Zamrzání PC

Zpráva

ed · #1 Příspěvek od ed » 23 pro 2019 22:51

Ahoj,
prosím o kontrolu logu. PC po startu WIN dříve nebo později zamrzá.

Díky za tipy

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vladimir at 2019-12-23 22:46:22
Microsoft Windows 10 Pro
System drive C: has 6 GB (3%) free of 228 GB
Total RAM: 8190 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:26, on 23.12.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\Vladimir\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
C:\Program Files\trend micro\Vladimir.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Tmobile_Czech Estoril ModemListener] C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe start
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E7E7B640C719C6D8CE20F2E50D91D1E8] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Vladimir\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCXProcess] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.1512\SSScheduler.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3d396 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro.Alert service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, LLC. - C:\Program Files\McAfee Security Scan\3.11.1512\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - Unknown owner - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Tmobile_Czech Estoril Modem Device Helper - Unknown owner - C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16115 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4dd7f029-bdf1-4a0a-9d77-874dcb1aebba -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-874a1b26-947a-4136-96e4-7091db4f282b -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-33ce9b1a-4dc4-4ca4-98bd-6e07d4e64f55 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-255ca29f-843d-466f-a209-73980a8b6356 -LifetimeId:ab22ebab-e885-4330-aa81-1521282a777b -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service
C:\WINDOWS\system32\svchost.exe -k LocalService -p
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s CscService
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
C:\WINDOWS\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe" -start
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /tray
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"ctfmon.exe"

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d8750a6b-5b98-4556-adfc-46950bfd215a -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-89afe216-1bb1-4c3a-903c-6c7cacc136c2 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a2856986-405b-4251-ab75-d88237fd0240 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-bb1105b3-df53-4a42-ac4d-4ad35e5cf0e9 -LifetimeId:edd98243-0419-4687-bfde-3218d6978460 -DeviceGroupId:WpdFsGroup -HostArg:0
dashost.exe {f6f36564-ca88-4679-88eb36e83841961a}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -s SCardSvr
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
adb fork-server server
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\WINDOWS\system32\browser_broker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19112.111.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
C:\WINDOWS\system32\MicrosoftEdgeSH.exe SCODEF:7476 CREDAT:9730 APH:1000000000000005 JITHOST /prefetch:2
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\AUDIODG.EXE 0x614
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Users\Vladimir\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\js\main.js"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe"
"C:\Program Files\McAfee Security Scan\3.11.1512\SSScheduler.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe" "-launchedbyvulcan-8160 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe"
"C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" /SysAutoRun
"C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe" start
"C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --log-file="C:\Users\Vladimir\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --use-gl=swiftshader-webgl --field-trial-handle=2604,10938624794774244321,12893037759001033885,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --disable-gpu-compositing --service-pipe-token=5905917987283875904 --lang=en-US --locales-dir-path="C:\Program Files\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Vladimir\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 10.0.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.75 Safari/537.36 CreativeCloud/5.0.0.354" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5905917987283875904 --renderer-client-id=3 --mojo-platform-channel-handle=2640 /prefetch:1
"C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
"C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe" -autoupdate -startplugins -disableshowcontrolpanel
"C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
"C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe"
"C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe" "C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\js\server.js"
"C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe" -Embedding
"C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe"
"C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe" -ServerName:App.AppXbdz14xebceycqvrazxqtnx89wn9e0ebz.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe" --pipename={D53193E3-45CD-4D0C-B0FD-57FCA84AB4DF}
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup

"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=79.0.3945.88 --initial-client-data=0xec,0xf0,0xf4,0xe8,0xf8,0x7ff90a53dd08,0x7ff90a53dd18,0x7ff90a53dd28
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=11456 --on-initialized-event-handle=72 --parent-handle=396 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1744,16407356169028166964,17895881514188049888,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=15626393568583726977 --mojo-platform-channel-handle=1760 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1744,16407356169028166964,17895881514188049888,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --service-request-channel-token=17376024381077317992 --mojo-platform-channel-handle=1988 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=1744,16407356169028166964,17895881514188049888,131072 --lang=cs --extension-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=203135231732710374 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3616 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=1744,16407356169028166964,17895881514188049888,131072 --lang=cs --extension-process --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17540156234759190482 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3928 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=nacl-loader --service-request-channel-token=6347095824080175504 --mojo-platform-channel-handle=4864 --ignored=" --type=renderer " /prefetch:8
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=1744,16407356169028166964,17895881514188049888,131072 --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3096322197632120013 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4384 /prefetch:1
"C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe" -periodicpoll
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=1744,16407356169028166964,17895881514188049888,131072 --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17540269104835167421 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5800 /prefetch:1
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX54h2e8jwdm50fj5ha8987vz1etpx7czd.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --remote-debugging-port=9223 --field-trial-handle=1744,16407356169028166964,17895881514188049888,131072 --lang=cs --disable-oor-cors --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17714656140580913871 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2928 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 848 852 860 8192 856
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1822121048-3009854048-383741908-10014_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1822121048-3009854048-383741908-10014 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Users\Vladimir\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d668d38e.default-1403463649564

