Preventivní kontrola

[martin06]

Zdravím,

prosím o prozkoukání logu z preventivních důvodů. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2020-01-18 15:12:50
Microsoft Windows 10 Home
System drive C: has 157 GB (69%) free of 228 GB
Total RAM: 16319 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:12:54, on 18.01.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe
C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Discord] C:\Users\Martin\AppData\Local\Discord\app-0.0.305\Discord.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Acronis Active Protection (TM) Service (AcronisActiveProtectionService) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_5a2a0 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DeveloperToolsSvc.exe,-100 (DeveloperToolsService) - Unknown owner - C:\WINDOWS\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe
O23 - Service: Acronis Managed Machine Service Mini (mmsminisrv) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
O23 - Service: Server záloh mobilního zařízení Acronis (mobile_backup_server) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
O23 - Service: Stav serveru záloh mobilního zařízení Acronis (mobile_backup_status_server) - Unknown owner - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH SSH Server (sshd) - Unknown owner - C:\WINDOWS\System32\OpenSSH\sshd.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 14 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12081 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"

C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
"C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
dashost.exe {323469a3-d6b6-4fbc-bd806a894c8ece5e}
C:\WINDOWS\System32\svchost.exe -k netsvcs
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe" -schedule
"C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19112.115.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca

C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
C:\WINDOWS\system32\MicrosoftEdgeSH.exe SCODEF:8440 CREDAT:9730 APH:1000000000000007 JITHOST /prefetch:2
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\WINDOWS\SysWOW64\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1952709571-807798404-1509361630-10032_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1952709571-807798404-1509361630-10032 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1652,12714081355702607337,16347304119507397069,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\Martin\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Martin\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=7466123858222034351 --mojo-platform-channel-handle=1944 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Martin\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1652,12714081355702607337,16347304119507397069,131072 --disable-features=VizDisplayCompositor --service-pipe-token=1521367427605448408 --lang=en-US --log-file="C:\Users\Martin\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=1521367427605448408 --renderer-client-id=3 --mojo-platform-channel-handle=2604 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\WINDOWS\system32\AUDIODG.EXE 0x7b8
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="13140.0.490438780\784905178" -parentBuildID 20200107212822 -prefsHandle 1648 -prefMapHandle 1640 -prefsLen 1 -prefMapSize 225015 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 13140 "\\.\pipe\gecko-crash-server-pipe.13140" 1712 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="13140.3.1182060897\756162100" -childID 1 -isForBrowser -prefsHandle 2504 -prefMapHandle 2500 -prefsLen 102 -prefMapSize 225015 -parentBuildID 20200107212822 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 13140 "\\.\pipe\gecko-crash-server-pipe.13140" 2512 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="13140.13.1360734610\825140978" -childID 2 -isForBrowser -prefsHandle 3860 -prefMapHandle 3856 -prefsLen 6365 -prefMapSize 225015 -parentBuildID 20200107212822 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 13140 "\\.\pipe\gecko-crash-server-pipe.13140" 3872 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="13140.20.1582281964\1631607194" -childID 3 -isForBrowser -prefsHandle 4244 -prefMapHandle 4160 -prefsLen 7033 -prefMapSize 225015 -parentBuildID 20200107212822 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 13140 "\\.\pipe\gecko-crash-server-pipe.13140" 4608 tab
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20410.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20410.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="13140.27.1575708400\1490282877" -childID 4 -isForBrowser -prefsHandle 3828 -prefMapHandle 4080 -prefsLen 7080 -prefMapSize 225015 -parentBuildID 20200107212822 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 13140 "\\.\pipe\gecko-crash-server-pipe.13140" 4136 tab
"C:\WINDOWS\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe" -ServerName:App.AppXagta193n5rpf7mheremt3yyfa1g555vc.mca
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="13140.34.117730768\1327255828" -childID 5 -isForBrowser -prefsHandle 9472 -prefMapHandle 9468 -prefsLen 7080 -prefMapSize 225015 -parentBuildID 20200107212822 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 13140 "\\.\pipe\gecko-crash-server-pipe.13140" 9448 tab

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Martin\Downloads\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.314 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.201.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.201.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.314 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-07 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-07 194424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 84992]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2017-12-01 519912]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2018-01-03 9246656]
"VX1000"=C:\Windows\vVX1000.exe []
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-01-07 1584488]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-12-17 731240]
"Steam"=D:\Steam\steam.exe [2019-12-16 3288016]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-03-11 22488952]
"Discord"=C:\Users\Martin\AppData\Local\Discord\app-0.0.305\Discord.exe [2019-03-07 81780056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2017-12-01 425864]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2017-12-01 3770736]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-12-16 601424]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
SshdPinAuthLsa

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-01-18 15:12:50 ----D---- C:\rsit
2020-01-18 15:12:50 ----D---- C:\Program Files\trend micro
2020-01-15 21:54:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2020-01-15 21:54:09 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 21:54:09 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 21:54:08 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 21:54:08 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 21:54:08 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 21:54:08 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 21:54:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-01-15 21:54:07 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2020-01-15 21:54:07 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2020-01-15 21:54:07 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-01-15 21:54:07 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-01-15 21:54:07 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\SYSWOW64\wiatrace.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\SYSWOW64\wiadss.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\SYSWOW64\wiaaut.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\SYSWOW64\sti.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\system32\tsmf.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\system32\tsgqec.dll
2020-01-15 21:54:06 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-01-15 21:54:05 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-01-15 21:54:05 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\wiatrace.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\wiaservc.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\wiarpc.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\wiadss.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\wiaaut.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\sti_ci.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\sti.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\jscript.dll
2020-01-15 21:54:04 ----A---- C:\WINDOWS\system32\edgehtml.dll
2020-01-15 21:54:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 21:54:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-01-15 21:54:03 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-01-15 21:54:03 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2020-01-15 21:54:03 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2020-01-15 21:54:03 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 21:54:03 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2020-01-15 21:54:03 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-01-15 21:54:03 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-01-15 21:54:02 ----A---- C:\WINDOWS\SYSWOW64\clfsw32.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\pidgenx.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\crypt32.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 21:54:01 ----A---- C:\WINDOWS\system32\clfsw32.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\win32u.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\win32k.sys
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\user32.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\tquery.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\provtool.exe
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\provops.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\provhandlers.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\provengine.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\provdatastore.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\mssprxy.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\mssph.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\mssitlb.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\msscntrs.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 21:54:00 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 21:50:28 ----A---- C:\WINDOWS\system32\poqexec.exe
2020-01-15 21:50:27 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2019-12-23 16:07:08 ----SHD---- C:\Config.Msi
2019-12-22 00:45:22 ----D---- C:\Users\Martin\AppData\Roaming\CitizenFX
2019-12-21 19:50:28 ----D---- C:\Users\Martin\AppData\Roaming\Discord

