Podezření na nějaký nepořádek..

[Doomis]

Dobrý den, prosím o kontrolu a popřípadě pomoc. Před 14 dny se mi nainstalovala aktualizace win a od té doby mě NB zlobí. Občas nezapnu, je nutné použít bod obnovy. Celkově je hrozně zabržděný a internet sotva leze. NB využívám denně k práci.. Přiklídám log z FRST. (Také jsem zrovna dělal defragmentaci, tak nevím, jestli to nějak nebude s tím souviset). Díky moc.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by Dominik (01-08-2019 20:53:19)
Running from C:\Users\Dominik\Desktop
Windows 10 Home Version 1903 18362.175 (X64) (2019-06-21 05:47:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2436287953-487312208-2763931872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2436287953-487312208-2763931872-503 - Limited - Disabled)
Dominik (S-1-5-21-2436287953-487312208-2763931872-1001 - Administrator - Enabled) => C:\Users\Dominik
Guest (S-1-5-21-2436287953-487312208-2763931872-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2436287953-487312208-2763931872-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
AutoCAD 2015 – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0405-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0405-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk AutoCAD 2015 – Čeština (Czech) (HKLM\...\AutoCAD 2015 – Čeština (Czech)) (Version: 20.0.51.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
AVG 2015 (HKLM\...\{CEEAE734-B717-41D1-BF50-378EC081C6B1}) (Version: 15.0.6140 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (HKLM\...\{F29D4488-8073-4D0F-8C91-8E2C3BFDA94A}) (Version: 15.0.4447 - AVG Technologies CZ, s.r.o.) Hidden
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1105.1601 - Micro-Star International Co., Ltd.)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bloody6 (HKLM-x32\...\Bloody3) (Version: 16.06.0011 - Bloody)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}) (Version: 1.3 - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cities Skylines Mass Transit (HKLM-x32\...\Cities Skylines Mass Transit_is1) (Version: - )
CodeMeter Runtime Kit v5.22a (HKLM\...\{40142BB9-CCB0-461E-95E6-CE04DE4A1385}) (Version: 5.22.1508.501 - WIBU-SYSTEMS AG)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
ELAN Touchpad 15.13.5.2_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.5.2 - ELAN Microelectronic Corp.)
General Runtime Files for Allplan 2016-0-4 (HKLM-x32\...\{EEB4B0A5-E468-3D72-FE16-C1C202B3E314}) (Version: 1.9.0.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Allplan 2016-0-4 x64 (HKLM\...\{2159D6A2-CFFE-51F3-0017-A53F85A727E3}) (Version: 1.6.0.0 - Nemetschek Allplan Systems GmbH) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.0.2.143 - IObit)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG AirDrive (HKLM-x32\...\{4C56B40D-5729-4951-AC26-41CFB8312A47}) (Version: 1.2.60128.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.8 - LG Electronics)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.4 - LG Electronics)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11901.20120 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11901.20120 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Monitor technologie Intel(R) Turbo Boost 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI)
MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11901.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11901.20120 - Microsoft Corporation) Hidden
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
Opera Stable 62.0.3331.72 (HKLM-x32\...\Opera 62.0.3331.72) (Version: 62.0.3331.72 - Opera Software)
Opera Stable 62.0.3331.99 (HKLM-x32\...\Opera 62.0.3331.99) (Version: 62.0.3331.99 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 8.8.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.0 - pdfforge GmbH)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.006 - MSI)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.01 - Creative Technology Limited)
Transport Fever (HKLM-x32\...\1720767912_is1) (Version: 15313 - GOG.com)
Unity Web Player (HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Verbatim Product Update 1.06 (HKLM-x32\...\Verbatim Product Update_is1) (Version: - Verbatim)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Backup (HKLM-x32\...\{46162462-824f-4ea9-a312-38841e3dab7d}) (Version: 1.6.6060.18987 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{9669966E-5595-4820-A879-DD48B3DF05BF}) (Version: 1.6.6060.18987 - Western Digital Technologies, Inc) Hidden
WD Drive Utilities (HKLM-x32\...\{06628A2D-167D-4F5E-8C98-60CFA0B161D1}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{7c73600b-2542-4641-a960-74bed274be03}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A2D70EE4-2462-4F04-9955-5761E3F3F47A}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{f1fc402c-35fd-40c0-97e4-5bee07891caf}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2436287953-487312208-2763931872-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2436287953-487312208-2763931872-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2436287953-487312208-2763931872-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2436287953-487312208-2763931872-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-03-01] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-03-01] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2012-05-15 19:39 - 2010-05-04 20:00 - 000237056 _____ () [File not signed] C:\windows\SYSTEM32\APOMgr64.DLL
2012-05-15 19:39 - 2010-09-01 18:53 - 000237568 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\CTLoadRs.dll
2012-05-15 19:39 - 2011-05-14 01:53 - 000167936 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\en-US\THXAudio.resources.dll
2012-05-15 19:39 - 2011-08-30 01:37 - 001517056 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
2012-05-15 19:39 - 2011-05-14 02:32 - 000197632 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXLgcy.dll
2012-05-15 19:39 - 2010-09-14 22:53 - 000025600 _____ (Creative Technology Ltd.) [File not signed] C:\windows\system32\THXCfg64.dll
2004-06-16 06:03 - 2004-06-16 06:03 - 000081920 _____ (InstallShield Software Corporation) [File not signed] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2010-07-17 01:39 - 2010-07-17 01:39 - 000027136 _____ (MSI) [File not signed] C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationLibrary.dll
2010-07-17 01:39 - 2010-07-17 01:39 - 000012800 _____ (MSI) [File not signed] C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
2018-04-06 23:49 - 2018-04-06 23:49 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\Temp:ChCOn8cYR9rqpi0C5wKlhq0u [2280]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\Temp:S5zubG10KsrZmGGOHBjuQ [2122]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\TtizbERQfJ9:uKdiE6X4KKhTI5Nwuh4etF [2076]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4792 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dominik\Downloads\Inst\plocha.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Autodesk Sync"
HKLM\...\StartupApproved\Run: => "BLEServicesCtrl"
HKLM\...\StartupApproved\Run32: => "Super-Charger"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DDE75019-1572-4D9A-95EF-74F3B590F199}] => (Allow) C:\Program Files (x86)\Opera\60.0.3255.170\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{97BD9E2B-6BD8-46CE-86ED-213E88F3F05F}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{736AD109-ADF3-4944-B0D6-82E3DA3B3E4D}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8C6BB23D-B513-4A02-89CC-912F9F25781B}] => (Allow) LPort=50248
FirewallRules: [{EED5F80A-0466-40AD-A3F7-26E0D92429BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6DED506F-0759-40C4-8620-E57E8727C257}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{439E6B5D-8BCA-4DBF-BA4E-0B2C174010EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{242CD693-8719-4509-AD76-1743818EFA01}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FB0B45E5-705A-40D1-9EE8-9B25E5D89FCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9C9ED653-0E14-4484-917D-BAF580949369}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{EA831E88-3044-4E1F-8388-3314FA38947E}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble, Inc.) [File not signed]
FirewallRules: [TCP Query User{B259D4B7-1518-4870-AE2F-0204F7388C79}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble, Inc.) [File not signed]
FirewallRules: [UDP Query User{B4E34FE0-59CC-4499-AB25-C67024CFF347}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Block) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [TCP Query User{5DCD44AF-0038-4FAE-B015-B6816489BD43}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Block) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [UDP Query User{B8198305-54D3-4305-9E31-0FD7CF811ACF}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [TCP Query User{DBC92BAD-ED7F-4590-BC37-EEA0BAB13FB0}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [{6CA226CE-B8A5-4930-A7FA-FDA7741C5C04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{67774E64-3AF3-4FDC-9513-65C0ED1AEAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5353A8C4-281A-44AB-A846-5B7137F65EEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{62CCA150-5FD7-4995-B594-9B797DB5D5EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{EA1CC538-DC8F-4C80-8431-6EC0525D4683}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9C25546A-8DF3-4F7A-9362-42B4AE0F29E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{28D86027-87A5-4616-B0DD-B7A72D79E62D}D:\games\cod2\cod2mp_s.exe] => (Block) D:\games\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{640B88B2-1F8F-4966-B96A-9D9C62919865}D:\games\cod2\cod2mp_s.exe] => (Block) D:\games\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{890736DF-69C5-485E-8E54-76205AE102BF}D:\games\cod2\cod2mp_s.exe] => (Allow) D:\games\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{9E7A687C-B373-4BD9-B640-86FD79C0D062}D:\games\cod2\cod2mp_s.exe] => (Allow) D:\games\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{6980BA99-BA4B-4682-A207-6CBFAEFCB28F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{5B7678D1-C78C-472A-9D92-81C179D33A3D}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DBEFDEE9-324F-4580-B4B4-D0A79F37CC61}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FC6101C-4F40-4548-A222-99B42F174CDC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{751F813A-85C2-46A3-A7C9-ADC06B34CE9B}] => (Allow) LPort=1900
FirewallRules: [{D348B74E-75F3-46A9-A6D4-3F2B0301EE84}] => (Allow) LPort=2869
FirewallRules: [{8F230454-99E2-4280-A9D0-E1B987432ADE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAC14934-5F55-4E5E-8878-7AB98FD137C9}] => (Allow) C:\Program Files\stahoac\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{32F710CB-4A8F-40F1-9627-E1303D0AF401}] => (Allow) C:\Program Files\stahoac\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{F928F6E8-9205-4B57-956E-835221795B03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{257D6D4F-427B-40B3-B16A-A248A67B219B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2FFE6078-2A67-44CB-9C18-F6959BA9555C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F42F891B-CA49-4E85-91B9-85943B0571D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ECFB4818-8E27-4DFC-9AEF-30F230E680C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D87513C-2686-4BDA-8F86-446ABEAE13EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38D60AFC-445A-4FF5-898B-70A0DE091BA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3C9A8B3-250F-4EFE-A733-C514501C38EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FCB702DA-A15F-40E3-8F6D-B82E0AADDB04}] => (Allow) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe (Opera Software AS -> Opera Software)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

26-07-2019 16:42:09 Windows Update
31-07-2019 20:22:01 Windows Update

==================== Faulty Device Manager Devices =============

Name: Realtek PCIE CardReader
Description: Realtek PCIE CardReader
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconduct Corp.
Service: RSPCIESTOR
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/01/2019 08:51:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14140,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/01/2019 08:41:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8488,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/01/2019 08:24:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7728,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/01/2019 08:16:37 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (928,G,0) Pokus o otevření souboru C:\Users\Dominik\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (08/01/2019 08:13:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12344,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/01/2019 08:12:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (928,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Dominik\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (08/01/2019 08:12:09 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (928,R,98) WebCacheLocal: Pokus o otevření souboru C:\Users\Dominik\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (08/01/2019 08:11:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (928,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Dominik\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (08/01/2019 08:25:33 PM) (Source: DCOM) (EventID: 10000) (User: Dominik-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (08/01/2019 08:18:15 PM) (Source: DCOM) (EventID: 10000) (User: Dominik-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (08/01/2019 08:11:25 PM) (Source: DCOM) (EventID: 10000) (User: Dominik-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (08/01/2019 07:48:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adaptér naslouchání Net.Msmq neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/01/2019 07:48:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Adaptér naslouchání Net.Msmq bylo dosaženo časového limitu (45000 ms).