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Citrix.com/npican]
"Description"=Citrix ICA Client Plugin
"Path"=C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@EDVR/WebClient]
"Description"=EDVR Web Client Plugin
"Path"=C:\windows\system32\WebClient\npwebclient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-03-19 84992]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-10 509936]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2019-10-08 2872400]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2019-10-25 302904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_E7E7B640C719C6D8CE20F2E50D91D1E8"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2019-12-14 1704944]
"OneDrive"=C:\Users\Vladimir\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-11-23 1585000]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2017-03-28 1421736]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-09-28 8944344]
"CCXProcess"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [2019-11-26 144008]
"AdobeBridge"= []
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [2017-01-09 680520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2013-12-27 570880]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-11-22 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2015-12-26 2724432]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"Tmobile_Czech Estoril ModemListener"=C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [2014-12-11 159016]
"Adobe Creative Cloud"=C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2019-09-27 2084920]
"ConnectionCenter"=C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [2018-05-17 638352]
"Redirector"=C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [2018-05-17 407440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.1512\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-12-23 22:46:21 ----D---- C:\rsit
2019-12-23 11:24:15 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-12-23 11:24:02 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2019-12-11 17:42:10 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2019-12-11 17:42:10 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-11 17:42:09 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2019-12-11 17:42:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2019-12-11 17:42:08 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2019-12-11 17:42:08 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2019-12-11 17:42:08 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2019-12-11 17:42:08 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-11 17:42:08 ----A---- C:\WINDOWS\system32\mfcore.dll
2019-12-11 17:42:08 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-11 17:42:07 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-12-11 17:42:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-12-11 17:42:05 ----A---- C:\WINDOWS\system32\rdpudd.dll
2019-12-11 17:42:05 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 17:42:05 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2019-12-11 17:42:05 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-12-11 17:42:05 ----A---- C:\WINDOWS\system32\fhcfg.dll
2019-12-11 17:42:05 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-12-11 17:42:05 ----A---- C:\WINDOWS\system32\drivers\rdpvideominiport.sys
2019-12-11 17:42:04 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-12-11 17:42:04 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-12-11 17:42:03 ----A---- C:\WINDOWS\system32\tcbloader.dll
2019-12-11 17:42:03 ----A---- C:\WINDOWS\system32\securekernel.exe
2019-12-11 17:42:03 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-12-11 17:42:03 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-12-11 17:42:02 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2019-12-11 17:42:02 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2019-12-11 17:42:02 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2019-12-11 17:42:02 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2019-12-11 17:42:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2019-12-11 17:42:01 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2019-12-11 17:42:01 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2019-12-11 17:42:01 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2019-12-11 17:41:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 17:41:57 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2019-12-11 17:41:57 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2019-12-11 17:41:57 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2019-12-11 17:41:57 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2019-12-11 17:41:57 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2019-12-11 17:41:57 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2019-12-11 17:41:57 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2019-12-11 17:41:56 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2019-12-11 17:41:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2019-12-11 17:41:56 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2019-12-11 17:41:56 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2019-12-11 17:41:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2019-12-11 17:41:55 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2019-12-11 17:41:55 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-12-11 17:41:55 ----A---- C:\WINDOWS\system32\pnidui.dll
2019-12-11 17:41:55 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 17:41:55 ----A---- C:\WINDOWS\system32\gdi32full.dll
2019-12-11 17:41:55 ----A---- C:\WINDOWS\system32\fdProxy.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\wow64win.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\services.exe
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\lpk.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\KernelBase.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\fontsub.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-11 17:41:54 ----A---- C:\WINDOWS\system32\dciman32.dll
2019-12-11 17:41:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 17:41:53 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-12-11 17:41:52 ----A---- C:\WINDOWS\system32\sppobjs.dll
2019-12-11 17:41:52 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 17:41:52 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-12-11 17:41:52 ----A---- C:\WINDOWS\system32\msctf.dll
2019-12-11 17:41:51 ----A---- C:\WINDOWS\system32\winresume.exe
2019-12-11 17:41:51 ----A---- C:\WINDOWS\system32\shell32.dll
2019-12-11 17:41:51 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2019-12-11 17:41:50 ----A---- C:\WINDOWS\system32\winload.exe
2019-12-11 17:41:50 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 17:41:50 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 17:41:50 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-12-11 17:41:50 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2019-12-11 17:41:49 ----A---- C:\WINDOWS\system32\win32u.dll
2019-12-11 17:41:49 ----A---- C:\WINDOWS\system32\win32kfull.sys
2019-12-11 17:41:49 ----A---- C:\WINDOWS\system32\win32k.sys
2019-12-11 17:41:49 ----A---- C:\WINDOWS\system32\usosvc.dll
2019-12-11 17:41:49 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2019-12-11 17:41:49 ----A---- C:\WINDOWS\system32\user32.dll
2019-12-11 17:41:48 ----A---- C:\WINDOWS\system32\windows.storage.dll
2019-12-11 17:41:48 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 17:41:48 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 17:41:48 ----A---- C:\WINDOWS\system32\win32kbase.sys
2019-12-11 17:41:48 ----A---- C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 17:41:48 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\autopilot.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-11 17:41:47 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-11 07:00:18 ----D---- C:\WINDOWS\Panther
2019-12-05 06:41:39 ----A---- C:\WINDOWS\SYSWOW64\hmpalert.dll
2019-12-05 06:41:39 ----A---- C:\WINDOWS\system32\hmpalert.dll
2019-11-26 23:41:06 ----D---- C:\ProgramData\McAfee Security Scan