======List of files/folders modified in the last 1 month======

2020-01-18 15:12:53 ----D---- C:\WINDOWS\Temp
2020-01-18 15:12:50 ----RD---- C:\Program Files
2020-01-18 15:12:30 ----D---- C:\WINDOWS\Prefetch
2020-01-18 15:12:14 ----D---- C:\ProgramData\NVIDIA
2020-01-18 15:10:16 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-01-18 15:10:14 ----D---- C:\Program Files (x86)\TeamViewer
2020-01-18 15:10:12 ----D---- C:\WINDOWS\system32\SleepStudy
2020-01-18 14:43:00 ----D---- C:\WINDOWS\system32\sru
2020-01-18 14:20:42 ----RD---- C:\WINDOWS\Microsoft.NET
2020-01-18 13:46:08 ----D---- C:\WINDOWS\System32
2020-01-18 13:46:08 ----D---- C:\WINDOWS\INF
2020-01-18 13:46:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-18 13:44:13 ----D---- C:\WINDOWS\AppReadiness
2020-01-17 18:02:00 ----D---- C:\WINDOWS\system32\Tasks
2020-01-17 09:16:44 ----RSD---- C:\WINDOWS\assembly
2020-01-17 09:16:43 ----D---- C:\WINDOWS\system32\config
2020-01-17 09:14:21 ----D---- C:\WINDOWS\WinSxS
2020-01-17 09:14:20 ----D---- C:\WINDOWS\system32\DriverStore
2020-01-16 22:43:14 ----SD---- C:\WINDOWS\system32\UNP
2020-01-16 22:43:14 ----D---- C:\WINDOWS\twain_32
2020-01-16 22:43:14 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-01-16 22:43:14 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-01-16 22:43:14 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-01-16 22:43:14 ----D---- C:\WINDOWS\SysWOW64
2020-01-16 22:43:14 ----D---- C:\WINDOWS\SystemResources
2020-01-16 22:43:14 ----D---- C:\WINDOWS\system32\migration
2020-01-16 22:43:14 ----D---- C:\WINDOWS\system32\en-US
2020-01-16 22:43:14 ----D---- C:\WINDOWS\system32\drivers
2020-01-16 22:43:14 ----D---- C:\WINDOWS\system32\cs-CZ
2020-01-16 22:43:14 ----D---- C:\WINDOWS\ShellExperiences
2020-01-16 22:43:14 ----D---- C:\WINDOWS\bcastdvr
2020-01-16 11:05:48 ----D---- C:\WINDOWS\system32\MRT
2020-01-15 21:55:45 ----AC---- C:\WINDOWS\system32\MRT.exe
2020-01-15 21:55:42 ----D---- C:\WINDOWS\CbsTemp
2020-01-15 21:53:34 ----D---- C:\WINDOWS\system32\catroot2
2020-01-15 21:50:21 ----SHD---- C:\System Volume Information
2020-01-15 21:45:05 ----D---- C:\WINDOWS\Logs
2020-01-15 19:18:27 ----D---- C:\Program Files\Mozilla Firefox
2020-01-15 19:18:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-15 14:14:36 ----HD---- C:\Program Files\WindowsApps
2020-01-14 16:56:47 ----D---- C:\WINDOWS\system32\Macromed
2020-01-14 16:56:46 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2020-01-13 16:41:48 ----D---- C:\WINDOWS\system32\LogFiles
2020-01-04 23:03:35 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2019-12-31 19:01:54 ----D---- C:\WINDOWS\system32\NDF
2019-12-29 14:25:14 ----D---- C:\Users\Martin\AppData\Roaming\obs-studio
2019-12-28 14:18:59 ----D---- C:\Users\Martin\AppData\Roaming\slobs-client
2019-12-23 16:07:17 ----SHD---- C:\WINDOWS\Installer
2019-12-23 16:07:17 ----D---- C:\ProgramData\Package Cache
2019-12-21 22:31:06 ----D---- C:\Program Files (x86)\Rockstar Games
2019-12-21 22:31:00 ----D---- C:\Program Files\Rockstar Games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdpsp;@oem1.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2017-11-08 137104]
R0 file_tracker;Acronis File Tracker Driver; C:\WINDOWS\system32\DRIVERS\file_tracker.sys [2018-05-10 379664]
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2018-05-10 182032]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-03-19 89096]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 40960]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2017-06-01 15232]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-12-11 457216]
R2 file_protector;Acronis File Protector Driver; C:\WINDOWS\system32\DRIVERS\file_protector.sys [2018-05-10 564304]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 amdgpio2;@oem15.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-10-01 45832]
R3 amdgpio3;@oem7.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio3.sys [2017-10-16 33144]
R3 AMDPCIDev;@oem9.inf,%AMDPCIDev.SVCDESC%;AMD PCI; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [2018-04-25 31592]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-10-09 117048]
R3 dtlitescsibus;@oem10.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2019-01-08 30264]
R3 dtliteusbbus;@oem20.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2019-01-08 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-01-03 6105024]
R3 NVHDA;@oem13.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2019-08-25 228792]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvlddmkm.sys [2019-08-26 22366088]
R3 nvvad_WaveExtensible;@oem24.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem4.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2019-07-18 75600]
R3 rt640x64;@oem23.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-10-20 1010648]
R3 RtsUpx;RtsUpx Driver; \??\C:\Windows\system32\drivers\RtsUpx.sys [2018-11-18 30328]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-03-19 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 337920]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-13 18432]
S3 asmthub3;ASMedia USB3.1 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2017-11-13 155504]
S3 asmtxhci;ASMedia XHCI Service; C:\WINDOWS\System32\drivers\asmtxhci.sys [2017-11-13 466296]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2017-11-21 111112]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-11 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-11-13 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-11-13 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-11-13 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-11-13 98304]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 dg_ssudbus;@oem18.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-11 20992]
S3 GLCKIO;GLCKIO; \??\C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [2019-12-08 14976]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-03 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-11-13 84488]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-13 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-07-23 30336]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-11 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcronisActiveProtectionService;Acronis Active Protection (TM) Service; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2017-12-01 2723872]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2017-12-01 1133728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2018-05-10 6096688]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [2018-02-06 382424]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [2017-06-01 975832]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_5a2a0;CDPUserSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 LightingService;LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [2018-02-06 1244632]
R2 mmsminisrv;Acronis Managed Machine Service Mini; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [2017-12-01 4808088]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-08-27 860016]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2019-08-25 782136]
R2 OneSyncSvc_5a2a0;OneSyncSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_5a2a0;cbdhsvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-12-17 3644008]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_5a2a0;PimIndexMaintenanceSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2019-09-11 913168]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 debugregsvc;@%SystemRoot%\system32\debugregsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_5a2a0;AarSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-01-14 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_5a2a0;BcastDVRUserService_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-12-08 8402648]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_5a2a0;BluetoothUserService_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_5a2a0;CaptureService_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_5a2a0;ConsentUxUserSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_5a2a0;CredentialEnrollmentManagerUserSvc_5a2a0; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeveloperToolsService;@%SystemRoot%\system32\DeveloperToolsSvc.exe,-100; C:\WINDOWS\System32\DeveloperToolsSvc.exe [2019-03-18 174080]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_5a2a0;DeviceAssociationBrokerSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_5a2a0;DevicePickerUserSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_5a2a0;DevicesFlowUserSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-11 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2019-10-24 777856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-08-07 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_5a2a0;MessagingService_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 mobile_backup_server;Server záloh mobilního zařízení Acronis; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2017-12-01 3004128]
S3 mobile_backup_status_server;Stav serveru záloh mobilního zařízení Acronis; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2017-12-01 1706080]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-01-09 244936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-08-27 860016]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_5a2a0;PrintWorkflowUserSvc_5a2a0; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2019-12-05 474256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT je pro desítky nepoužitelný.