Error: (08/01/2019 07:47:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PDF24 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/01/2019 07:47:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby PDF24 bylo dosaženo časového limitu (45000 ms).

Error: (08/01/2019 07:47:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2019-07-31 21:19:45.469
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {514A64AC-DC6D-4D10-AD34-38608082E90E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: Dominik-NB\Dominik

Date: 2019-07-31 14:40:50.860
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2C580E69-35CC-4065-A9B5-E2BC2DE38FB8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-31 08:15:14.523
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {45FE5B51-2F32-418E-8185-003DA2A33253}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-14 20:38:39.659
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {74BE6861-0076-479C-87F2-FCE3404C7B71}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-04 18:45:14.013
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {33B373B9-5EDC-42DF-A52E-0D874EEFEBF1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-08-01 20:43:40.668
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\Dominik\Downloads\d7695806-74fd-4172-ab6a-5669d84db55e.tmp
Sha256:
Aktuální verze bezpečnostních informací: AV: 1.299.1024.0, AS: 1.299.1024.0
Aktuální verze modulu: 1.1.16200.1
Kód chyby: 0x80508016

Date: 2019-08-01 20:03:09.637
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.299.1024.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16200.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-08-01 18:21:47.207
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007041d
Popis chyby: Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

Date: 2019-07-31 21:11:33.213
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2019-07-31 13:47:44.165
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16GAIMS.10F 12/18/2012
Motherboard: Micro-Star International Co., Ltd. MS-16GA
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 8088.94 MB
Available physical RAM: 4086.18 MB
Total Virtual: 16280.94 MB
Available Virtual: 11564.91 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:411.34 GB) (Free:116.44 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Funny) (Fixed) (Total:274.23 GB) (Free:195.89 GB) NTFS

\\?\Volume{d943d6dc-42f5-11e4-86c1-806e6f6e6963}\ (System) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS
\\?\Volume{d943d6db-42f5-11e4-86c1-806e6f6e6963}\ (BIOS_RVY) (Fixed) (Total:12.97 GB) (Free:0.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: E17C302C)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=411.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=274.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Ran by Dominik (administrator) on DOMINIK-NB (Micro-Star International Co., Ltd. GE60 0NC/GE60 0ND) (01-08-2019 20:45:51)
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik & DefaultAppPool)
Platform: Windows 10 Home Version 1903 18362.175 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(InstallShield Software Corporation) [File not signed] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MSI) [File not signed] C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3366624 2016-09-18] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [THXCfg64] => C:\windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-30] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502288 2012-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation) [File not signed]
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-08-04] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1767816 2016-08-05] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1953688 2016-08-05] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [472200 2019-03-04] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19168256 2016-06-22] () [File not signed]
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation) [File not signed]
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C781F3-0D33-421F-92BA-8B1F1B931479} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-17] (Adobe Inc. -> Adobe)
Task: {0267CA06-CDDD-47D0-874E-BE28DC5B9D9E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0A1DDC30-52A3-4038-A2D0-FAE5E58E115A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0B6C3EF3-B7C7-4EFD-B205-9F6F19A4119C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0EE73C50-8561-4BAD-9C39-89336E52543E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0EE9F0EE-53A6-4F92-A485-6166E35F8AE3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {14A8C3EB-57C9-4A5D-8DC6-4A1B37EAD034} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14B287BA-F7B5-4D9B-B3F1-600C02DBDB7B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {15357CF9-8CFC-4A3F-9B92-7FDDA1FE4E62} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {1B32646E-279F-4631-8D85-CE757A916708} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1F110442-2C7C-44A8-BF69-D95368CEF86A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2312D28B-BF70-4D8E-AF27-1937DF6AF89C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {237E5268-A490-435A-B330-D160DA565BF7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28CECB5E-0C64-4AC8-9965-5D8C6C20DF94} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C0C9390-64A1-4BA7-90DB-2694C94C0749} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2CADB54B-1A96-42D1-9CA4-A806D12D9762} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2EE1049F-50C4-4ED9-9A8B-978FB6A0997B} - System32\Tasks\ASC8_SkipUac_Dominik => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {2F596955-B1F3-483E-B4B2-8AAEE829FF76} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27349088 2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3086F18E-A7CA-4885-AE15-450F76D42160} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {325EA837-42D8-4FF5-AF0A-85B3A991BD72} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation)
Task: {35BE18EA-CC3B-4B3C-A505-5A7C12D60C85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D26CCF2-6526-4463-8404-479853F053DD} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3D9F21A6-2960-4714-BA36-F318B45DFE11} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {3DF836C1-F34E-437A-BAC2-EA8C1D2B7F72} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4480661A-0984-4DD9-BDBF-EF1F00604A1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {48247B84-2E0F-4ACC-97DB-E12883FD8ADC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4880AA04-A3B6-40B1-B26A-57C7C7DC1F6A} - System32\Tasks\AutoUpdate Allplan 2016 => C:\Program Files\Allplan\Allplan 2016\prg\NemDownloadHandler.exe
Task: {48E25E5A-4291-4623-8BB6-AE75A1C6D41A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4963F518-E988-4B51-9910-86B1632C28CD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A20AE86-D837-4453-A1B9-720BB72B9968} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation)
Task: {4D0D68E7-3242-4D72-ADEA-8F329C45DD19} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55C7D645-76AE-40A6-8771-74D8C9EB46A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56D42325-FDF1-41A7-93F9-DAF25C4A857C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {58C72D14-08FC-4B2D-9E4F-36260B3862F0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C69759D-D1D4-4BFB-B728-D2A4957C5377} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D34A139-EF13-4417-A5BA-F131E801ED2E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EA7F5BD-E35B-4D7C-BF08-57EAA84B4A30} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5F89D71E-8AF1-462A-8F0D-1885413D1365} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {61C133AA-5A0E-4CFA-9B9B-CE1DF240D2D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {63CC45C2-3D37-4A91-A45C-FA54BD75A27F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {6C3DCA69-6D5A-47D4-8061-38FBC566DD2E} - System32\Tasks\{50D27824-46E0-4D8A-942E-AE24EC49B524} => C:\WINDOWS\system32\pcalua.exe -a "D:\Games\GTA SA\GTA San Andreas\gta_sa.exe" -d "D:\Games\GTA SA\GTA San Andreas"
Task: {6C4D66FF-E13F-4147-ABED-FD79EEFD9E6F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6EFD9847-0EE3-4186-AF2A-BD63C4073007} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-14] (Adobe Inc. -> Adobe)
Task: {715A7A29-73E5-420E-B084-DDDFD8C0C507} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {74C2F845-EFB7-46EE-B7CB-81783115AAD8} - System32\Tasks\AutoKMSDaily => C:\windows\AutoKMS.exe
Task: {85083E6D-69E6-45A9-9E6B-E471BE36FA9C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {89E84774-2F58-4329-ADF9-445279BF7270} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-17] (Adobe Inc. -> Adobe)
Task: {91590E8D-27B6-4634-8F94-E32B67A002EB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {92F3726E-6410-4200-9D0C-D13E0F19FF03} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9335FA0B-8F61-4168-825E-C5E8D400D957} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4565792 2016-08-12] (IObit Information Technology -> IObit)
Task: {994BF456-7F98-47AE-ACB0-F86788CC0ABC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4E2A839-79D1-42A4-8047-FC8A223BBCD0} - System32\Tasks\{AE4249E7-C0DB-4271-A323-4F8F13C70DE4} => C:\WINDOWS\system32\pcalua.exe -a "D:\Games\Red Orchestra 2\Binaries\Win32\ROGame.exe" -d "D:\Games\Red Orchestra 2"
Task: {A62CB945-2676-4EA4-8A7D-7E24377F5BC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27349088 2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A65A8840-2D22-4786-ADF3-6F10F9FF0376} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {ABA4AEB9-AF93-4DCB-89D4-7D7A1FFBB1B7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206784 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD737C5D-9ACB-4E2F-9195-EAC1883493BD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {ADBBBE34-143E-45AB-A743-DE32E74BB835} - System32\Tasks\Opera scheduled Autoupdate 1411450744 => C:\Program Files (x86)\Opera\launcher.exe [1348120 2019-07-24] (Opera Software AS -> Opera Software)
Task: {AE79537C-8C2A-4213-BD49-270D8670B9C2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B141D3B9-6898-446D-8EEE-12904D6E9588} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2E17278-A4AB-466C-A7EB-66C2B0484A84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B320EFB9-809A-4311-892D-6F39AC762A46} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBA450A6-50C2-4737-A361-6E76E4D0AAFC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDBADF31-76C0-46A6-A23E-91709768E8A5} - System32\Tasks\{3EE28D53-8260-4C57-87D5-E3FA05CE1988} => c:\program files (x86)\opera\launcher.exe [1348120 2019-07-24] (Opera Software AS -> Opera Software)
Task: {C33059F2-CE69-4AE8-917A-DE79BBC83CE9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C3F80701-8F76-49F1-AB67-6E197664D412} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C43D515E-3D00-47ED-80D2-1D2652131B4D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C45CB288-DF11-470C-A5F2-0A19023490B1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C5C3B136-0723-47C6-92BB-99122D876A75} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C7D2C127-D5E1-49FF-931B-60A4DA9FBF20} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {C9012F8D-D37D-4867-87D7-D1BD21C18B2F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB5BED74-3AE8-47A4-AA98-AD5C3DA46C68} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CC09B524-0DD7-402A-8F8F-E91F310CF4FB} - System32\Tasks\{8A4955E7-A4C3-4671-ADC7-4E2DA5180FE2} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus\uninstallDriver.exe" -d "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus"
Task: {D2160383-350F-4D7D-B90C-6AF87728AE70} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206784 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D31EC212-0893-492F-A235-683C6B64C501} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD01B4F7-BDFC-481A-AD2C-7A1AFB6A0852} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DD928CF8-75C3-43B4-9A5D-712E6CC721FC} - System32\Tasks\AdobeAAMUpdater-1.0-Dominik-NB-Dominik => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E0BE0CF0-0FBD-4982-9391-8C8971597303} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E1786C6A-7EAB-493D-B61B-689B2F70B901} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
Task: {E2243E5A-F5DA-4A6B-85FF-C805FD9DE076} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E24AF893-E072-4453-958D-EB68B60E2640} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E2D1E411-05C3-450F-8D33-CFAF4DB7B7E6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E3471997-B493-4367-8F39-DACC1BFC043F} - System32\Tasks\Driver Booster SkipUAC (Dominik) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {E356E306-12D1-4AE9-9069-51C1389138FD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBFC00BA-DAE5-4CA8-B436-72FE6A03AA5F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EEFED79D-E93A-4A59-9A8A-3EB5AF9661E9} - System32\Tasks\{9F0E94F8-19EE-40F7-BF7F-D2B77815CB33} => C:\WINDOWS\system32\pcalua.exe -a "D:\Games\Mafia 1\Game.exe" -d "D:\Games\Mafia 1"
Task: {F8A44957-71FB-4012-89D1-079A83116B81} - System32\Tasks\Uninstaller_SkipUac_Dominik => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4565792 2016-08-12] (IObit Information Technology -> IObit)
Task: {F943EE54-3825-4DAA-A746-5DB7F1F3612E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoUpdate Allplan 2016.job => C:\Program Files\Allplan\Allplan 2016\prg\NemDownloadHandler.exeK/f C:\Doom\Škola\Vysoka\Ingeneer\3 semestr\Allplan\Std\AllplanUpdate.inf
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3a69e1ef-6628-4bef-909a-08185efa1f92}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/
SearchScopes: HKLM -> DefaultScope {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={60BEEEA4-E5C2-4EC3-A6A1-886402A8145B}&mid=a2619d47c3cd47cdb0395dc0e3e09b36-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-03-18 23:18:44&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {A43E8672-A118-47A8-A9FD-1DD94417CA51} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit Information Technology -> IObit)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2436287953-487312208-2763931872-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dominik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)

