2BB350-8C4B-4512-9549-443B27018A6D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F7962772-245A-4585-98D3-836495002660}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FBEE4F4-809B-4B14-8D84-2B36B769150B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9F2FA55C-BE80-4EC5-8DA3-747883F448B2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87C989BA-2BA2-4C43-AB7F-E5D1E16C715D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2019 01:25:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-MGGJ92FO.local already in use; will try LAPTOP-MGGJ92FO-2.local instead

Error: (03/22/2019 01:25:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 LAPTOP-MGGJ92FO.local. Addr 146.102.140.234

Error: (03/22/2019 01:25:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 146.102.140.234:5353   16 LAPTOP-MGGJ92FO.local. AAAA 2001:0718:1E02:8144:0000:0000:BEEF:979A

Error: (03/22/2019 08:58:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-MGGJ92FO.local already in use; will try LAPTOP-MGGJ92FO-2.local instead

Error: (03/22/2019 08:58:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister    4 LAPTOP-MGGJ92FO.local. Addr 146.102.140.234

Error: (03/22/2019 08:58:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 146.102.140.234:5353   16 LAPTOP-MGGJ92FO.local. AAAA 2001:0718:1E02:8144:0021:6CC4:5A7C:9D2B

Error: (03/21/2019 04:31:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x1688
Čas spuštění chybující aplikace: 0x01d4dff342f16cc9
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: b2908a5b-8d0c-4d59-ab97-1e6b4b7c195d
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/21/2019 03:34:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x2d74
Čas spuštění chybující aplikace: 0x01d4dfe9743ee858
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 03682f14-c1eb-4833-9832-94c47ac17598
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/21/2019 06:00:50 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3168 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (03/21/2019 05:59:28 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3168 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (03/21/2019 05:59:28 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3168 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (03/21/2019 05:59:00 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3168 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (03/21/2019 05:59:00 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3168 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (03/21/2019 05:58:40 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3168 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (03/21/2019 05:58:40 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3168 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (03/21/2019 05:08:47 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3168 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU N3710 @ 1.60GHz
Percentage of memory in use: 80%
Total physical RAM: 4001.58 MB
Available physical RAM: 798.69 MB
Total Virtual: 7457.58 MB
Available Virtual: 3318.46 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:11.72 GB) NTFS

\\?\Volume{de550a14-34fe-4760-b0b4-48ea099c011f}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.48 GB) NTFS
\\?\Volume{d8abb2e5-27e4-413d-8e9d-4086422c194d}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================