[martin06]

Také Vás zdravím, zde je log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Martin (administrator) on DESKTOP-69LFJ66 (19-01-2020 19:57:49)
Running from C:\Users\Martin\Downloads
Loaded Profiles: Martin (Available Profiles: Martin)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20410.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20410.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12001.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519912 2017-12-01] (Acronis International GmbH -> )
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-12-01] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [3770736 2017-12-01] (Acronis International GmbH -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Steam] => D:\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Run: [Discord] => C:\Users\Martin\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {60327e6c-13ab-11e9-88ca-0c9d9262121a} - "H:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b6ffe-132a-11e9-88c9-0c9d9262121a} - "E:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7132-132a-11e9-88c9-0c9d9262121a} - "F:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7991-132a-11e9-88c9-0c9d9262121a} - "G:\setup.exe"
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00ACE3A9-2EEB-4104-B90D-676A60412772} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11C341B2-37C5-42C1-9BF3-75A76DA86289} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2146CE51-1894-49F9-9E54-8B23542377FB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2332695F-0F91-4FEB-ABA5-96B530C9A0DD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {340EEE1B-638C-4AF0-AA82-664B4B136C4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3DA85365-E7E4-427C-B112-E4FFF539286B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-26] (Apple Inc. -> Apple Inc.)
Task: {486D5A86-E43F-4ACE-A6FF-70CBA670D2FF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4D53CBAB-2C84-4825-AD40-1A9D2DFF5826} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5604FF66-DC32-4AEF-87D9-F6B76F43BACF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {66138D4B-31DD-4304-BF0B-D1A7C6FCFB07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66BA1A9F-46DA-44E2-9E70-06D495F50986} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6A5F5787-32D2-493D-A9A4-C87A7D50CC13} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_Plugin.exe [1457720 2020-01-14] (Adobe Inc. -> Adobe)
Task: {70A87C35-EECB-4259-9410-F52330B5CF39} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {77AFE388-2E99-4E08-906D-36807D7A67E7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7836FF36-D008-4B5B-A398-7312943B6072} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-14] (Adobe Inc. -> Adobe)
Task: {7A1A068C-94C9-4760-9E94-18428B3D1205} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {848B3368-4FCD-44F7-AC25-D1B75021B74C} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2072536 2017-07-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {9226B98D-FF26-4311-835E-77B86A525C1E} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\LightingService\1.00.39\AsRogAuraGpuDllServer.exe [280536 2018-02-06] (ASUSTeK Computer Inc. -> )
Task: {A58F94C2-82BC-4EC9-84F8-F2BCA4884B71} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AED8C40E-6018-4F9B-88DC-48B1036643E1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E5AB2829-5A65-4444-8A9B-8F138EBE1235} - System32\Tasks\ASUS\ASUS FanLEDCtrl => C:\Program Files (x86)\ASUS\AI Suite III\FANRGBHEADER\FanLEDCtrl.exe [1147352 2017-07-17] (ASUSTeK Computer Inc. -> )
Task: {EB300BD0-EFD8-4AF2-B7E0-617D4F4D77ED} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F49E45EC-D8AF-4635-953D-BED6381F7CC8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7DFBBD9-5234-4F1E-B3C9-802BC5F53C21} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FED17FC8-4336-4F7E-9E96-DAACDA1C34CB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ef963f0d-779e-4530-a16a-cc315e621fa8}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: dzgrn46h.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dzgrn46h.default [2020-01-19]
FF Notifications: Mozilla\Firefox\Profiles\dzgrn46h.default -> hxxps://www.kupi.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2723872 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2017-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-08] (BattlEye Innovations e.K. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2019-10-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 LightingService; C:\Program Files (x86)\LightingService\1.00.39\LightingService.exe [1244632 2018-02-06] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1706080 2017-12-01] (Acronis International GmbH -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [474256 2019-12-05] (Rockstar Games, Inc. -> Rockstar Games)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-03-01] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-10-03] (Microsoft Windows -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33144 2017-10-16] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137104 2017-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-01-08] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-08] (Disc Soft Ltd -> Disc Soft Ltd)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [564304 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [379664 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 GLCKIO; C:\Program Files (x86)\ASUS\AURA\690b33e1-0462-4e84-9bea-c7552b45432a.sys [14976 2019-12-08] (ASUSTeK Computer Inc. -> )
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvlddmkm.sys [22366088 2019-08-26] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-10-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [690520 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [326416 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2018-05-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-19 19:57 - 2020-01-19 19:58 - 000025747 _____ C:\Users\Martin\Downloads\FRST.txt
2020-01-19 19:57 - 2020-01-19 19:58 - 000000000 ____D C:\FRST
2020-01-19 19:55 - 2020-01-19 19:56 - 002572800 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2020-01-18 21:07 - 2020-01-18 21:07 - 000000000 ____D C:\Users\Martin\AppData\Local\mbamtray
2020-01-18 21:07 - 2020-01-18 21:07 - 000000000 ____D C:\Users\Martin\AppData\Local\mbam
2020-01-18 21:07 - 2020-01-18 21:07 - 000000000 ____D C:\Users\Martin\AppData\Local\cache
2020-01-18 21:06 - 2020-01-18 21:06 - 001883976 _____ (Malwarebytes) C:\Users\Martin\Downloads\MBSetup.exe
2020-01-18 21:06 - 2020-01-18 21:06 - 000000000 ____D C:\Program Files\Malwarebytes
2020-01-18 15:22 - 2020-01-18 15:26 - 000000000 ____D C:\AdwCleaner
2020-01-18 15:21 - 2020-01-18 15:22 - 008237744 _____ (Malwarebytes) C:\Users\Martin\Downloads\adwcleaner_8.0.1.exe
2020-01-18 15:12 - 2020-01-18 15:12 - 001222144 _____ C:\Users\Martin\Downloads\RSITx64.exe
2020-01-18 15:12 - 2020-01-18 15:12 - 000000000 ____D C:\rsit
2020-01-18 15:12 - 2020-01-18 15:12 - 000000000 ____D C:\Program Files\trend micro