======List of files/folders modified in the last 1 month======

2019-12-23 22:46:24 ----D---- C:\WINDOWS\Temp
2019-12-23 22:46:24 ----D---- C:\Program Files\trend micro
2019-12-23 22:45:50 ----D---- C:\WINDOWS\System32
2019-12-23 22:45:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-23 22:45:49 ----D---- C:\WINDOWS\INF
2019-12-23 22:43:39 ----D---- C:\WINDOWS\Prefetch
2019-12-23 22:42:43 ----D---- C:\WINDOWS\system32\sru
2019-12-23 22:41:21 ----D---- C:\ProgramData\NVIDIA
2019-12-23 22:40:48 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-12-23 22:40:37 ----D---- C:\WINDOWS\system32\SleepStudy
2019-12-23 22:31:34 ----D---- C:\WINDOWS\system32\config
2019-12-23 22:31:27 ----D---- C:\WINDOWS\system32\drivers
2019-12-23 22:31:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2019-12-23 12:26:53 ----SHD---- C:\System Volume Information
2019-12-23 11:31:45 ----D---- C:\WINDOWS\system32\LogFiles
2019-12-23 11:24:52 ----D---- C:\WINDOWS\system32\DriverStore
2019-12-23 11:24:30 ----D---- C:\ProgramData\NVIDIA Corporation
2019-12-23 11:24:27 ----D---- C:\Program Files\NVIDIA Corporation
2019-12-23 11:24:26 ----D---- C:\WINDOWS\system32\Tasks
2019-12-23 11:24:15 ----D---- C:\Windows
2019-12-23 11:24:12 ----D---- C:\WINDOWS\system32\catroot2
2019-12-23 11:07:49 ----D---- C:\WINDOWS\LiveKernelReports
2019-12-22 20:38:30 ----RD---- C:\WINDOWS\Microsoft.NET
2019-12-21 05:31:12 ----D---- C:\WINDOWS\Logs
2019-12-20 23:15:48 ----HD---- C:\Program Files\WindowsApps
2019-12-20 23:15:45 ----D---- C:\WINDOWS\AppReadiness
2019-12-20 16:22:18 ----SHD---- C:\WINDOWS\Installer
2019-12-20 16:22:18 ----SHD---- C:\Config.Msi
2019-12-20 16:21:58 ----D---- C:\WINDOWS\SysWOW64
2019-12-19 21:55:15 ----HD---- C:\adobeTemp
2019-12-18 00:00:25 ----D---- C:\WINDOWS\WinSxS
2019-12-13 06:41:43 ----D---- C:\WINDOWS\system32\NDF
2019-12-12 07:04:08 ----SHD---- C:\Boot
2019-12-12 07:03:48 ----D---- C:\ProgramData\HitmanPro.Alert
2019-12-11 23:31:14 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-12-11 23:31:14 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-12-11 23:31:14 ----D---- C:\WINDOWS\SystemResources
2019-12-11 23:31:14 ----D---- C:\WINDOWS\system32\uk-UA
2019-12-11 23:31:14 ----D---- C:\WINDOWS\system32\pl-PL
2019-12-11 23:31:14 ----D---- C:\WINDOWS\system32\migration
2019-12-11 23:31:14 ----D---- C:\WINDOWS\system32\en-US
2019-12-11 23:31:14 ----D---- C:\WINDOWS\system32\cs-CZ
2019-12-11 23:31:14 ----D---- C:\WINDOWS\system32\Boot
2019-12-11 23:31:14 ----D---- C:\WINDOWS\ShellExperiences
2019-12-11 23:31:14 ----D---- C:\WINDOWS\bcastdvr
2019-12-11 17:46:36 ----D---- C:\WINDOWS\system32\MRT
2019-12-11 17:46:20 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-12-11 17:46:13 ----D---- C:\WINDOWS\CbsTemp
2019-12-11 17:17:29 ----D---- C:\Users\Vladimir\AppData\Roaming\Adobe
2019-12-11 07:12:11 ----AD---- C:\Program Files\Adobe
2019-12-11 07:12:07 ----D---- C:\Program Files\Common Files\Adobe
2019-12-11 07:11:00 ----D---- C:\ProgramData\Adobe
2019-12-11 07:00:07 ----AD---- C:\Program Files (x86)\HitmanPro.Alert
2019-12-10 21:12:42 ----D---- C:\Program Files (x86)\Internet Explorer
2019-12-09 14:13:37 ----D---- C:\WINDOWS\system32\drivers\wd
2019-12-08 17:28:07 ----D---- C:\WINDOWS\Downloaded Installations
2019-12-01 21:51:37 ----D---- C:\WINDOWS\Minidump
2019-11-26 23:41:33 ----D---- C:\Program Files\McAfee Security Scan
2019-11-26 23:41:07 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2015-11-26 116000]
R0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2019-09-11 252944]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2019-03-19 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2018-05-17 139888]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 hmpalert;HitmanPro.Alert Support Driver; \??\C:\WINDOWS\system32\drivers\hmpalert.sys [2019-12-05 323896]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-12-11 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2019-03-19 185344]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2015-11-26 367200]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-10-08 117048]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 nvvad_WaveExtensible;@oem59.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-10-11 50624]
R3 nvvhci;@oem60.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-10-11 57792]
R3 rt61x64;@oem17.inf,%General.Service.DispName%;RT61 Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr6164.sys [2010-04-07 446304]
R3 rt640x64;@oem58.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2019-06-04 711968]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-03-19 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-03-19 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 androidusb;ADB Interface Driver; C:\WINDOWS\System32\Drivers\androidusb.sys [2010-10-18 38424]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-14 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2019-08-01 137528]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2019-08-01 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2019-08-01 153912]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-09-11 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2019-11-14 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2019-11-14 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2019-11-14 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2019-11-14 98304]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-09-11 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-10-04 64000]
S3 htcnprot;@oem40.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-11-14 84488]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 jrdusbser;Mobile Connector Device for Legacy Serial Communication2; C:\WINDOWS\system32\DRIVERS\jrdusbser.sys [2013-06-18 123776]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-14 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30144]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-11 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2019-09-27 823352]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2015-11-26 3869688]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-10-08 3147344]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-10-08 2914896]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2019-08-26 96056]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_3d396;CDPUserSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-03-28 1099280]
R2 hmpalertsvc;HitmanPro.Alert service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2019-12-05 4473288]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-06-27 87368]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2019-03-19 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-19 136256]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460736]
R2 OneSyncSvc_3d396;OneSyncSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2015-12-26 506960]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_3d396;cbdhsvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2019-10-25 658232]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe []
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_3d396;AarSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-12 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_3d396;BcastDVRUserService_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_3d396;BluetoothUserService_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_3d396;CaptureService_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_3d396;ConsentUxUserSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_3d396;CredentialEnrollmentManagerUserSvc_3d396; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_3d396;DeviceAssociationBrokerSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_3d396;DevicePickerUserSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_3d396;DevicesFlowUserSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-09-11 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-08-01 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe [2019-12-14 1113072]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.1512\McCHSvc.exe [2019-11-13 408416]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_3d396;MessagingService_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-15 147624]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc_3d396;PimIndexMaintenanceSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_3d396;PrintWorkflowUserSvc_3d396; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2019-08-01 828216]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-19 54912]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 24 pro 2019 11:22