Opera:
=======
OPR StartupUrls: "hxxp://www.centrum.cz/"

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11466776 2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2016-09-18] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2429544 2011-12-07] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-15] (Intel Corporation -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation -> Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit Information Technology -> IObit)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [472200 2019-03-04] (Geek Software GmbH -> Geek Software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2017-11-23] (Even Balance, Inc. -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [315768 2016-08-05] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 bdfsfltr; C:\windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender SRL -> BitDefender)
S3 clwvd; C:\WINDOWS\system32\DRIVERS\clwvd.sys [31216 2011-10-13] (CyberLink -> CyberLink Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31832 2016-09-18] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 GRemoteBus; C:\WINDOWS\System32\DRIVERS\GRemoteBus64.sys [27336 2009-08-05] (GBM Software -> GBM Software)
S3 GRemoteJoy; C:\WINDOWS\System32\DRIVERS\GRemoteJoy64.sys [46792 2009-08-05] (GBM Software -> GBM Software)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-23] (Martin Malik - REALiX -> REALiX(tm))
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (Micro-Star Int'l Co. Ltd. -> MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_b5e3213e640f6936\nvlddmkm.sys [20747736 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_b5e3213e640f6936\nvpciflt.sys [57216 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
S3 vjoy; C:\WINDOWS\System32\DRIVERS\vjoy.sys [44656 2014-09-15] (Shaul Eizikovich -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-01 20:45 - 2019-08-01 20:48 - 000043705 _____ C:\Users\Dominik\Desktop\FRST.txt
2019-08-01 20:45 - 2019-08-01 20:45 - 000000000 ____D C:\FRST
2019-08-01 20:43 - 2019-08-01 20:43 - 002096128 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2019-08-01 19:47 - 2019-08-01 19:47 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-07-31 21:47 - 2019-07-31 21:47 - 325665017 _____ C:\Users\Dominik\Downloads\soustredko.mp4
2019-07-31 13:58 - 2019-07-31 13:58 - 000003960 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1411450744
2019-07-31 13:58 - 2019-07-31 13:58 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-07-31 11:18 - 2019-07-31 11:18 - 000000080 ___SH C:\bootTel.dat
2019-07-31 08:56 - 2019-07-31 08:56 - 000000000 ____D C:\Program Files (x86)\Photoshop 2
2019-07-30 23:24 - 2019-07-30 23:24 - 000000000 ____D C:\ProgramData\GridinSoft
2019-07-23 20:27 - 2019-07-23 20:27 - 000000198 ____H C:\Users\Dominik\Downloads\REZ-AA´.dwl2
2019-07-23 20:27 - 2019-07-23 20:27 - 000000047 ____H C:\Users\Dominik\Downloads\REZ-AA´.dwl
2019-07-20 12:34 - 2019-07-20 12:34 - 000000198 ____H C:\Users\Dominik\Downloads\1NP.dwl2
2019-07-20 12:34 - 2019-07-20 12:34 - 000000047 ____H C:\Users\Dominik\Downloads\1NP.dwl
2019-07-14 19:07 - 2019-07-14 19:07 - 000000000 ___HD C:\$SysReset
2019-07-03 22:39 - 2019-04-10 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-07-03 22:39 - 2019-04-10 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-07-03 22:39 - 2019-04-10 16:54 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-07-03 22:39 - 2019-04-10 16:54 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-07-03 22:39 - 2019-04-09 13:43 - 000651576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-07-03 22:39 - 2019-04-09 13:43 - 000124784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-07-03 22:39 - 2019-04-09 13:43 - 000082984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-07-03 22:36 - 2019-04-10 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-07-03 22:36 - 2019-04-10 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-07-03 22:36 - 2019-04-10 16:54 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-07-03 22:36 - 2019-04-10 16:54 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-07-03 22:36 - 2019-04-10 16:53 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-07-03 22:36 - 2019-04-10 16:53 - 000457096 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 040421064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 035268296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 005276064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 004625552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 002033112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001734288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6442531.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001536144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6442531.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001465432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001130584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 000668664 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 000631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 000534936 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 000522144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-07-03 22:36 - 2019-04-10 13:52 - 010320528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-07-03 22:36 - 2019-04-10 13:52 - 008785944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-07-03 22:36 - 2019-04-10 13:52 - 001169120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-07-03 22:36 - 2019-04-10 13:52 - 000915088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 020107920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 017432992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 005045704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 004304672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 001462024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 001145536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 000794440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 000638176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-07-03 22:36 - 2019-04-09 15:40 - 000066792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-07-03 22:36 - 2019-04-09 15:40 - 000049910 _____ C:\WINDOWS\system32\nvinfo.pb
2019-07-03 21:55 - 2019-07-03 21:55 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-06-18 10:59 - 002785776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-07-03 21:54 - 2019-07-03 21:54 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:54 - 2019-07-03 21:54 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:54 - 2019-04-17 09:42 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-07-03 21:54 - 2019-04-17 06:44 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETFE0C.tmp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-01 20:43 - 2019-06-20 21:26 - 000000000 ____D C:\Users\DefaultAppPool
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Portable Devices
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2019-08-01 20:43 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\dsc
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Keywords
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\downlevel
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\DDFs
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\L2Schemas
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-01 20:42 - 2019-06-21 07:46 - 000004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E0808202-FEF3-4355-A9C6-430E8A2F7F74}
2019-08-01 20:42 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-08-01 20:42 - 2019-03-19 13:56 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-08-01 20:42 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\system32\cs
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\IME
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-08-01 20:42 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2019-08-01 20:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Containers
2019-08-01 20:36 - 2015-07-06 20:19 - 000000000 ____D C:\ProgramData\Autodesk
2019-08-01 20:36 - 2014-09-23 08:13 - 000000000 ____D C:\Users\Dominik\AppData\Roaming\ProductData
2019-08-01 20:36 - 2012-05-15 19:40 - 000000000 ___HD C:\SuperChargerProfile
2019-08-01 20:33 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-01 20:30 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2019-08-01 20:23 - 2016-02-15 18:48 - 000000132 _____ C:\Users\Dominik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2019-08-01 20:14 - 2019-07-01 17:16 - 000000000 ____D C:\Users\Dominik\Documents\Assassin's Creed Unity
2019-08-01 20:11 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-01 20:07 - 2017-11-22 21:12 - 000000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2019-08-01 20:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2019-08-01 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-01 19:59 - 2014-09-23 07:39 - 000000000 ____D C:\Program Files (x86)\Opera
2019-08-01 19:58 - 2016-10-04 04:16 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-01 19:57 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-01 19:50 - 2014-09-24 15:13 - 000000000 __SHD C:\Users\Dominik\IntelGraphicsProfiles
2019-08-01 19:48 - 2019-06-20 21:26 - 000000000 ____D C:\Users\Dominik
2019-08-01 19:46 - 2019-06-21 07:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-01 19:46 - 2019-06-21 07:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-31 23:30 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-31 13:13 - 2019-06-25 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2019-07-31 13:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-07-31 13:12 - 2009-07-14 05:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-31 13:11 - 2017-04-04 20:08 - 000000000 ____D C:\ProgramData\InstallShield
2019-07-31 13:11 - 2016-10-05 19:15 - 000000000 ____D C:\Users\Dominik\AppData\Roaming\IObit
2019-07-31 13:11 - 2015-07-07 10:00 - 000000000 ____D C:\ProgramData\FLEXnet
2019-07-31 13:11 - 2015-02-18 15:13 - 000000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2019-07-31 13:11 - 2015-02-18 15:13 - 000000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2019-07-31 13:11 - 2014-09-23 08:12 - 000000000 ____D C:\Users\Dominik\AppData\LocalLow\IObit
2019-07-31 13:11 - 2014-09-23 08:12 - 000000000 ____D C:\ProgramData\ProductData
2019-07-31 13:10 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-31 13:10 - 2017-08-14 08:22 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-07-31 12:51 - 2015-11-11 21:56 - 000000000 ____D C:\Users\Dominik\AppData\Roaming\Adobe
2019-07-31 12:51 - 2015-11-10 22:57 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-31 12:48 - 2019-06-25 21:30 - 000000000 ____D C:\Program Files\Adobe
2019-07-31 12:48 - 2014-11-11 17:50 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-07-31 12:30 - 2019-01-27 02:24 - 000000000 ___HD C:\Users\Dominik\AppData\Local\TtizbERQfJ9
2019-07-31 12:26 - 2019-06-21 07:46 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-31 12:26 - 2019-06-21 07:40 - 001920526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-31 12:26 - 2019-03-19 13:55 - 000783062 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-31 12:26 - 2019-03-19 13:55 - 000172644 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-31 00:08 - 2016-02-09 19:35 - 000000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2019-07-26 13:42 - 2018-02-19 18:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-23 21:05 - 2017-12-20 00:56 - 000000000 ____D C:\Users\Dominik\AppData\Local\Packages
2019-07-17 20:08 - 2016-10-05 19:15 - 000000000 ____D C:\ProgramData\IObit
2019-07-17 19:54 - 2014-09-23 20:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-17 19:50 - 2014-09-23 20:53 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-17 19:35 - 2019-06-21 07:46 - 000004612 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-17 19:35 - 2019-06-13 18:12 - 004863032 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-07-17 19:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-17 19:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-14 20:29 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-14 20:21 - 2017-04-29 10:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-07-14 20:02 - 2019-06-21 07:46 - 000004648 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-14 20:02 - 2019-06-21 07:46 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-10 07:39 - 2010-11-21 05:27 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-08 16:40 - 2014-09-24 08:29 - 000000000 ____D C:\Users\Dominik\AppData\Local\NVIDIA
2019-07-05 21:04 - 2017-04-22 11:31 - 000000002 _____ C:\WINDOWS\SysWOW64\ReScanSoft.dat
2019-07-05 14:55 - 2019-06-21 08:15 - 000000000 ____D C:\Windows.old
2019-07-03 22:39 - 2017-04-29 10:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-07-03 22:39 - 2017-04-29 10:19 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-07-03 21:56 - 2014-09-24 08:29 - 000000000 ____D C:\Users\Dominik\AppData\Local\NVIDIA Corporation
2019-07-03 11:04 - 2019-06-19 20:39 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-03 09:19 - 2015-05-13 23:38 - 000000000 ____D C:\Users\Dominik\Downloads\Inst