2020-01-17 17:52 - 2020-01-17 17:52 - 000000770 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-01-17 17:52 - 2020-01-17 17:52 - 000000671 _____ C:\Users\Martin\Desktop\ESET Online Scanner.lnk
2020-01-17 17:52 - 2020-01-17 17:52 - 000000000 ____D C:\Users\Martin\AppData\Local\ESET
2020-01-17 17:51 - 2020-01-17 17:52 - 008150840 _____ (ESET spol. s r.o.) C:\Users\Martin\Downloads\esetonlinescanner_csy.exe
2020-01-16 11:49 - 2020-01-16 11:49 - 000357131 _____ C:\Users\Martin\Downloads\Výplata_2019-12(1).pdf
2020-01-16 11:06 - 2020-01-16 11:06 - 000357131 _____ C:\Users\Martin\Downloads\Výplata_2019-12.pdf
2020-01-15 21:54 - 2020-01-15 21:54 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 21:54 - 2020-01-15 21:54 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 21:54 - 2020-01-15 21:54 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 21:54 - 2020-01-15 21:54 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 21:54 - 2020-01-15 21:54 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 21:54 - 2020-01-15 21:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 21:54 - 2020-01-15 21:54 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 21:54 - 2020-01-15 21:54 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 21:54 - 2020-01-15 21:54 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 21:50 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 21:50 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-15 11:11 - 2020-01-15 11:11 - 000000850 _____ C:\Users\Martin\Downloads\winmail.dat
2020-01-12 12:25 - 2020-01-12 12:25 - 001445380 _____ C:\Users\Martin\Desktop\důchod_2020.pdf
2020-01-11 13:59 - 2020-01-11 14:29 - 000000000 ____D C:\Users\Martin\Desktop\Dokumenty od Rudy
2020-01-01 17:41 - 2020-01-01 17:41 - 004337582 _____ C:\Users\Martin\Downloads\1633981191_BoraBora_Island.zip
2020-01-01 17:33 - 2020-01-01 17:33 - 003516615 _____ C:\Users\Martin\Downloads\407680651_Beijing__40_Peking__41_-China_V2.zip
2020-01-01 15:02 - 2020-01-01 15:02 - 001567436 _____ C:\Users\Martin\Downloads\cs.locale
2019-12-22 14:41 - 2019-12-22 14:41 - 000001113 _____ C:\Users\Martin\Desktop\Euro Truck Simulator 2 Road to the Black Sea.lnk
2019-12-22 14:41 - 2019-12-22 14:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Road to the Black Sea
2019-12-22 00:45 - 2019-12-22 00:58 - 000000000 ____D C:\Users\Martin\AppData\Roaming\CitizenFX
2019-12-22 00:45 - 2019-12-22 00:45 - 000000000 ____D C:\Users\Martin\AppData\Local\DigitalEntitlements
2019-12-22 00:20 - 2019-12-22 00:20 - 009099748 _____ (cfx-collective) C:\Users\Martin\Downloads\FiveM(1).exe
2019-12-21 21:50 - 2019-12-21 21:50 - 008556152 _____ (cfx-collective) C:\Users\Martin\Downloads\FiveM.exe
2019-12-21 21:26 - 2019-12-21 19:53 - 009099748 _____ (cfx-collective) C:\Users\Martin\Documents\FiveM.exe
2019-12-21 19:50 - 2019-12-24 12:02 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Discord
2019-12-21 19:50 - 2019-12-21 19:50 - 000002238 _____ C:\Users\Martin\Desktop\Discord.lnk
2019-12-21 19:50 - 2019-12-21 19:50 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-12-21 19:50 - 2019-12-21 19:50 - 000000000 ____D C:\Users\Martin\AppData\Local\Discord
2019-12-20 11:01 - 2019-12-20 11:01 - 000000000 _____ C:\Users\Martin\Desktop\Nový textový dokument (2).txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-19 19:56 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-19 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-19 14:44 - 2019-08-07 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-19 14:12 - 2019-01-08 11:42 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2020-01-19 12:25 - 2018-11-18 18:48 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-19 12:05 - 2019-01-08 11:06 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2020-01-19 01:44 - 2019-01-12 02:30 - 000000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2020-01-19 00:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-19 00:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-18 21:11 - 2019-08-07 17:26 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-18 21:11 - 2019-03-19 12:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-18 21:11 - 2019-03-19 12:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-18 21:11 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-18 21:05 - 2019-08-07 17:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 21:05 - 2019-05-21 11:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-18 21:04 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 18:59 - 2019-08-07 17:19 - 000000000 ____D C:\Users\Martin
2020-01-18 14:20 - 2019-01-08 11:24 - 000000000 ____D C:\Users\Martin\AppData\Local\D3DSCache
2020-01-17 09:14 - 2019-08-07 17:13 - 000439792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 22:43 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 22:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 22:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 22:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 11:05 - 2018-05-10 08:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 21:55 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 21:55 - 2018-05-10 08:03 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-15 19:18 - 2019-12-05 19:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-15 19:18 - 2019-01-08 11:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-14 16:56 - 2019-08-07 17:22 - 000004656 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-14 16:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-14 16:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-09 11:15 - 2019-01-08 11:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-07 17:12 - 2019-08-07 17:22 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1952709571-807798404-1509361630-1003
2020-01-07 17:12 - 2019-08-07 17:19 - 000002364 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-07 17:12 - 2019-01-08 10:52 - 000000000 ___RD C:\Users\Martin\OneDrive
2019-12-31 19:01 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-29 15:12 - 2019-01-09 01:10 - 000000000 ____D C:\Users\Martin\Documents\Euro Truck Simulator 2
2019-12-29 14:25 - 2019-03-02 14:35 - 000000000 ____D C:\Users\Martin\AppData\Roaming\obs-studio
2019-12-28 14:18 - 2019-03-22 22:54 - 000000000 ____D C:\Users\Martin\AppData\Roaming\slobs-client
2019-12-23 16:07 - 2018-05-10 07:48 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-22 00:35 - 2019-03-20 15:34 - 000000000 ____D C:\Users\Martin\AppData\Local\FiveM
2019-12-22 00:32 - 2019-03-20 15:34 - 000002213 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
2019-12-21 22:31 - 2019-11-02 13:19 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-12-21 22:31 - 2019-11-02 13:18 - 000000000 ____D C:\Program Files\Rockstar Games
2019-12-21 21:39 - 2019-03-20 15:34 - 000002123 _____ C:\Users\Martin\Desktop\FiveM Singleplayer.lnk
2019-12-21 19:50 - 2019-04-22 11:13 - 000000000 ____D C:\Users\Martin\AppData\Local\SquirrelTemp
2019-12-20 17:08 - 2019-09-16 21:11 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories ========