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT je s desítkami neslučitelný.

ed · #3 Příspěvek od ed » 27 pro 2019 15:56

Dobrý den,

tak tady logy z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2019
Ran by Vladimir (administrator) on VLADIMIR-PC (Gigabyte Technology Co., Ltd. EP45-UD3LR) (27-12-2019 15:49:01)
Running from C:\Users\Vladimir\Desktop
Loaded Profiles: Vladimir (Available Profiles: Vladimir & DefaultAppPool)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(JRD COMMUNICATION (SHENZHEN) LTD -> ) C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
(JRD COMMUNICATION (SHENZHEN) LTD -> ) C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\McAfee Security Scan\3.11.1512\SSScheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Vladimir\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2724432 2015-12-26] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] (JRD COMMUNICATION (SHENZHEN) LTD -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [GoogleChromeAutoLaunch_E7E7B640C719C6D8CE20F2E50D91D1E8] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-11-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1512\SSScheduler.exe (McAfee, LLC -> McAfee, LLC.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009307BB-1456-4C08-A044-EBDC89C887B4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0169D2A6-CC93-4E9F-8DDB-F30C42593E52} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {0517E315-330F-4D6C-947E-3161E904B5A7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1305BE7B-B995-478E-8E17-9829A1B8CB3D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B5C0CCB-AD12-4F14-A855-2A706F201A4D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1DCC81B0-3B6F-438A-8417-93D918235175} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {217081FB-A88D-4DDF-8424-1048BCCEB8BE} - \Reimage Reminder -> No File <==== ATTENTION
Task: {222B9874-5AB3-488D-A73A-DC9226BC4A06} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6889176 2016-09-28] (Piriform Ltd -> Piriform Ltd)
Task: {22E2131B-3F83-4253-AA63-A16BCA5DD91F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {245942BB-81E1-4266-98D7-248B8225C755} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {27D1319D-42DD-4F63-ADB7-6F6DE442D2DA} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {2C3FCFD1-09A7-44D0-9A6A-14408217AB1B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {32A03337-44C6-4658-8840-F2689FE27B64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {36FE0783-A9BF-4F66-962A-C20910E7D341} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B3F0652-247A-4C6E-A722-4192C174602B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {3BBFA573-4D52-4E0F-BEB3-AEF24A29B138} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {3C05E5EA-3B55-4217-8C53-977FB2737EB9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3CB7C269-8BAD-4077-95AD-1A47A4926E55} - System32\Tasks\{92BAE46E-7FB0-41D7-8D4F-7DDB9FD88AEF} => C:\Windows\system32\pcalua.exe -a C:\Users\Vladimir\Downloads\install\S-CNX2__-020301WU-___EN-ALL___.exe -d C:\Users\Vladimir\Downloads\install
Task: {3D46B06C-6B0E-4D6A-BCDF-2125EDF7FC7E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D9F7CD2-3331-4C72-A795-4A47E6B35148} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {3DD2DC4A-C3F5-4C22-8B59-316F61B657E9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E913995-F5F5-4AF3-8042-404D58F4B52F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848 2017-03-28] (Garmin International, Inc. -> )
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CB5DCD3-C72C-4A89-8EF9-500712B6AECB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {53236378-B38E-4C92-BE4F-2A5CE9DB74FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5B8409FA-9B05-4016-A9AC-358C621AEF46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2016-05-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6700AE5D-0509-48FC-BF7C-1E4DAA987822} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6726618A-9A72-4EEF-B72C-6B782A7AAC4C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {688B4C16-FCCF-4F2D-89DE-296F0E3AE670} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6BDE3817-4600-4E6F-A4FC-DD4437459B64} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {6C1559B6-62E3-46C4-8F60-5AA8B2088491} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E90CAC4-7650-475A-8A17-C764D1D8F6C9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {70DC75D4-01E7-4064-B1A6-585618CB0F19} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {75694CA5-A9AB-4520-B690-B6C4F5879610} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {76AB045A-5B52-419D-8BC0-0F61A5B0AE5A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {777B72AE-C569-42E4-B466-C445E6448A71} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {812AAAD1-864B-4ECE-8C81-BD2B67AFFC45} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8856C83E-E37B-4819-92AA-148F068B20A8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88F11029-D52B-40E3-A596-D3DB3C30D277} - \ReimageUpdater -> No File <==== ATTENTION