==================== Files in the root of some directories ================

2015-06-01 19:39 - 2015-10-06 21:30 - 000000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-12-14 00:18 - 2019-05-19 13:14 - 000000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2015-06-01 19:36 - 2015-10-06 21:18 - 000000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2016-02-15 18:48 - 2019-08-01 20:23 - 000000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2016-10-02 21:05 - 2016-10-02 21:05 - 000099384 _____ () C:\Users\Dominik\AppData\Roaming\inst.exe
2018-01-13 16:25 - 2002-08-29 19:33 - 000319488 _____ () C:\Users\Dominik\AppData\Roaming\MafiaSetup.exe
2016-10-02 21:05 - 2016-10-02 21:05 - 000007859 _____ () C:\Users\Dominik\AppData\Roaming\pcouffin.cat
2016-10-02 21:05 - 2016-10-02 21:05 - 000001167 _____ () C:\Users\Dominik\AppData\Roaming\pcouffin.inf
2016-10-02 21:05 - 2016-10-02 21:05 - 000000055 _____ () C:\Users\Dominik\AppData\Roaming\pcouffin.log
2016-10-02 21:05 - 2016-10-02 21:05 - 000082816 _____ (VSO Software) C:\Users\Dominik\AppData\Roaming\pcouffin.sys
2016-07-19 19:57 - 2016-07-19 19:57 - 000001480 _____ () C:\Users\Dominik\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2014-11-05 17:05 - 2014-11-05 17:05 - 000005177 _____ () C:\Users\Dominik\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Doomis]

edit: ty jo, advanced v NB nemam uz tak 5 let

projeto:

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-07-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-01-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 30
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare V8
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\Users\Dominik\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Dominik\AppData\LocalLow\IObit\Advanced SystemCare V7
Deleted C:\Users\Dominik\AppData\LocalLow\IObit\Advanced SystemCare V8
Deleted C:\Users\Dominik\AppData\Roaming\IOBIT\Driver Booster
Deleted C:\Users\Dominik\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Windows\System32\REGISTRYDEFRAGBOOTTIME.EXE

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AppDataLow\Software\adawarebp
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\Softonic
Deleted HKCU\Software\Video Player
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\Software\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Deleted HKLM\Software\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Deleted HKLM\Software\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Deleted HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\avgsh

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3979 octets] - [01/08/2019 23:50:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

IOBit má nekvalitní odinstalátor, známá věc. Takže vám po něm něco zbylo. Dejte nové logy FRST+Addition.

[Doomis]

Děkuji:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by Dominik (02-08-2019 18:31:02)
Running from C:\Users\Dominik\Desktop
Windows 10 Home Version 1903 18362.175 (X64) (2019-06-21 05:47:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2436287953-487312208-2763931872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2436287953-487312208-2763931872-503 - Limited - Disabled)
Dominik (S-1-5-21-2436287953-487312208-2763931872-1001 - Administrator - Enabled) => C:\Users\Dominik
Guest (S-1-5-21-2436287953-487312208-2763931872-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2436287953-487312208-2763931872-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
AutoCAD 2015 – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0405-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0405-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk AutoCAD 2015 – Čeština (Czech) (HKLM\...\AutoCAD 2015 – Čeština (Czech)) (Version: 20.0.51.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
AVG 2015 (HKLM\...\{CEEAE734-B717-41D1-BF50-378EC081C6B1}) (Version: 15.0.6140 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (HKLM\...\{F29D4488-8073-4D0F-8C91-8E2C3BFDA94A}) (Version: 15.0.4447 - AVG Technologies CZ, s.r.o.) Hidden
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1105.1601 - Micro-Star International Co., Ltd.)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bloody6 (HKLM-x32\...\Bloody3) (Version: 16.06.0011 - Bloody)
Call of Duty(R) 2 (HKLM-x32\...\{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)
Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}) (Version: 1.3 - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cities Skylines Mass Transit (HKLM-x32\...\Cities Skylines Mass Transit_is1) (Version: - )
CodeMeter Runtime Kit v5.22a (HKLM\...\{40142BB9-CCB0-461E-95E6-CE04DE4A1385}) (Version: 5.22.1508.501 - WIBU-SYSTEMS AG)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
ELAN Touchpad 15.13.5.2_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.5.2 - ELAN Microelectronic Corp.)
General Runtime Files for Allplan 2016-0-4 (HKLM-x32\...\{EEB4B0A5-E468-3D72-FE16-C1C202B3E314}) (Version: 1.9.0.0 - Nemetschek Allplan Systems GmbH) Hidden
General Runtime Files for Allplan 2016-0-4 x64 (HKLM\...\{2159D6A2-CFFE-51F3-0017-A53F85A727E3}) (Version: 1.6.0.0 - Nemetschek Allplan Systems GmbH) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.0.2.143 - IObit)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG AirDrive (HKLM-x32\...\{4C56B40D-5729-4951-AC26-41CFB8312A47}) (Version: 1.2.60128.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.8 - LG Electronics)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.0.4 - LG Electronics)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11901.20120 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11901.20120 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{A047101C-A3AE-4FAD-802F-01C965079F66}) (Version: 11.1.3010.3 - Microsoft Corporation)
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Monitor technologie Intel(R) Turbo Boost 2.5 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.5.1.0 - Intel)
MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI)
MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11901.20120 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11901.20120 - Microsoft Corporation) Hidden
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
Opera Stable 62.0.3331.72 (HKLM-x32\...\Opera 62.0.3331.72) (Version: 62.0.3331.72 - Opera Software)
Opera Stable 62.0.3331.99 (HKLM-x32\...\Opera 62.0.3331.99) (Version: 62.0.3331.99 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 8.8.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.0 - pdfforge GmbH)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.006 - MSI)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.01 - Creative Technology Limited)
Transport Fever (HKLM-x32\...\1720767912_is1) (Version: 15313 - GOG.com)
Unity Web Player (HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Verbatim Product Update 1.06 (HKLM-x32\...\Verbatim Product Update_is1) (Version: - Verbatim)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Backup (HKLM-x32\...\{46162462-824f-4ea9-a312-38841e3dab7d}) (Version: 1.6.6060.18987 - Western Digital Technologies, Inc.)
WD Backup (HKLM-x32\...\{9669966E-5595-4820-A879-DD48B3DF05BF}) (Version: 1.6.6060.18987 - Western Digital Technologies, Inc) Hidden
WD Drive Utilities (HKLM-x32\...\{06628A2D-167D-4F5E-8C98-60CFA0B161D1}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{7c73600b-2542-4641-a960-74bed274be03}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{A2D70EE4-2462-4F04-9955-5761E3F3F47A}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{f1fc402c-35fd-40c0-97e4-5bee07891caf}) (Version: 1.4.0.92 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2436287953-487312208-2763931872-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2436287953-487312208-2763931872-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2436287953-487312208-2763931872-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2436287953-487312208-2763931872-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-03-01] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-03-01] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2016-05-23] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2012-05-15 19:39 - 2010-05-04 20:00 - 000237056 _____ () [File not signed] C:\windows\SYSTEM32\APOMgr64.DLL
2012-05-15 19:39 - 2010-09-01 18:53 - 000237568 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\CTLoadRs.dll
2012-05-15 19:39 - 2011-05-14 01:53 - 000167936 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\en-US\THXAudio.resources.dll
2012-05-15 19:39 - 2011-08-30 01:37 - 001517056 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
2012-05-15 19:39 - 2011-05-14 02:32 - 000197632 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXLgcy.dll
2012-05-15 19:39 - 2010-09-14 22:53 - 000025600 _____ (Creative Technology Ltd.) [File not signed] C:\windows\system32\THXCfg64.dll
2004-06-16 06:03 - 2004-06-16 06:03 - 000081920 _____ (InstallShield Software Corporation) [File not signed] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2010-07-17 01:39 - 2010-07-17 01:39 - 000027136 _____ (MSI) [File not signed] C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationLibrary.dll
2010-07-17 01:39 - 2010-07-17 01:39 - 000012800 _____ (MSI) [File not signed] C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
2018-04-06 23:49 - 2018-04-06 23:49 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\Temp:ChCOn8cYR9rqpi0C5wKlhq0u [2280]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\Temp:S5zubG10KsrZmGGOHBjuQ [2122]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\TtizbERQfJ9:uKdiE6X4KKhTI5Nwuh4etF [2076]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4792 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dominik\Downloads\Inst\plocha.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Autodesk Sync"
HKLM\...\StartupApproved\Run: => "BLEServicesCtrl"
HKLM\...\StartupApproved\Run32: => "Super-Charger"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "WDAppManager"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\StartupApproved\Run: => "Bloody2"
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DDE75019-1572-4D9A-95EF-74F3B590F199}] => (Allow) C:\Program Files (x86)\Opera\60.0.3255.170\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{97BD9E2B-6BD8-46CE-86ED-213E88F3F05F}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{736AD109-ADF3-4944-B0D6-82E3DA3B3E4D}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8C6BB23D-B513-4A02-89CC-912F9F25781B}] => (Allow) LPort=50248
FirewallRules: [{EED5F80A-0466-40AD-A3F7-26E0D92429BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6DED506F-0759-40C4-8620-E57E8727C257}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{439E6B5D-8BCA-4DBF-BA4E-0B2C174010EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{242CD693-8719-4509-AD76-1743818EFA01}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{FB0B45E5-705A-40D1-9EE8-9B25E5D89FCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9C9ED653-0E14-4484-917D-BAF580949369}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{EA831E88-3044-4E1F-8388-3314FA38947E}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble, Inc.) [File not signed]
FirewallRules: [TCP Query User{B259D4B7-1518-4870-AE2F-0204F7388C79}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble, Inc.) [File not signed]
FirewallRules: [UDP Query User{B4E34FE0-59CC-4499-AB25-C67024CFF347}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Block) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [TCP Query User{5DCD44AF-0038-4FAE-B015-B6816489BD43}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Block) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [UDP Query User{B8198305-54D3-4305-9E31-0FD7CF811ACF}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [TCP Query User{DBC92BAD-ED7F-4590-BC37-EEA0BAB13FB0}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [{6CA226CE-B8A5-4930-A7FA-FDA7741C5C04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{67774E64-3AF3-4FDC-9513-65C0ED1AEAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5353A8C4-281A-44AB-A846-5B7137F65EEB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{62CCA150-5FD7-4995-B594-9B797DB5D5EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{EA1CC538-DC8F-4C80-8431-6EC0525D4683}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{9C25546A-8DF3-4F7A-9362-42B4AE0F29E1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{28D86027-87A5-4616-B0DD-B7A72D79E62D}D:\games\cod2\cod2mp_s.exe] => (Block) D:\games\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{640B88B2-1F8F-4966-B96A-9D9C62919865}D:\games\cod2\cod2mp_s.exe] => (Block) D:\games\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{890736DF-69C5-485E-8E54-76205AE102BF}D:\games\cod2\cod2mp_s.exe] => (Allow) D:\games\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{9E7A687C-B373-4BD9-B640-86FD79C0D062}D:\games\cod2\cod2mp_s.exe] => (Allow) D:\games\cod2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{6980BA99-BA4B-4682-A207-6CBFAEFCB28F}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{5B7678D1-C78C-472A-9D92-81C179D33A3D}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DBEFDEE9-324F-4580-B4B4-D0A79F37CC61}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FC6101C-4F40-4548-A222-99B42F174CDC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{751F813A-85C2-46A3-A7C9-ADC06B34CE9B}] => (Allow) LPort=1900
FirewallRules: [{D348B74E-75F3-46A9-A6D4-3F2B0301EE84}] => (Allow) LPort=2869
FirewallRules: [{8F230454-99E2-4280-A9D0-E1B987432ADE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BAC14934-5F55-4E5E-8878-7AB98FD137C9}] => (Allow) C:\Program Files\stahoac\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{32F710CB-4A8F-40F1-9627-E1303D0AF401}] => (Allow) C:\Program Files\stahoac\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{F928F6E8-9205-4B57-956E-835221795B03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{257D6D4F-427B-40B3-B16A-A248A67B219B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2FFE6078-2A67-44CB-9C18-F6959BA9555C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F42F891B-CA49-4E85-91B9-85943B0571D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ECFB4818-8E27-4DFC-9AEF-30F230E680C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7D87513C-2686-4BDA-8F86-446ABEAE13EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{38D60AFC-445A-4FF5-898B-70A0DE091BA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3C9A8B3-250F-4EFE-A733-C514501C38EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FCB702DA-A15F-40E3-8F6D-B82E0AADDB04}] => (Allow) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe (Opera Software AS -> Opera Software)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