2019-03-28 22:14 - 2019-03-28 22:14 - 000000002 _____ () C:\Users\Martin\AppData\Roaming\ExplorerFavorites.txt
2019-03-22 14:08 - 2002-08-29 18:33 - 000319488 _____ () C:\Users\Martin\AppData\Roaming\MafiaSetup.exe
2019-09-16 22:26 - 2019-09-16 22:26 - 000000027 _____ () C:\Users\Martin\AppData\Local\.sdpl-system-config4
2019-07-28 00:07 - 2019-07-28 00:07 - 000000017 _____ () C:\Users\Martin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[martin06]

Zde je log z add

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Martin (19-01-2020 19:58:51)
Running from C:\Users\Martin\Downloads
Windows 10 Home Version 1903 18362.592 (X64) (2019-08-07 16:22:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1952709571-807798404-1509361630-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1952709571-807798404-1509361630-503 - Limited - Disabled)
Guest (S-1-5-21-1952709571-807798404-1509361630-501 - Limited - Disabled)
Martin (S-1-5-21-1952709571-807798404-1509361630-1003 - Administrator - Enabled) => C:\Users\Martin
WDAGUtilityAccount (S-1-5-21-1952709571-807798404-1509361630-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Dead Island" (HKLM-x32\...\{8740F475-EF62-402B-8B3A-CBD1017B7E6C}_is1) (Version: - )
Acronis True Image OEM (HKLM-x32\...\{52497ECE-588E-41F3-8233-E0749ED085F7}) (Version: 22.0.10510 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 2.00.12 - ASUSTeK Computer Inc.)
AIDA64 Extreme v6.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.00 - FinalWire Ltd.)
Aktualizace NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.4.1 - Advanced Micro Devices, Inc.)
ApowerPDF V4.1.0.124 (HKLM-x32\...\{99A1CF84-3154-433D-9F73-0A4D4DACBA1A}_is1) (Version: 4.1.0.124 - Apowersoft LIMITED)
Apowersoft Online Launcher verze 1.7.1 (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.1 - APOWERSOFT LIMITED)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.50.1 - Asmedia Technology)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.05.38 - ASUSTeK Computer Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Název společnosti:) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
Cities Skylines Campus (HKLM-x32\...\Cities Skylines Campus_is1) (Version: - )
Cities Skylines Industries (HKLM-x32\...\Cities Skylines Industries_is1) (Version: - )
Code 3 Callouts (HKLM\...\{6E173224-465C-485C-8859-F16280739A21}) (Version: 1.2.1.0 - Stealth22)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Cooking Simulator (HKLM-x32\...\Cooking Simulator_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dying Light (HKLM-x32\...\Dying Light_is1) (Version: 1.11.0.0 - Techland)
Euro Truck Simulator 2 Beyond the Baltic Sea (HKLM-x32\...\Euro Truck Simulator 2 Beyond the Baltic Sea_is1) (Version: - )
Euro Truck Simulator 2 Road to the Black Sea (HKLM-x32\...\Euro Truck Simulator 2 Road to the Black Sea_is1) (Version: - )
Euro Truck Simulator 2 v.1.35.1.1s (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: - )
Excla WAVclean 1.9.3 (HKLM-x32\...\{4A64D33C-289E-4D32-8079-DA46A4FEBC2D}) (Version: 1.9.3 - Excla Inc)
Far Cry 5 (HKLM-x32\...\Far Cry 5_is1) (Version: - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
FiveM (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\CitizenFX_FiveM) (Version: - The CitizenFX Collective)
Forza Horizon 4 Ultimate Edition MULTi16 - ElAmigos verze 1.332.904.2 (HKLM-x32\...\{236DFCEC-29C2-4C1B-8598-32308D2B7BAB}_is1) (Version: 1.332.904.2 - Microsoft)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{C690B2D9-0AA8-8CDA-965D-FED648C3EF9C}) (Version: 10.1.17134.1 - Microsoft) Hidden
LSPD First Response (HKLM-x32\...\LSPD First Response) (Version: 0.4.4 - G17 Media)
Mafia Game (HKLM-x32\...\Mafia Game) (Version: - )
Max Payne (HKLM-x32\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version: - )
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version: - 4A Games)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 436.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.15 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Název společnosti:)
OPRAVA PC ONLINE (HKLM-x32\...\{5E71387E-2CF7-1F26-C919-7FACFF27D2EF}) (Version: 7.11.760 - LogMeIn, Inc.)
Ovládací panel NVIDIA 436.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 436.15 - NVIDIA Corporation) Hidden
PC Building Simulator Razer Workshop (HKLM-x32\...\PC Building Simulator Razer Workshop_is1) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8339 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.17.199 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
Sejda PDF Desktop (HKLM\...\{32EDEC65-754A-49A6-BA01-4BD19DACB909}) (Version: 5.3.6 - Sejda BV)
Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: - )
Sniper Ghost Warrior Contracts (HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\Sniper Ghost Warrior Contracts) (Version: - HOODLUM)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.12.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.12.1 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.3.2 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Toolkit Documentation (HKLM-x32\...\{563689A6-D95B-EA6D-665F-97959643E0DB}) (Version: 10.1.17134.1 - Microsoft) Hidden
Tropico 6 (HKLM-x32\...\Tropico 6_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VEGAS Pro 16.0 (HKLM\...\{0D090E4F-12A2-11E9-A3DD-00155D6302F2}) (Version: 16.0.361 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Watch_Dogs 2 (HKLM-x32\...\{B0E33297-78B1-4B37-B8C1-39150F2DEE43}_is1) (Version: - Ubisoft)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{d794748d-72e9-45d7-9ab7-83d6c4c80f7f}) (Version: 10.1.17134.1 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Wolfenstein. II The New Colossus Deluxe Edition (5xDLC)(Update-7)(CZ) verze v1.7.0 (HKLM-x32\...\{10955CA4-B11D-4C98-90A4-24BB9EBB15BA}_is1) (Version: v1.7.0 - Wolfenstein. II The New Colossus Deluxe Edition (5xDLC)(Update-7)(CZ))
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: 1.01 (20.05.2014) - Xerox Corporation)
Xerox Phaser 3020 XPS (Windows 8) (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows 8)) (Version: 3.03.13.02:11 - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1680.3.0_x86__kgqvnymyfvs32 [2020-01-19] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_7.0.0.2_x86__m9bz608c1b9ra [2019-12-05] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-17] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-05] (Microsoft Corporation)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-11-13] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-08] (Fitbit)