Task: {8AD70B51-B7CF-469A-B1DD-05098E53A175} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9121C318-2109-4AA9-B141-F50E2A940872} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {92E13B23-35E1-4929-8275-DC694C2F219F} - System32\Tasks\{6DD7216D-A9FC-4AA9-8025-8A45DBB1FEFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\SavePass\Uninstall.exe" -c /fcp=1
Task: {95FF13D3-E5E6-4D45-882A-E08B97F6D7D1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {99C1F44F-9956-45C3-B516-A0BCEB31F55D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9F011627-3182-4F4E-99FE-06B0AD1FAAD7} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A45B5DBF-2BC7-4A37-A3FE-FED0F55EF7B5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AA6FE720-784C-4531-BBA1-2D66D73D4D3E} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ec2a61b6c888 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {AE2B4861-433D-4282-9605-00F9EEB6A0C6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B15BF2E1-14FC-4FA0-8F49-A3601AB17AAE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {B3B291E1-F902-4F8B-89EA-9C871B124ACB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B6CF68C8-168E-4AFB-9A40-769875F2F9BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD105439-712D-48F5-BE93-FB2694CF9813} - System32\Tasks\{699B3B67-6396-40E6-BBAB-611E693B1CD9} => C:\Windows\system32\pcalua.exe -a "C:\Users\Vladimir\Downloads\Office 2007_CZ\setup.exe" -d "C:\Users\Vladimir\Downloads\Office 2007_CZ"
Task: {BE6C05F4-FABE-4CF5-ABBC-2C3DF1F2A5FD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C094ECD7-CC8E-49B7-8275-C0136B3A0A4A} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C11C580E-2AA0-487D-AB6F-48DB796EC30E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {C8255AEC-074F-4DBD-AA46-C33F8A41E5A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C888F290-B570-4604-AB41-FAA8281E8FA6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB4E68A2-8F36-4C16-BF61-C7949FDDFAA8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC4C1E21-B3A2-4910-818F-11D8B1D3302C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D48051FD-7385-4A14-AEE0-9A7E151A43A2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D8739396-B8CD-43AC-ACCA-A0E1A3258B8F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {DD178FDC-8D77-4413-A81B-C29B581A97A6} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {DE02839E-4F1D-4F9A-B90F-05C9AF1A19EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DF2701F3-8059-4A90-86C4-D8D407282646} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E13D46A2-1855-46E9-AA59-B58ACDF3B38D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E63A03BB-91C0-4E99-9266-5958051765B7} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ec2a61db19e5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E8ED12AC-BF2B-4953-BEFD-7751882C9E91} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EAE6F53C-8925-428C-ABC1-DAD62D2EA724} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC06D0E5-821E-4E83-BF8D-FEA81A1CE6D8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC084933-8B46-49B7-BEEF-E3CC3E9DC6FC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0334C39-9BA2-40EB-B7C4-F4B1AEA8AA73} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0FFB706-4948-4283-ABBF-C20E33666ADE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2493690-0413-45AB-89D9-BED37E243007} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F4F5D483-5A94-4622-BCBF-DB913C9328BC} - System32\Tasks\AdobeAAMUpdater-1.0-Vladimir-PC-Vladimir => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FA8977F8-AE07-4B81-B5D2-AE854B0F6BBA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19e480ab-3ab1-4c98-b201-ebe59ce78930}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{aa049f91-33bd-4900-9193-00ad49120759}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: d668d38e.default-1403463649564
FF ProfilePath: C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d668d38e.default-1403463649564 [2019-12-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] (Adobe Systems Incorporated -> )
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://www.dxomark.com; hxxps://www.mall.tv; hxxps://www.maxikovy-hracky.cz
CHR Profile: C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default [2019-12-27]
CHR Extension: (Podpořte) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\amaegjccccajmhnbcbeagblpdccimoeh [2016-11-30]
CHR Extension: (Hudba Google Play) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-11-04]
CHR Extension: (Google Play Music) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2017-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13]
CHR Profile: C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-31]
CHR HKU\S-1-5-21-1822121048-3009854048-383741908-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4473288 2019-12-05] (SurfRight B.V. -> SurfRight B.V.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG -> Nero AG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1512\McCHSvc.exe [408416 2019-11-13] (McAfee, LLC -> McAfee, LLC.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation -> Sony Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] (JRD COMMUNICATION (SHENZHEN) LTD -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [38424 2010-10-18] (ZTE CORPORATION -> Google Inc)