26-07-2019 16:42:09 Windows Update
31-07-2019 20:22:01 Windows Update

==================== Faulty Device Manager Devices =============

Name: Realtek PCIE CardReader
Description: Realtek PCIE CardReader
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconduct Corp.
Service: RSPCIESTOR
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2019 06:31:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WSCommCntr4.exe, verze: 4.0.3.0, časové razítko: 0x52df746e
Název chybujícího modulu: WSCommCntr4.exe, verze: 4.0.3.0, časové razítko: 0x52df746e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000015a1e
ID chybujícího procesu: 0x10b4
Čas spuštění chybující aplikace: 0x01d5494f22c3cba7
Cesta k chybující aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Cesta k chybujícímu modulu: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
ID zprávy: 522d732d-8fb2-4432-9427-41e5369bd086
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/02/2019 06:28:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8728,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/02/2019 06:08:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/02/2019 06:05:46 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (1508,G,0) Pokus o otevření souboru C:\Users\Dominik\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (08/01/2019 10:53:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11408,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/01/2019 10:16:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13008,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/01/2019 09:01:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 31.7.2019.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2868

Čas spuštění: 01d5489923d0a98f

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Dominik\Desktop\FRST64.exe

ID hlášení: 069d98d7-38f6-4436-bf62-291c74b72ec8

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (08/01/2019 08:51:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14140,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (08/02/2019 06:25:41 PM) (Source: DCOM) (EventID: 10000) (User: Dominik-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (08/01/2019 11:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Autodesk Content Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/01/2019 11:54:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Autodesk Content Service bylo dosaženo časového limitu (45000 ms).

Error: (08/01/2019 11:54:13 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.

Error: (08/01/2019 11:53:32 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: RtsPStor.sys

Error: (08/01/2019 11:52:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (08/01/2019 11:52:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/01/2019 11:52:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-08-01 22:18:34.282
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D1056262-24EA-4B16-A256-4DA73127A5FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-31 21:19:45.469
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {514A64AC-DC6D-4D10-AD34-38608082E90E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: Dominik-NB\Dominik

Date: 2019-07-31 14:40:50.860
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2C580E69-35CC-4065-A9B5-E2BC2DE38FB8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-31 08:15:14.523
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {45FE5B51-2F32-418E-8185-003DA2A33253}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-14 20:38:39.659
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {74BE6861-0076-479C-87F2-FCE3404C7B71}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-08-01 20:43:40.668
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\Dominik\Downloads\d7695806-74fd-4172-ab6a-5669d84db55e.tmp
Sha256:
Aktuální verze bezpečnostních informací: AV: 1.299.1024.0, AS: 1.299.1024.0
Aktuální verze modulu: 1.1.16200.1
Kód chyby: 0x80508016

Date: 2019-08-01 20:03:09.637
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.299.1024.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16200.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-08-01 18:21:47.207
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007041d
Popis chyby: Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

Date: 2019-07-31 21:11:33.213
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2019-07-31 13:47:44.165
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E16GAIMS.10F 12/18/2012
Motherboard: Micro-Star International Co., Ltd. MS-16GA
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 8088.94 MB
Available physical RAM: 3673.68 MB
Total Virtual: 16280.94 MB
Available Virtual: 11312.05 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:411.34 GB) (Free:111.31 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Funny) (Fixed) (Total:274.23 GB) (Free:195.89 GB) NTFS