Forza Horizon 4 -> D:\Forza Horizon 4 Ultimate Edition\Fh4 [2019-08-13] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> D:\Forza Horizon 4 Ultimate Edition\FH4_FortuneIsland [2019-08-13] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> D:\Forza Horizon 4 Ultimate Edition\FH4_Lego [2019-08-13] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-27] (Thumbmunkeys Ltd) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-12-01] (Acronis International GmbH -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-08-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Martin\Desktop\(32х)Euro Truck Simulator 2.lnk -> D:\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software) <==== Cyrillic
Shortcut: C:\Users\Martin\Desktop\(64х)Euro Truck Simulator 2.lnk -> D:\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software) <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2018-05-10 07:55 - 2015-06-03 00:17 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 000277538 _____ () [File not signed] C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\LIBMAGIC.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\ClaymoreProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:43 - 000053248 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\cpuutil.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\CharmProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001951232 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\R2Clib.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000073728 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\RogNewmouseProtocol.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001777664 _____ () [File not signed] C:\Program Files (x86)\LightingService\1.00.39\Vender.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 21:55 - 2018-04-24 21:55 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2020-01-17 09:24 - 2020-01-17 09:24 - 003155968 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\99d4d1517fce7e88fdc7720cd47e3c15\DotNetCommon.ni.dll
2018-05-10 07:55 - 2017-06-01 21:24 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2018-05-10 07:55 - 2015-06-03 00:17 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2018-05-10 07:55 - 2017-06-01 21:24 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\asacpiEx.dll
2018-05-10 07:55 - 2015-06-03 00:17 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiex.dll
2018-05-10 07:55 - 2015-06-03 00:17 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 000081920 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\AudioLEDCtrl.dll
2020-01-17 09:24 - 2020-01-17 09:24 - 004811776 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\85686ec4ade54b9fed04bc6596225c18\DiscSoft.NET.Common.ni.dll
2019-08-07 17:45 - 2019-08-07 17:45 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL
2017-12-01 14:44 - 2017-12-01 14:44 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2017-12-01 14:44 - 2017-12-01 14:44 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-04-24 23:01 - 2018-04-24 23:01 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 21:55 - 2018-04-24 21:55 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 002039296 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\LED_DLL_forMB.dll
2018-11-18 18:46 - 2018-02-06 19:48 - 001628672 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\LightingService\1.00.39\VGA_Extra.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Martin\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Martin\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{157220B2-A992-48F2-9779-D642CCA7333E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F89571E2-7AB9-4D70-A3C9-EA8CAB75DAFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6AA80FA2-25EB-4D3E-96AA-BB14E1064E03}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{07CB3293-9AC9-4F1C-B49E-1719A5DE237E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{62CDB889-D1DB-4D53-84BA-656041AE9544}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe No File
FirewallRules: [TCP Query User{04E3D910-656D-4D3C-8DD4-5B52A01F42E9}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe No File
FirewallRules: [UDP Query User{B0C36551-5C28-47C5-A3FB-65A9DF0E63DE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{813997DD-A021-4CD9-B632-07B03270DF9E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{33ACD65F-1B0E-4BC8-95AB-A83A4F3CA441}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0141E8B5-CB5A-4644-A396-E28307B5042D}] => (Allow) D:\Dead Island\DeadIslandGame.exe (Techland) [File not signed]
FirewallRules: [{1E6DDDB3-2839-4D6D-94D7-D151F59C5B15}] => (Allow) D:\Dead Island\DeadIslandGame.exe (Techland) [File not signed]
FirewallRules: [{A3C2A781-2DB4-4BAA-8614-504F5379DB76}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{C01D4D4E-962C-4754-B154-C9113E81053A}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{6DC3FF49-0F57-476B-B377-E4E39110F36B}] => (Allow) D:\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C633A48E-625F-4A21-89AA-9341DD0CFD7F}] => (Allow) D:\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7C1634F2-EE1D-468A-B0ED-5BB3F1DC956F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{4DE6C839-0421-40DD-A107-F4D93AF5151A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{29D6F94D-2315-44C0-B8B9-B3D3528C120C}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{D45BAE82-5571-4D09-AC65-53B0D7651FA1}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe No File