R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [323896 2019-12-05] (SurfRight B.V. -> SurfRight B.V.)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2012-12-07] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 jrdusbser; C:\WINDOWS\system32\DRIVERS\jrdusbser.sys [123776 2013-06-18] (Microsoft Windows Hardware Compatibility Publisher -> TCT International Mobile Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2015-11-26] (Acronis International GmbH -> Acronis International GmbH)
S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198432 2015-11-26] (Acronis International GmbH -> Acronis International GmbH)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbUDisc; C:\WINDOWS\System32\drivers\USBDrv_AMD64.sys [18392 2013-01-25] (Allwinner Technology Co.,Ltd. -> Scott)
R0 vidsflt; C:\WINDOWS\System32\DRIVERS\vidsflt.sys [117024 2015-11-26] (Acronis International GmbH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 zghsdiag; C:\WINDOWS\system32\DRIVERS\zghsdiag.sys [122624 2011-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 zghsmdm; C:\WINDOWS\system32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 zghsnmea; C:\WINDOWS\system32\DRIVERS\zghsnmea.sys [122624 2011-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-27 15:49 - 2019-12-27 15:50 - 000042044 _____ C:\Users\Vladimir\Desktop\FRST.txt
2019-12-27 15:48 - 2019-12-27 15:49 - 000000000 ____D C:\FRST
2019-12-27 15:47 - 2019-12-27 15:47 - 002272256 _____ (Farbar) C:\Users\Vladimir\Desktop\FRST64.exe
2019-12-27 15:46 - 2019-12-27 15:47 - 002272256 _____ (Farbar) C:\Users\Vladimir\Downloads\FRST64.exe
2019-12-23 22:46 - 2019-12-23 22:46 - 000000000 ____D C:\rsit
2019-12-23 22:45 - 2019-12-23 22:45 - 001222144 _____ C:\Users\Vladimir\Downloads\RSITx64.exe
2019-12-23 11:24 - 2019-12-23 11:24 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-12-23 11:24 - 000004000 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2017-10-11 02:05 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-12-23 11:24 - 2017-10-11 00:26 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-12-11 17:42 - 2019-12-11 17:42 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 17:42 - 2019-12-11 17:42 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 17:42 - 2019-12-11 17:42 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-11 17:42 - 2019-12-11 17:42 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-11 17:42 - 2019-12-11 17:42 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-11 17:42 - 2019-12-11 17:42 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-11 17:42 - 2019-12-11 17:42 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-11 17:42 - 2019-12-11 17:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 17:41 - 2019-12-11 17:41 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-11 17:41 - 2019-12-11 17:41 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-11 07:34 - 2019-12-11 07:34 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2019-12-11 07:23 - 2019-12-11 07:23 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2019-12-11 07:12 - 2019-12-11 07:12 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2020.lnk
2019-12-11 07:00 - 2019-12-11 07:00 - 000000000 ____D C:\WINDOWS\Panther
2019-12-10 23:23 - 2019-12-10 23:23 - 000001085 _____ C:\Users\Vladimir\Desktop\Adobe Lightroom Classic.lnk
2019-12-10 23:23 - 2019-12-10 23:23 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2019-12-10 21:24 - 2019-12-10 21:24 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2019-12-10 21:24 - 2019-12-10 21:24 - 000001038 _____ C:\Users\Vladimir\Desktop\Lightroom.lnk
2019-12-08 18:09 - 2019-12-08 18:11 - 000000000 ____D C:\Users\Vladimir\Downloads\d500
2019-12-08 18:09 - 2019-12-08 18:09 - 024281256 _____ C:\Users\Vladimir\Downloads\F-D500-V120W.exe
2019-12-07 13:40 - 2019-12-07 13:40 - 000178261 _____ C:\Users\Vladimir\Downloads\PJ2020_PK_ticket.pdf
2019-12-05 06:49 - 2019-12-05 06:49 - 000089591 _____ C:\Users\Vladimir\Downloads\OPEL INSIGNIA 2.0 CDTi 154kW Innovation ST Auto 4x4 A8 154kw AN_nabidka_OL.pdf
2019-12-05 06:41 - 2019-12-05 06:41 - 001107912 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll
2019-12-05 06:41 - 2019-12-05 06:41 - 000946120 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll
2019-12-05 06:38 - 2019-12-05 06:38 - 000001487 _____ C:\Users\Vladimir\Downloads\WEFfY29udHJvbGxlci5YQV9SRVNfQVBQTElDQVRJT04gJFM1LTEw (2).ica
2019-12-03 15:18 - 2019-12-03 15:18 - 000001486 _____ C:\Users\Vladimir\Downloads\WEFfY29udHJvbGxlci5YQV9SRVNfQVBQTElDQVRJT04gJFM1LTEw.ica
2019-12-01 21:52 - 2019-12-01 21:52 - 015397931 _____ C:\Users\Vladimir\Downloads\Photos (9).zip
2019-12-01 21:49 - 2019-12-01 21:49 - 001605024 _____ C:\Users\Vladimir\Downloads\Photos (8).zip
2019-12-01 21:48 - 2019-12-01 21:48 - 003956095 _____ C:\Users\Vladimir\Downloads\Photos (7).zip
2019-12-01 21:46 - 2019-12-01 21:46 - 006962705 _____ C:\Users\Vladimir\Downloads\Photos (6).zip
2019-12-01 21:31 - 2019-12-01 21:31 - 002753822 _____ C:\Users\Vladimir\Downloads\Photos (5).zip
2019-12-01 21:30 - 2019-12-01 21:31 - 009936299 _____ C:\Users\Vladimir\Downloads\Photos (4).zip
2019-12-01 21:28 - 2019-12-01 21:28 - 011352125 _____ C:\Users\Vladimir\Downloads\Photos (3).zip
2019-12-01 21:25 - 2019-12-01 21:25 - 006052063 _____ C:\Users\Vladimir\Downloads\Photos (2).zip