\\?\Volume{d943d6dc-42f5-11e4-86c1-806e6f6e6963}\ (System) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS
\\?\Volume{d943d6db-42f5-11e4-86c1-806e6f6e6963}\ (BIOS_RVY) (Fixed) (Total:12.97 GB) (Free:0.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: E17C302C)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=411.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=274.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2019
Ran by Dominik (administrator) on DOMINIK-NB (Micro-Star International Co., Ltd. GE60 0NC/GE60 0ND) (02-08-2019 18:26:00)
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik & DefaultAppPool)
Platform: Windows 10 Home Version 1903 18362.175 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1905.30.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(InstallShield Software Corporation) [File not signed] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MSI) [File not signed] C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\62.0.3331.99_0\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3366624 2016-09-18] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [THXCfg64] => C:\windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-30] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502288 2012-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc -> Autodesk, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation) [File not signed]
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-08-04] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1767816 2016-08-05] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1953688 2016-08-05] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [472200 2019-03-04] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19168256 2016-06-22] () [File not signed]
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation) [File not signed]
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C781F3-0D33-421F-92BA-8B1F1B931479} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-17] (Adobe Inc. -> Adobe)
Task: {0267CA06-CDDD-47D0-874E-BE28DC5B9D9E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0A1DDC30-52A3-4038-A2D0-FAE5E58E115A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0B6C3EF3-B7C7-4EFD-B205-9F6F19A4119C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0EE73C50-8561-4BAD-9C39-89336E52543E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0EE9F0EE-53A6-4F92-A485-6166E35F8AE3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {14A8C3EB-57C9-4A5D-8DC6-4A1B37EAD034} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {14B287BA-F7B5-4D9B-B3F1-600C02DBDB7B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {15357CF9-8CFC-4A3F-9B92-7FDDA1FE4E62} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {1B32646E-279F-4631-8D85-CE757A916708} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {1F110442-2C7C-44A8-BF69-D95368CEF86A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2312D28B-BF70-4D8E-AF27-1937DF6AF89C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {237E5268-A490-435A-B330-D160DA565BF7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28CECB5E-0C64-4AC8-9965-5D8C6C20DF94} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C0C9390-64A1-4BA7-90DB-2694C94C0749} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2CADB54B-1A96-42D1-9CA4-A806D12D9762} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2EE1049F-50C4-4ED9-9A8B-978FB6A0997B} - System32\Tasks\ASC8_SkipUac_Dominik => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {2F596955-B1F3-483E-B4B2-8AAEE829FF76} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27349088 2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3086F18E-A7CA-4885-AE15-450F76D42160} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {325EA837-42D8-4FF5-AF0A-85B3A991BD72} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation)
Task: {35BE18EA-CC3B-4B3C-A505-5A7C12D60C85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D26CCF2-6526-4463-8404-479853F053DD} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3D9F21A6-2960-4714-BA36-F318B45DFE11} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {3DF836C1-F34E-437A-BAC2-EA8C1D2B7F72} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4480661A-0984-4DD9-BDBF-EF1F00604A1F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {48247B84-2E0F-4ACC-97DB-E12883FD8ADC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4880AA04-A3B6-40B1-B26A-57C7C7DC1F6A} - System32\Tasks\AutoUpdate Allplan 2016 => C:\Program Files\Allplan\Allplan 2016\prg\NemDownloadHandler.exe
Task: {48E25E5A-4291-4623-8BB6-AE75A1C6D41A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4963F518-E988-4B51-9910-86B1632C28CD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4A20AE86-D837-4453-A1B9-720BB72B9968} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233224 2011-11-25] (Intel® Services Manager -> Intel Corporation)
Task: {4D0D68E7-3242-4D72-ADEA-8F329C45DD19} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {55C7D645-76AE-40A6-8771-74D8C9EB46A0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56D42325-FDF1-41A7-93F9-DAF25C4A857C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {58C72D14-08FC-4B2D-9E4F-36260B3862F0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C69759D-D1D4-4BFB-B728-D2A4957C5377} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5D34A139-EF13-4417-A5BA-F131E801ED2E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [897008 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EA7F5BD-E35B-4D7C-BF08-57EAA84B4A30} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5F89D71E-8AF1-462A-8F0D-1885413D1365} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {61C133AA-5A0E-4CFA-9B9B-CE1DF240D2D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {63CC45C2-3D37-4A91-A45C-FA54BD75A27F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {6C3DCA69-6D5A-47D4-8061-38FBC566DD2E} - System32\Tasks\{50D27824-46E0-4D8A-942E-AE24EC49B524} => C:\WINDOWS\system32\pcalua.exe -a "D:\Games\GTA SA\GTA San Andreas\gta_sa.exe" -d "D:\Games\GTA SA\GTA San Andreas"
Task: {6C4D66FF-E13F-4147-ABED-FD79EEFD9E6F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6450840 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6EFD9847-0EE3-4186-AF2A-BD63C4073007} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-14] (Adobe Inc. -> Adobe)
Task: {715A7A29-73E5-420E-B084-DDDFD8C0C507} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {74C2F845-EFB7-46EE-B7CB-81783115AAD8} - System32\Tasks\AutoKMSDaily => C:\windows\AutoKMS.exe
Task: {85083E6D-69E6-45A9-9E6B-E471BE36FA9C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {89E84774-2F58-4329-ADF9-445279BF7270} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-17] (Adobe Inc. -> Adobe)
Task: {91590E8D-27B6-4634-8F94-E32B67A002EB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {92F3726E-6410-4200-9D0C-D13E0F19FF03} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9335FA0B-8F61-4168-825E-C5E8D400D957} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4565792 2016-08-12] (IObit Information Technology -> IObit)
Task: {994BF456-7F98-47AE-ACB0-F86788CC0ABC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4E2A839-79D1-42A4-8047-FC8A223BBCD0} - System32\Tasks\{AE4249E7-C0DB-4271-A323-4F8F13C70DE4} => C:\WINDOWS\system32\pcalua.exe -a "D:\Games\Red Orchestra 2\Binaries\Win32\ROGame.exe" -d "D:\Games\Red Orchestra 2"
Task: {A62CB945-2676-4EA4-8A7D-7E24377F5BC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27349088 2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A65A8840-2D22-4786-ADF3-6F10F9FF0376} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {ABA4AEB9-AF93-4DCB-89D4-7D7A1FFBB1B7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206784 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD737C5D-9ACB-4E2F-9195-EAC1883493BD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {ADBBBE34-143E-45AB-A743-DE32E74BB835} - System32\Tasks\Opera scheduled Autoupdate 1411450744 => C:\Program Files (x86)\Opera\launcher.exe [1348120 2019-07-24] (Opera Software AS -> Opera Software)
Task: {AE79537C-8C2A-4213-BD49-270D8670B9C2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B141D3B9-6898-446D-8EEE-12904D6E9588} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2E17278-A4AB-466C-A7EB-66C2B0484A84} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B320EFB9-809A-4311-892D-6F39AC762A46} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BBA450A6-50C2-4737-A361-6E76E4D0AAFC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [154072 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDBADF31-76C0-46A6-A23E-91709768E8A5} - System32\Tasks\{3EE28D53-8260-4C57-87D5-E3FA05CE1988} => c:\program files (x86)\opera\launcher.exe [1348120 2019-07-24] (Opera Software AS -> Opera Software)
Task: {C33059F2-CE69-4AE8-917A-DE79BBC83CE9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C3F80701-8F76-49F1-AB67-6E197664D412} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C43D515E-3D00-47ED-80D2-1D2652131B4D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C45CB288-DF11-470C-A5F2-0A19023490B1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C5C3B136-0723-47C6-92BB-99122D876A75} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C7D2C127-D5E1-49FF-931B-60A4DA9FBF20} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {C9012F8D-D37D-4867-87D7-D1BD21C18B2F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB5BED74-3AE8-47A4-AA98-AD5C3DA46C68} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CC09B524-0DD7-402A-8F8F-E91F310CF4FB} - System32\Tasks\{8A4955E7-A4C3-4671-ADC7-4E2DA5180FE2} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus\uninstallDriver.exe" -d "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus"
Task: {D2160383-350F-4D7D-B90C-6AF87728AE70} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2206784 2019-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D31EC212-0893-492F-A235-683C6B64C501} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD01B4F7-BDFC-481A-AD2C-7A1AFB6A0852} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DD928CF8-75C3-43B4-9A5D-712E6CC721FC} - System32\Tasks\AdobeAAMUpdater-1.0-Dominik-NB-Dominik => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E0BE0CF0-0FBD-4982-9391-8C8971597303} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E1786C6A-7EAB-493D-B61B-689B2F70B901} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
Task: {E2243E5A-F5DA-4A6B-85FF-C805FD9DE076} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {E24AF893-E072-4453-958D-EB68B60E2640} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E2D1E411-05C3-450F-8D33-CFAF4DB7B7E6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {E3471997-B493-4367-8F39-DACC1BFC043F} - System32\Tasks\Driver Booster SkipUAC (Dominik) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {E356E306-12D1-4AE9-9069-51C1389138FD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3788144 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBFC00BA-DAE5-4CA8-B436-72FE6A03AA5F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EEFED79D-E93A-4A59-9A8A-3EB5AF9661E9} - System32\Tasks\{9F0E94F8-19EE-40F7-BF7F-D2B77815CB33} => C:\WINDOWS\system32\pcalua.exe -a "D:\Games\Mafia 1\Game.exe" -d "D:\Games\Mafia 1"
Task: {F8A44957-71FB-4012-89D1-079A83116B81} - System32\Tasks\Uninstaller_SkipUac_Dominik => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4565792 2016-08-12] (IObit Information Technology -> IObit)
Task: {F943EE54-3825-4DAA-A746-5DB7F1F3612E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoUpdate Allplan 2016.job => C:\Program Files\Allplan\Allplan 2016\prg\NemDownloadHandler.exeK/f C:\Doom\Škola\Vysoka\Ingeneer\3 semestr\Allplan\Std\AllplanUpdate.inf
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3a69e1ef-6628-4bef-909a-08185efa1f92}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/
SearchScopes: HKLM -> DefaultScope {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {A43E8672-A118-47A8-A9FD-1DD94417CA51} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23] (IObit Information Technology -> IObit)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2436287953-487312208-2763931872-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dominik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)

Opera:
=======
OPR StartupUrls: "hxxp://www.centrum.cz/"