FirewallRules: [{2DC00B46-1878-4D94-B58E-DE1CB622374F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{27063BC7-EC0F-4F08-BCCA-57EF139A618E}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{8280EF09-BBB4-479D-9814-DF70638989CA}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [TCP Query User{51E506C4-3805-47CA-B43D-43B27A98F55C}D:\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dyinglightgame.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [UDP Query User{D9E01699-4A10-4FDC-8528-BC0BD55C287E}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [TCP Query User{9D044B38-ACE0-456A-B469-60F981C35A9A}D:\dying light\devtools\dyinglightplayer.exe] => (Allow) D:\dying light\devtools\dyinglightplayer.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{C30C0CFF-04A7-4DFF-ABCD-9AF87D6153AE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{15DCDB1C-7028-4F71-884B-3840CDE704CE}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D1771151-2481-4654-B7BA-EB0E413A1EE8}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{0D33FFEB-3307-4E4F-8B7E-41B7BF00B9B7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D64CF47A-2578-44EB-86DD-A1DA917FB732}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D2D65BC2-DEA7-44EA-AF90-BC0F37D35799}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{927C3AFE-EA8B-47BA-88F9-BE2E3C8997E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B74D9F64-A9E5-4D21-8D47-05D37796DBC2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{829EBAA3-C684-456D-909F-A18E406C43A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EB40C5F4-2934-4552-ABC1-9338D16A29EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF20DF16-FCE6-42E0-948E-56F57237928B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{562552BB-7272-4269-8CF1-579CABB87AE7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{CDBB2A6F-ECD5-4F4A-AD6B-49EC29146CE0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{EF1678BC-75D2-4960-A9A1-58735A01AE4B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{B79D168C-2CF6-4F63-84CE-2F795E51EE06}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{22E3BC61-97EA-40E2-96A3-C23FCA3C8593}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{4D5EC006-4E5D-45BA-9DA9-03033A677DF5}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{E813B00A-98EB-4E01-AEA8-943623762734}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{EC11AA58-02DE-48FC-80D0-00EAAD7C3EA5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{5059776B-7F65-40DE-B9FB-668486167F1B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{632CA24B-495C-451D-B330-035B5C1F65B6}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{08647957-8047-41E1-A2D7-37F4A6DAA28F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{4053D2D5-87E6-4EB0-BBA4-458F744FFF52}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{A481F9AF-A0A7-455A-B8C5-B578AE560DBA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{CB974840-B8FF-4679-AD84-0A67AF9439C1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{AC11FB4E-A0E1-4C44-B5A3-CAD453DF9668}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{EF0CED9E-5F4D-4F57-BAF7-CAB4227B9394}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{6DC94B6A-245A-45D0-8A54-7093F8D55E51}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{65F74D3A-DAB3-41FC-988A-BBEE211101EC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{D15654EB-8D2F-48DD-A6ED-6499EAA18E59}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{467EAA10-5E78-4966-9300-A1B6F3D0DCCF}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{DFA95FC1-DB8E-4EAC-9605-FB0F2AFDB4D4}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{20EEFE3B-9E1B-4D68-A3CE-68DBDD5BD6A3}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{CB7AF246-B803-4478-8D04-B1D992830D4C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7B30EF68-9BEC-4BBB-B21D-D5A0C41ECE7B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{F1B9E84E-671C-4778-BC7E-A99986ACE1A9}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{31F5C67B-8A3A-40DF-8B14-5BD9B168D253}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C6FEDF45-8DCA-4550-9741-FBC22447034D}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{76525791-A4AA-4A36-A548-59C551EA6E45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C05117F0-C3F7-4D83-A1E7-D4731BB071F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3C10719-C31B-42CE-8557-7158B5760851}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7DFE8419-950A-46CC-B8FC-FAB262B566EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2EE9FF7D-B819-49D3-AE13-9E3CA0D05551}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [{B4C8B6B1-77FD-4D0E-88FA-C6453FC19371}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (Bluehole, Inc. -> PUBG Corporation )
FirewallRules: [TCP Query User{4658BD78-E5DA-4434-BD0F-FD3D026338DE}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [UDP Query User{36AE5206-19B4-4270-9ACA-6AD17B077E6A}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole, Inc. -> Bluehole GinnoGames, Inc.)
FirewallRules: [{7E6F36FB-A838-4B9F-9A5F-D5D6A21E1075}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B2E7890C-F611-4EC4-9DF8-2C8DFEE1AA37}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{76E8F8CA-9108-43BE-ABC3-D2320E8D8B01}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{0F973F44-95F7-4528-8411-25F4524A2A9C}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D539D077-22F1-4A4E-ACD9-B12F91403590}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{14308295-25F2-4901-8DF5-530EA628C62A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{EC4ACF0B-20CA-432E-8E69-CD38F92213D5}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [UDP Query User{E0B385EF-13F8-43C0-9461-0E4A0DFD270C}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Allow) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed]
FirewallRules: [TCP Query User{17BB8B65-C515-4653-A0E5-415FC691FB34}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{5467B834-12AA-4F4D-BE49-38233F3BA57F}C:\users\martin\appdata\local\fivem\fivem.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{38047FBD-87A4-4728-983C-83057318927F}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [UDP Query User{5F5571F8-28D5-4122-9084-4F13623D2A4B}C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\martin\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (cfx-collective) [File not signed]
FirewallRules: [TCP Query User{91BF487B-7481-498D-B60C-58BB1CFE7C15}C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe] => (Allow) C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe No File
FirewallRules: [UDP Query User{0847D8E5-46D3-408C-9240-48FDDEAB6FD5}C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe] => (Allow) C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe No File