2019-12-01 21:24 - 2019-12-01 21:24 - 001534012 _____ C:\Users\Vladimir\Downloads\Photos (1).zip
2019-12-01 09:36 - 2019-12-01 09:36 - 000488722 _____ C:\Users\Vladimir\Downloads\5c511970-ce0f-469d-9e7f-9cc1ce425b92.tmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-27 15:46 - 2017-10-12 23:00 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-27 15:45 - 2015-06-01 21:29 - 000000000 ___RD C:\Users\Vladimir\Creative Cloud Files
2019-12-27 15:45 - 2014-03-28 00:33 - 000000000 ____D C:\Users\Vladimir\AppData\Local\Adobe
2019-12-26 23:48 - 2019-08-01 00:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-26 23:48 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-26 20:09 - 2019-10-05 06:38 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-26 19:36 - 2019-08-01 01:05 - 001920462 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-26 19:36 - 2019-03-19 12:57 - 000781808 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-26 19:36 - 2019-03-19 12:57 - 000172426 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-26 19:36 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-26 19:32 - 2019-08-01 01:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-26 19:32 - 2017-01-15 15:19 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2019-12-26 19:32 - 2015-07-07 23:19 - 000000000 ____D C:\Users\Vladimir\AppData\Local\HTC MediaHub
2019-12-26 19:30 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-24 23:40 - 2019-11-26 23:41 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-12-24 00:05 - 2019-08-01 00:53 - 000000000 ____D C:\Users\Vladimir
2019-12-23 22:46 - 2014-11-22 09:26 - 000000000 ____D C:\Program Files\trend micro
2019-12-23 22:31 - 2014-05-06 21:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-23 11:25 - 2014-05-06 22:18 - 000000000 ____D C:\Users\Vladimir\AppData\Local\NVIDIA
2019-12-23 11:24 - 2019-08-01 01:10 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003866 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003696 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2017-10-12 23:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-23 11:24 - 2017-10-12 23:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-23 11:24 - 2016-10-26 21:31 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-12-23 11:24 - 2016-10-23 21:40 - 000000000 ____D C:\Users\Vladimir\AppData\Local\NVIDIA Corporation
2019-12-23 11:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-20 23:15 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-20 23:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-20 16:22 - 2015-11-16 21:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 21:55 - 2019-11-04 19:06 - 000000000 ___HD C:\adobeTemp
2019-12-19 21:54 - 2014-09-14 10:46 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 21:54 - 2014-09-14 10:46 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-16 09:00 - 2019-07-11 05:32 - 000000000 ____D C:\Users\Vladimir\AppData\Local\Citrix
2019-12-13 20:21 - 2019-08-01 01:10 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d1ec2a61db19e5
2019-12-13 20:21 - 2019-08-01 01:10 - 000003380 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d1ec2a61b6c888
2019-12-13 06:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-13 06:17 - 2017-12-22 23:12 - 000000000 ____D C:\Users\Vladimir\AppData\Local\Packages
2019-12-12 07:04 - 2019-08-01 00:53 - 000000000 ____D C:\Users\DefaultAppPool
2019-12-12 07:04 - 2017-12-22 23:27 - 000000000 ___RD C:\Users\Vladimir\3D Objects
2019-12-12 07:04 - 2016-04-27 08:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 07:03 - 2019-08-01 00:44 - 000258176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-11 23:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-11 23:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-11 23:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 17:56 - 2014-03-28 07:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 17:46 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 17:46 - 2014-03-28 07:34 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 17:41 - 2014-03-27 23:15 - 000410830 __RSH C:\bootmgr
2019-12-11 17:17 - 2014-03-27 23:32 - 000000000 ____D C:\Users\Vladimir\AppData\Roaming\Adobe
2019-12-11 07:34 - 2014-03-28 00:38 - 000000000 ____D C:\Users\Vladimir\Documents\Adobe
2019-12-11 07:12 - 2014-03-28 00:30 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-12-11 07:12 - 2014-03-28 00:29 - 000000000 ____D C:\Program Files\Adobe
2019-12-11 07:11 - 2014-03-28 00:30 - 000000000 ____D C:\ProgramData\Adobe
2019-12-11 07:00 - 2017-01-15 15:19 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2019-12-09 14:13 - 2018-02-25 18:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-08 17:28 - 2014-10-12 21:55 - 000002131 _____ C:\Users\Public\Desktop\SIGMA Optimization Pro.lnk
2019-12-08 17:28 - 2014-03-28 00:03 - 000000000 ____D C:\WINDOWS\Downloaded Installations
2019-12-05 06:41 - 2017-01-15 15:19 - 000323896 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpalert.sys
2019-12-02 19:39 - 2018-12-25 02:15 - 000000000 ____D C:\Users\Vladimir\AppData\Local\D3DSCache
2019-12-01 21:51 - 2019-11-12 22:55 - 000000000 ____D C:\WINDOWS\Minidump