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk, Inc -> Autodesk Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11466776 2019-07-17] (Microsoft Corporation -> Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2016-09-18] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2429544 2011-12-07] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-15] (Intel Corporation -> )
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation -> Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit Information Technology -> IObit)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [472200 2019-03-04] (Geek Software GmbH -> Geek Software GmbH)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2017-11-23] (Even Balance, Inc. -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [315768 2016-08-05] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [195584 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 bdfsfltr; C:\windows\system32\Drivers\bdfsfltr.sys [431176 2011-03-24] (BitDefender SRL -> BitDefender)
S3 clwvd; C:\WINDOWS\system32\DRIVERS\clwvd.sys [31216 2011-10-13] (CyberLink -> CyberLink Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31832 2016-09-18] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 GRemoteBus; C:\WINDOWS\System32\DRIVERS\GRemoteBus64.sys [27336 2009-08-05] (GBM Software -> GBM Software)
S3 GRemoteJoy; C:\WINDOWS\System32\DRIVERS\GRemoteJoy64.sys [46792 2009-08-05] (GBM Software -> GBM Software)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-23] (Martin Malik - REALiX -> REALiX(tm))
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (Micro-Star Int'l Co. Ltd. -> MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_b5e3213e640f6936\nvlddmkm.sys [20747736 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_b5e3213e640f6936\nvpciflt.sys [57216 2019-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
S3 vjoy; C:\WINDOWS\System32\DRIVERS\vjoy.sys [44656 2014-09-15] (Shaul Eizikovich -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-02 18:25 - 2019-08-02 18:26 - 000776850 _____ C:\Users\Dominik\Downloads\1NP_PAL_PROV.dwg
2019-08-01 23:54 - 2019-08-01 23:54 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-01 23:50 - 2019-08-01 23:51 - 000000000 ____D C:\AdwCleaner
2019-08-01 23:48 - 2019-08-01 23:49 - 007623880 _____ (Malwarebytes) C:\Users\Dominik\Desktop\AdwCleaner.exe
2019-08-01 23:46 - 2019-08-01 23:53 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-01 23:46 - 2019-08-01 23:46 - 000000000 ____D C:\Users\Dominik\AppData\Local\mbamtray
2019-08-01 20:53 - 2019-08-01 20:58 - 000052326 _____ C:\Users\Dominik\Desktop\Addition.txt
2019-08-01 20:45 - 2019-08-02 18:28 - 000043807 _____ C:\Users\Dominik\Desktop\FRST.txt
2019-08-01 20:45 - 2019-08-01 20:58 - 000000000 ____D C:\FRST
2019-08-01 20:43 - 2019-08-01 20:43 - 002096128 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2019-07-31 13:58 - 2019-07-31 13:58 - 000003960 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1411450744
2019-07-31 13:58 - 2019-07-31 13:58 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-07-31 11:18 - 2019-07-31 11:18 - 000000080 ___SH C:\bootTel.dat
2019-07-31 08:56 - 2019-07-31 08:56 - 000000000 ____D C:\Program Files (x86)\Photoshop 2
2019-07-30 23:24 - 2019-07-30 23:24 - 000000000 ____D C:\ProgramData\GridinSoft
2019-07-23 20:27 - 2019-07-23 20:27 - 000000198 ____H C:\Users\Dominik\Downloads\REZ-AA´.dwl2
2019-07-23 20:27 - 2019-07-23 20:27 - 000000047 ____H C:\Users\Dominik\Downloads\REZ-AA´.dwl
2019-07-20 12:34 - 2019-07-20 12:34 - 000000198 ____H C:\Users\Dominik\Downloads\1NP.dwl2
2019-07-20 12:34 - 2019-07-20 12:34 - 000000047 ____H C:\Users\Dominik\Downloads\1NP.dwl
2019-07-14 19:07 - 2019-07-14 19:07 - 000000000 ___HD C:\$SysReset
2019-07-03 22:39 - 2019-04-10 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-07-03 22:39 - 2019-04-10 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-07-03 22:39 - 2019-04-10 16:54 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-07-03 22:39 - 2019-04-10 16:54 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-07-03 22:39 - 2019-04-09 13:43 - 000651576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2019-07-03 22:39 - 2019-04-09 13:43 - 000124784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2019-07-03 22:39 - 2019-04-09 13:43 - 000082984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2019-07-03 22:36 - 2019-04-10 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-07-03 22:36 - 2019-04-10 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-07-03 22:36 - 2019-04-10 16:54 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-07-03 22:36 - 2019-04-10 16:54 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-07-03 22:36 - 2019-04-10 16:53 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-07-03 22:36 - 2019-04-10 16:53 - 000457096 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 040421064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 035268296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 005276064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 004625552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 002033112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001734288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6442531.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001536144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6442531.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001465432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 001130584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 000668664 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 000631896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 000534936 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-07-03 22:36 - 2019-04-10 16:52 - 000522144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-07-03 22:36 - 2019-04-10 13:52 - 010320528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-07-03 22:36 - 2019-04-10 13:52 - 008785944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-07-03 22:36 - 2019-04-10 13:52 - 001169120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-07-03 22:36 - 2019-04-10 13:52 - 000915088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 020107920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 017432992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 005045704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 004304672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 001462024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 001145536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 000794440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-07-03 22:36 - 2019-04-10 13:51 - 000638176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-07-03 22:36 - 2019-04-09 15:40 - 000066792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-07-03 22:36 - 2019-04-09 15:40 - 000049910 _____ C:\WINDOWS\system32\nvinfo.pb
2019-07-03 21:55 - 2019-07-03 21:55 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-07-03 21:55 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:55 - 2019-06-18 10:59 - 002785776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-07-03 21:54 - 2019-07-03 21:54 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:54 - 2019-07-03 21:54 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-03 21:54 - 2019-04-17 09:42 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2019-07-03 21:54 - 2019-04-17 06:44 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\SETFE0C.tmp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-02 18:26 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2019-08-02 18:22 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-02 18:18 - 2019-06-21 07:46 - 000004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E0808202-FEF3-4355-A9C6-430E8A2F7F74}
2019-08-02 18:15 - 2019-06-21 07:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-02 18:02 - 2016-10-04 04:16 - 000000000 ____D C:\ProgramData\NVIDIA
2019-08-02 17:59 - 2014-09-24 15:13 - 000000000 __SHD C:\Users\Dominik\IntelGraphicsProfiles
2019-08-01 23:53 - 2019-06-21 07:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-01 23:52 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-01 23:51 - 2016-10-05 19:15 - 000000000 ____D C:\Users\Dominik\AppData\Roaming\IObit
2019-08-01 23:51 - 2014-09-23 08:12 - 000000000 ____D C:\Users\Dominik\AppData\LocalLow\IObit
2019-08-01 23:49 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-08-01 22:49 - 2015-05-13 23:38 - 000000000 ____D C:\Users\Dominik\Downloads\Inst
2019-08-01 20:43 - 2019-06-20 21:26 - 000000000 ____D C:\Users\DefaultAppPool
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Portable Devices
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-08-01 20:43 - 2019-03-19 13:58 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2019-08-01 20:43 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\dsc
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Keywords
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\downlevel
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\DDFs
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\L2Schemas
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\IME
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-01 20:43 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-08-01 20:43 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2019-08-01 20:42 - 2019-03-19 13:56 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-08-01 20:42 - 2019-03-19 13:55 - 000000000 ____D C:\WINDOWS\system32\cs
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2019-08-01 20:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-08-01 20:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Containers
2019-08-01 20:36 - 2015-07-06 20:19 - 000000000 ____D C:\ProgramData\Autodesk
2019-08-01 20:36 - 2014-09-23 08:13 - 000000000 ____D C:\Users\Dominik\AppData\Roaming\ProductData
2019-08-01 20:36 - 2012-05-15 19:40 - 000000000 ___HD C:\SuperChargerProfile
2019-08-01 20:23 - 2016-02-15 18:48 - 000000132 _____ C:\Users\Dominik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2019-08-01 20:14 - 2019-07-01 17:16 - 000000000 ____D C:\Users\Dominik\Documents\Assassin's Creed Unity
2019-08-01 20:11 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-01 20:07 - 2017-11-22 21:12 - 000000000 ____D C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2019-08-01 20:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2019-08-01 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-01 19:59 - 2014-09-23 07:39 - 000000000 ____D C:\Program Files (x86)\Opera
2019-08-01 19:57 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-01 19:48 - 2019-06-20 21:26 - 000000000 ____D C:\Users\Dominik
2019-07-31 23:30 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-31 13:13 - 2019-06-25 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2019-07-31 13:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-07-31 13:12 - 2009-07-14 05:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-07-31 13:11 - 2017-04-04 20:08 - 000000000 ____D C:\ProgramData\InstallShield
2019-07-31 13:11 - 2015-07-07 10:00 - 000000000 ____D C:\ProgramData\FLEXnet
2019-07-31 13:11 - 2015-02-18 15:13 - 000000000 ____D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
2019-07-31 13:11 - 2015-02-18 15:13 - 000000000 ____D C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
2019-07-31 13:11 - 2014-09-23 08:12 - 000000000 ____D C:\ProgramData\ProductData
2019-07-31 13:10 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-07-31 13:10 - 2017-08-14 08:22 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-07-31 12:51 - 2015-11-11 21:56 - 000000000 ____D C:\Users\Dominik\AppData\Roaming\Adobe
2019-07-31 12:51 - 2015-11-10 22:57 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-31 12:48 - 2019-06-25 21:30 - 000000000 ____D C:\Program Files\Adobe
2019-07-31 12:48 - 2014-11-11 17:50 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-07-31 12:30 - 2019-01-27 02:24 - 000000000 ___HD C:\Users\Dominik\AppData\Local\TtizbERQfJ9
2019-07-31 12:26 - 2019-06-21 07:46 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-31 12:26 - 2019-06-21 07:40 - 001920526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-31 12:26 - 2019-03-19 13:55 - 000783062 _____ C:\WINDOWS\system32\perfh005.dat
2019-07-31 12:26 - 2019-03-19 13:55 - 000172644 _____ C:\WINDOWS\system32\perfc005.dat
2019-07-31 00:08 - 2016-02-09 19:35 - 000000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2019-07-26 13:42 - 2018-02-19 18:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-23 21:05 - 2017-12-20 00:56 - 000000000 ____D C:\Users\Dominik\AppData\Local\Packages
2019-07-17 20:08 - 2016-10-05 19:15 - 000000000 ____D C:\ProgramData\IObit
2019-07-17 19:54 - 2014-09-23 20:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-17 19:50 - 2014-09-23 20:53 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-17 19:35 - 2019-06-21 07:46 - 000004612 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-17 19:35 - 2019-06-13 18:12 - 004863032 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-07-17 19:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-17 19:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-14 20:21 - 2017-04-29 10:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-07-14 20:02 - 2019-06-21 07:46 - 000004648 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-14 20:02 - 2019-06-21 07:46 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-07-10 07:39 - 2010-11-21 05:27 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-08 16:40 - 2014-09-24 08:29 - 000000000 ____D C:\Users\Dominik\AppData\Local\NVIDIA
2019-07-05 21:04 - 2017-04-22 11:31 - 000000002 _____ C:\WINDOWS\SysWOW64\ReScanSoft.dat
2019-07-05 14:55 - 2019-06-21 08:15 - 000000000 ____D C:\Windows.old
2019-07-03 22:39 - 2017-04-29 10:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-07-03 22:39 - 2017-04-29 10:19 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-07-03 21:56 - 2014-09-24 08:29 - 000000000 ____D C:\Users\Dominik\AppData\Local\NVIDIA Corporation
2019-07-03 11:04 - 2019-06-19 20:39 - 000000000 ___DC C:\WINDOWS\Panther

==================== Files in the root of some directories ================

2015-06-01 19:39 - 2015-10-06 21:30 - 000000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-12-14 00:18 - 2019-05-19 13:14 - 000000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2015-06-01 19:36 - 2015-10-06 21:18 - 000000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2016-02-15 18:48 - 2019-08-01 20:23 - 000000132 _____ () C:\Users\Dominik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2016-10-02 21:05 - 2016-10-02 21:05 - 000099384 _____ () C:\Users\Dominik\AppData\Roaming\inst.exe
2018-01-13 16:25 - 2002-08-29 19:33 - 000319488 _____ () C:\Users\Dominik\AppData\Roaming\MafiaSetup.exe
2016-10-02 21:05 - 2016-10-02 21:05 - 000007859 _____ () C:\Users\Dominik\AppData\Roaming\pcouffin.cat
2016-10-02 21:05 - 2016-10-02 21:05 - 000001167 _____ () C:\Users\Dominik\AppData\Roaming\pcouffin.inf
2016-10-02 21:05 - 2016-10-02 21:05 - 000000055 _____ () C:\Users\Dominik\AppData\Roaming\pcouffin.log
2016-10-02 21:05 - 2016-10-02 21:05 - 000082816 _____ (VSO Software) C:\Users\Dominik\AppData\Roaming\pcouffin.sys
2016-07-19 19:57 - 2016-07-19 19:57 - 000001480 _____ () C:\Users\Dominik\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2014-11-05 17:05 - 2014-11-05 17:05 - 000005177 _____ () C:\Users\Dominik\AppData\Local\recently-used.xbel