==================== Restore Points =========================

31-12-2019 15:21:59 Naplánovaný kontrolní bod
10-01-2020 10:17:19 Naplánovaný kontrolní bod
15-01-2020 21:50:13 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/19/2020 07:22:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9448,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/19/2020 06:22:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4340,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/19/2020 05:50:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7408,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/19/2020 05:24:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13016,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/19/2020 04:22:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4744,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/19/2020 03:22:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7316,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/19/2020 02:22:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8040,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/18/2020 09:04:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/18/2020 09:04:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Acronis Managed Machine Service Mini byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/18/2020 09:04:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/18/2020 09:04:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Active Protection (TM) Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/18/2020 09:04:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Sync Agent Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/18/2020 09:04:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LightingService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/18/2020 09:04:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Nonstop Backup Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/18/2020 09:04:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-01-19 17:19:52.661
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3608E5AF-B966-4620-8827-AEF604E62FD6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-19 14:17:17.762
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0C22D409-6DC0-48FB-8109-E6A219E4A944}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-18 21:45:51.470
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {25347428-8251-47AF-A9D9-C457B8F4F034}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-18 14:23:23.902
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {571CA99C-1A7C-48A8-BC5C-4040497070A3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-04 13:59:52.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {5A5BF2E5-36FE-402F-8DB5-DCC6B4391720}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: American Megatrends Inc. 0409 08/24/2018
Motherboard: ASUSTeK COMPUTER INC. TUF B450M-PLUS GAMING
Processor: AMD Ryzen 5 1600X Six-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 16318.82 MB
Available physical RAM: 8734.07 MB
Total Virtual: 18750.82 MB
Available Virtual: 8831.16 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.52 GB) (Free:151.44 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.5 GB) (Free:99.02 GB) NTFS
Drive e: (Control) (CDROM) (Total:24.38 GB) (Free:0 GB) UDF
Drive f: (Euro Truck Simulator 2 Road to t) (CDROM) (Total:7.11 GB) (Free:0 GB) UDF
Drive g: (Sniper Ghost Warrior Contracts) (CDROM) (Total:11.63 GB) (Free:0 GB) UDF
Drive h: (Horizon 4) (CDROM) (Total:68.36 GB) (Free:0 GB) UDF

\\?\Volume{eefd00c4-824a-4bda-82d2-b0270ebff817}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{4b740878-0fc8-4a30-a5a9-05aa90f50aad}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{cbbc910d-1694-45ed-b3e9-76e61563b606}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Martin\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Martin\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [UDP Query User{62CDB889-D1DB-4D53-84BA-656041AE9544}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe No File
FirewallRules: [TCP Query User{04E3D910-656D-4D3C-8DD4-5B52A01F42E9}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe No File
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [TCP Query User{91BF487B-7481-498D-B60C-58BB1CFE7C15}C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe] => (Allow) C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe No File
FirewallRules: [UDP Query User{0847D8E5-46D3-408C-9240-48FDDEAB6FD5}C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe] => (Allow) C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {60327e6c-13ab-11e9-88ca-0c9d9262121a} - "H:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b6ffe-132a-11e9-88c9-0c9d9262121a} - "E:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7132-132a-11e9-88c9-0c9d9262121a} - "F:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7991-132a-11e9-88c9-0c9d9262121a} - "G:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION

EmptyTemp:
End

Uložte do C:\Users\Martin\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[martin06]

Zasílám log z Fixlogu, který se zobrazil po restartu pc

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Martin (19-01-2020 20:11:17) Run:1
Running from C:\Users\Martin\Downloads
Loaded Profiles: Martin (Available Profiles: Martin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\Users\Martin\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Martin\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
FirewallRules: [UDP Query User{62CDB889-D1DB-4D53-84BA-656041AE9544}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe No File
FirewallRules: [TCP Query User{04E3D910-656D-4D3C-8DD4-5B52A01F42E9}D:\games\rage 2\rage2.exe] => (Allow) D:\games\rage 2\rage2.exe No File
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [TCP Query User{91BF487B-7481-498D-B60C-58BB1CFE7C15}C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe] => (Allow) C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe No File
FirewallRules: [UDP Query User{0847D8E5-46D3-408C-9240-48FDDEAB6FD5}C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe] => (Allow) C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {60327e6c-13ab-11e9-88ca-0c9d9262121a} - "H:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b6ffe-132a-11e9-88c9-0c9d9262121a} - "E:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7132-132a-11e9-88c9-0c9d9262121a} - "F:\setup.exe"
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\...\MountPoints2: {c75b7991-132a-11e9-88c9-0c9d9262121a} - "G:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
C:\Users\Martin\Data aplikací => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\Martin\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{62CDB889-D1DB-4D53-84BA-656041AE9544}D:\games\rage 2\rage2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{04E3D910-656D-4D3C-8DD4-5B52A01F42E9}D:\games\rage 2\rage2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\OpenSSH-Server-In-TCP" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{91BF487B-7481-498D-B60C-58BB1CFE7C15}C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0847D8E5-46D3-408C-9240-48FDDEAB6FD5}C:\users\martin\appdata\local\programs\nicehash miner\miner_plugins\1b7019d0-7237-11e9-b20c-f9f12eb6d835\bins\miner.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60327e6c-13ab-11e9-88ca-0c9d9262121a} => removed successfully
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c75b6ffe-132a-11e9-88c9-0c9d9262121a} => removed successfully
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c75b7132-132a-11e9-88c9-0c9d9262121a} => removed successfully
HKU\S-1-5-21-1952709571-807798404-1509361630-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c75b7991-132a-11e9-88c9-0c9d9262121a} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9986048 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 427685893 B
Java, Flash, Steam htmlcache => 380236325 B
Windows/system/drivers => 1623126 B
Edge => 6418284 B
Chrome => 0 B
Firefox => 2010276649 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 351674 B
Martin => 33822318 B

RecycleBin => 0 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:13:17 ====

[Rudy]

Smazáno, log by již měl být OK.

[martin06]

oukej děkuji za kontrolu. Hezký večer.

[Rudy]

Hezký den a nemáte zač!