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\Temp:ChCOn8cYR9rqpi0C5wKlhq0u [2280]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\Temp:S5zubG10KsrZmGGOHBjuQ [2122]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\TtizbERQfJ9:uKdiE6X4KKhTI5Nwuh4etF [2076]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Policies\Explorer: []
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Task: {0A1DDC30-52A3-4038-A2D0-FAE5E58E115A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0EE73C50-8561-4BAD-9C39-89336E52543E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {14B287BA-F7B5-4D9B-B3F1-600C02DBDB7B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {15357CF9-8CFC-4A3F-9B92-7FDDA1FE4E62} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {1B32646E-279F-4631-8D85-CE757A916708} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
C:\windows\AutoKMS.exe
Task: {3086F18E-A7CA-4885-AE15-450F76D42160} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3DF836C1-F34E-437A-BAC2-EA8C1D2B7F72} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {56D42325-FDF1-41A7-93F9-DAF25C4A857C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5EA7F5BD-E35B-4D7C-BF08-57EAA84B4A30} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5F89D71E-8AF1-462A-8F0D-1885413D1365} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6C3DCA69-6D5A-47D4-8061-38FBC566DD2E} - System32\Tasks\{50D27824-46E0-4D8A-942E-AE24EC49B524} => C:\WINDOWS\system32\pcalua.exe -a "D:\Games\GTA SA\GTA San Andreas\gta_sa.exe" -d "D:\Games\GTA SA\GTA San Andreas"
Task: {74C2F845-EFB7-46EE-B7CB-81783115AAD8} - System32\Tasks\AutoKMSDaily => C:\windows\AutoKMS.exe
Task: {85083E6D-69E6-45A9-9E6B-E471BE36FA9C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C5C3B136-0723-47C6-92BB-99122D876A75} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CB5BED74-3AE8-47A4-AA98-AD5C3DA46C68} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CC09B524-0DD7-402A-8F8F-E91F310CF4FB} - System32\Tasks\{8A4955E7-A4C3-4671-ADC7-4E2DA5180FE2} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus\uninstallDriver.exe" -d "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus"
Task: {E0BE0CF0-0FBD-4982-9391-8C8971597303} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/
SearchScopes: HKLM -> DefaultScope {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {A43E8672-A118-47A8-A9FD-1DD94417CA51} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL =
U3 idsvc; no ImagePath
D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
C:\Users\Dominik\AppData\Local\TtizbERQfJ9

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Doomis]

uz to vypada lepe )

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by Dominik (02-08-2019 19:17:29) Run:1
Running from C:\Users\Dominik\Desktop
Loaded Profiles: Dominik (Available Profiles: Dominik & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => -> No File
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\Temp:ChCOn8cYR9rqpi0C5wKlhq0u [2280]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\Temp:S5zubG10KsrZmGGOHBjuQ [2122]
AlternateDataStreams: C:\Users\Dominik\AppData\Local\TtizbERQfJ9:uKdiE6X4KKhTI5Nwuh4etF [2076]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\...\Policies\Explorer: []
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Task: {0A1DDC30-52A3-4038-A2D0-FAE5E58E115A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0EE73C50-8561-4BAD-9C39-89336E52543E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {14B287BA-F7B5-4D9B-B3F1-600C02DBDB7B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {15357CF9-8CFC-4A3F-9B92-7FDDA1FE4E62} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {1B32646E-279F-4631-8D85-CE757A916708} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
C:\windows\AutoKMS.exe
Task: {3086F18E-A7CA-4885-AE15-450F76D42160} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3DF836C1-F34E-437A-BAC2-EA8C1D2B7F72} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {56D42325-FDF1-41A7-93F9-DAF25C4A857C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {5EA7F5BD-E35B-4D7C-BF08-57EAA84B4A30} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5F89D71E-8AF1-462A-8F0D-1885413D1365} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6C3DCA69-6D5A-47D4-8061-38FBC566DD2E} - System32\Tasks\{50D27824-46E0-4D8A-942E-AE24EC49B524} => C:\WINDOWS\system32\pcalua.exe -a "D:\Games\GTA SA\GTA San Andreas\gta_sa.exe" -d "D:\Games\GTA SA\GTA San Andreas"
Task: {74C2F845-EFB7-46EE-B7CB-81783115AAD8} - System32\Tasks\AutoKMSDaily => C:\windows\AutoKMS.exe
Task: {85083E6D-69E6-45A9-9E6B-E471BE36FA9C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C5C3B136-0723-47C6-92BB-99122D876A75} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CB5BED74-3AE8-47A4-AA98-AD5C3DA46C68} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CC09B524-0DD7-402A-8F8F-E91F310CF4FB} - System32\Tasks\{8A4955E7-A4C3-4671-ADC7-4E2DA5180FE2} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus\uninstallDriver.exe" -d "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Antivirus"
Task: {E0BE0CF0-0FBD-4982-9391-8C8971597303} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/
SearchScopes: HKLM -> DefaultScope {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {A43E8672-A118-47A8-A9FD-1DD94417CA51} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-2436287953-487312208-2763931872-1001 -> {D55F87B8-82EE-47B2-A09F-A3B7B31194B5} URL =
U3 idsvc; no ImagePath
D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA}
C:\Users\Dominik\AppData\Local\TtizbERQfJ9

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AVG Shell Extension => removed successfully
HKLM\Software\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\Users\Dominik\AppData\Local\Temp => ":ChCOn8cYR9rqpi0C5wKlhq0u" ADS removed successfully
C:\Users\Dominik\AppData\Local\Temp => ":S5zubG10KsrZmGGOHBjuQ" ADS removed successfully
C:\Users\Dominik\AppData\Local\TtizbERQfJ9 => ":uKdiE6X4KKhTI5Nwuh4etF" ADS removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0A1DDC30-52A3-4038-A2D0-FAE5E58E115A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A1DDC30-52A3-4038-A2D0-FAE5E58E115A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EE73C50-8561-4BAD-9C39-89336E52543E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EE73C50-8561-4BAD-9C39-89336E52543E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14B287BA-F7B5-4D9B-B3F1-600C02DBDB7B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14B287BA-F7B5-4D9B-B3F1-600C02DBDB7B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{15357CF9-8CFC-4A3F-9B92-7FDDA1FE4E62}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15357CF9-8CFC-4A3F-9B92-7FDDA1FE4E62}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B32646E-279F-4631-8D85-CE757A916708}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B32646E-279F-4631-8D85-CE757A916708}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"C:\windows\AutoKMS.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3086F18E-A7CA-4885-AE15-450F76D42160}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3086F18E-A7CA-4885-AE15-450F76D42160}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DF836C1-F34E-437A-BAC2-EA8C1D2B7F72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DF836C1-F34E-437A-BAC2-EA8C1D2B7F72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56D42325-FDF1-41A7-93F9-DAF25C4A857C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56D42325-FDF1-41A7-93F9-DAF25C4A857C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EA7F5BD-E35B-4D7C-BF08-57EAA84B4A30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EA7F5BD-E35B-4D7C-BF08-57EAA84B4A30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F89D71E-8AF1-462A-8F0D-1885413D1365}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F89D71E-8AF1-462A-8F0D-1885413D1365}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C3DCA69-6D5A-47D4-8061-38FBC566DD2E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C3DCA69-6D5A-47D4-8061-38FBC566DD2E}" => removed successfully
C:\WINDOWS\System32\Tasks\{50D27824-46E0-4D8A-942E-AE24EC49B524} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{50D27824-46E0-4D8A-942E-AE24EC49B524}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74C2F845-EFB7-46EE-B7CB-81783115AAD8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74C2F845-EFB7-46EE-B7CB-81783115AAD8}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMSDaily => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85083E6D-69E6-45A9-9E6B-E471BE36FA9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85083E6D-69E6-45A9-9E6B-E471BE36FA9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5C3B136-0723-47C6-92BB-99122D876A75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5C3B136-0723-47C6-92BB-99122D876A75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB5BED74-3AE8-47A4-AA98-AD5C3DA46C68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB5BED74-3AE8-47A4-AA98-AD5C3DA46C68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC09B524-0DD7-402A-8F8F-E91F310CF4FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC09B524-0DD7-402A-8F8F-E91F310CF4FB}" => removed successfully
C:\WINDOWS\System32\Tasks\{8A4955E7-A4C3-4671-ADC7-4E2DA5180FE2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8A4955E7-A4C3-4671-ADC7-4E2DA5180FE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0BE0CF0-0FBD-4982-9391-8C8971597303}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0BE0CF0-0FBD-4982-9391-8C8971597303}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
C:\WINDOWS\Tasks\AutoKMSDaily.job => moved successfully
C:\WINDOWS\Tasks\AutoKMS.job => moved successfully
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D55F87B8-82EE-47B2-A09F-A3B7B31194B5} => removed successfully
HKLM\Software\Classes\CLSID\{D55F87B8-82EE-47B2-A09F-A3B7B31194B5} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D55F87B8-82EE-47B2-A09F-A3B7B31194B5} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D55F87B8-82EE-47B2-A09F-A3B7B31194B5} => not found
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A43E8672-A118-47A8-A9FD-1DD94417CA51} => removed successfully
HKLM\Software\Classes\CLSID\{A43E8672-A118-47A8-A9FD-1DD94417CA51} => not found
HKU\S-1-5-21-2436287953-487312208-2763931872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D55F87B8-82EE-47B2-A09F-A3B7B31194B5} => removed successfully
HKLM\Software\Classes\CLSID\{D55F87B8-82EE-47B2-A09F-A3B7B31194B5} => not found
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
D C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690} => Error: No automatic fix found for this entry.
C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA} => moved successfully
C:\Users\Dominik\AppData\Local\TtizbERQfJ9 => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17084934 B
Java, Flash, Steam htmlcache => 541 B
Windows/system/drivers => 123610960 B
Edge => 49875 B
Chrome => 0 B
Firefox => 0 B
Opera => 276354903 B

Temp, IE cache, history, cookies, recent:
Default => 6164 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 6164 B
LocalService => 0 B
NetworkService => 12230 B
NetworkService => 0 B
Dominik => 8491868 B
DefaultAppPool => 6164 B

RecycleBin => 0 B
EmptyTemp: => 416.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:19:23 ====

[Rudy]

Smazáno. Ještě je nějaký problém?

[Doomis]

Děkuji za pomoc... projedu to, restartuji a uvidím. Po víkendu bych se ozval. Děkuji

[Rudy]

OK, zatím nemáte zač!

[Doomis]

Tak NB zatím šlape tak, jak má děkuji za pomoc můžete uzamknout, smazat. Děkuji

[Rudy]

Nemáte zač!