==================== Files in the root of some directories ========

2014-03-30 10:31 - 2015-05-03 21:03 - 000000268 ___RH () C:\Users\Vladimir\AppData\Roaming\Grapher
2015-05-03 21:03 - 2015-05-03 21:03 - 000000268 ___RH () C:\Users\Vladimir\AppData\Roaming\Guides
2014-03-28 00:11 - 2014-03-28 00:11 - 000000268 ___RH () C:\Users\Vladimir\AppData\Roaming\Guitars
2014-05-26 20:53 - 2014-05-30 21:08 - 000000268 ___RH () C:\Users\Vladimir\AppData\Roaming\Phaser
2015-06-06 16:15 - 2019-09-08 11:09 - 000001456 _____ () C:\Users\Vladimir\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-09-27 22:18 - 2018-01-31 14:21 - 000003584 _____ () C:\Users\Vladimir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-11-04 12:46 - 2018-11-04 12:46 - 000000000 _____ () C:\Users\Vladimir\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by Vladimir (27-12-2019 15:52:24)
Running from C:\Users\Vladimir\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-08-01 00:11:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1822121048-3009854048-383741908-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1822121048-3009854048-383741908-503 - Limited - Disabled)
Guest (S-1-5-21-1822121048-3009854048-383741908-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1822121048-3009854048-383741908-1003 - Limited - Enabled)
Vladimir (S-1-5-21-1822121048-3009854048-383741908-1001 - Administrator - Enabled) => C:\Users\Vladimir
WDAGUtilityAccount (S-1-5-21-1822121048-3009854048-383741908-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Bridge 2019 (HKLM-x32\...\KBRG_9_1) (Version: 9.1 - Adobe Systems Incorporated)
Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0_1) (Version: 10.0.1 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.14 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_1) (Version: 3.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_1) (Version: 9.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_9) (Version: 19.1.9 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_8) (Version: 20.0.8 - Adobe Systems Incorporated)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BookWright version 1.1.148 (HKLM-x32\...\{C17978EB-5A2C-40E3-B351-F03A27245BF9}_is1) (Version: 1.1.148 - Blurb, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP980 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series) (Version: - )
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.4.7 - NIKON CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dell System Detect (HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\73f463568823ebbe) (Version: 6.6.0.1 - Dell)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DxO Optics Pro 9 (HKLM\...\{CD5F5030-44C8-4432-9F61-209BA3F2F4BA}) (Version: 9.5.2 - DxO Labs)
DxO Optics Pro 9 plug-in for Adobe Lightroom (HKLM-x32\...\{57817091-BC9F-4C72-A0CE-17C6D6DE45AB}) (Version: 1.0.20 - DxO Labs)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Easy Drive Data Recovery (HKLM-x32\...\Easy Drive Data Recovery) (Version: 3.0 - MunSoft)
Ego-n Asistent 2.1.29 (HKLM-x32\...\Ego-n Asistent 2_is1) (Version: - ABB s. r. o., Elektro-Praga)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
FLAC to MP3 Converter 6.1.9.a (HKLM-x32\...\DD4F47DF-6540-4BDA-BEAD-2B19250B0C48_is1) (Version: - Accmeware Corporation)
Free AVI to MP4 Converter 1.0 (HKLM-x32\...\{756DF96D-E40E-4B52-A53D-036E3D6AAB44}_is1) (Version: - PolySoft Solutions)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.50 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Hetman Photo Recovery 4.5 (HKLM-x32\...\Hetman Photo Recovery) (Version: - )
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.7.12.793 - SurfRight B.V.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{E109DA49-B4C0-4576-AC6C-7053C5782A61}) (Version: 12.10.2.3 - Apple Inc.)
LG AirDrive (HKLM-x32\...\{101E5DB3-07FA-4E52-8923-05068C94CF43}) (Version: 1.2.60617.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.40 - LG Electronics)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
LGUP 8994 DLL (HKLM-x32\...\{4504D6ED-2584-4CCA-9B24-3B09277473DF}) (Version: 0.0.3.23 - LG Electronics)
LGUP for Store (HKLM-x32\...\{27FDA0D1-5BEA-427A-913C-FF050C211674}) (Version: 1.14.3 - LG Electronics)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.1512.1 - McAfee, LLC.)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 43.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 cs)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neat Image v7.6.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.18 - DxO)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.2 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.1 - Nikon)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.1.00 - Sony Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
RAMMon V1.0 (HKLM\...\{D0E36B69-687C-43B3-93BA-5E4B6E531023}_is1) (Version: 1.0 - PassMark Software)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.5.0.5 - SIGMA CORPORATION)
Spořič obrazovky Českých drah a.s., verze 2.0.40 (HKLM-x32\...\Spořič obrazovky Českých drah a.s._is1) (Version: 2.0.40 - České dráhy a.s., TELEMATIKA o.z.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
Topaz DeNoise 5 (64-bit) (HKLM\...\{06B60360-9DBD-4593-90A0-FD237F0845A2}) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz DeNoise 5 (64-bit) (HKLM-x32\...\Topaz DeNoise 5 (64-bit)) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (HKLM-x32\...\{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
TOPO Czech 2010 (HKLM-x32\...\{3C19E918-13AF-4C57-B50D-8C3738EFCABF}) (Version: 4.00 - PICODAS PRAHA, spol. s r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55 public beta 2 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Verbatim Hard Drive Formatter 1.42 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Verbatim Product Update 1.06 (HKLM-x32\...\Verbatim Product Update_is1) (Version: - Verbatim)
ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.0.0 - Nikon Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebClient (HKLM-x32\...\WebClient) (Version: - )
Windows Driver Package - Android (WUDFRd) WPD (04/07/2011 5.2.5326.4762) (HKLM\...\78917410BE8040E4932D812DC4AE7CA774A40096) (Version: 04/07/2011 5.2.5326.4762 - Android)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (07/09/2013 8.0.0000.00000) (HKLM\...\DE12FF493B03DCC873171B8CEFC537806B127B52) (Version: 07/09/2013 8.0.0000.00000 - Google, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.6 - ZONER software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-17] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2019-12-19] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-11-03] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2017-04-19] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1822121048-3009854048-383741908-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-D25DF724F523} -> [Creative Cloud Files] => C:\Users\Vladimir\Creative Cloud Files [2015-06-01 21:29]
CustomCLSID: HKU\S-1-5-21-1822121048-3009854048-383741908-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-04-09] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-02-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-04-09] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Vladimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\Vladimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --remote-debugging-port=9223

==================== Loaded Modules (Whitelisted) =============

2017-03-28 14:32 - 2017-03-28 14:32 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000326144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XercesLib.dll
2009-07-14 02:20 - 2009-07-14 02:40 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2014-04-01 20:06 - 2009-07-14 02:40 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2017-03-28 14:34 - 2017-03-28 14:34 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\ANT_WrappedLib.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\legacyio.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\IMG_GPSMAP.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XMLdll.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-08-01 00:46 - 2016-11-14 10:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\DSI_SiUSBXp_3_1.DLL
2017-06-27 20:08 - 2015-08-18 14:42 - 004420608 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 18\Program32\sciter32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30 [138]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\dell.com -> dell.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-05-30 21:06 - 2019-11-26 23:41 - 000000092 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.1 mssplus.mcafee.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\QuickTime\QTSystem\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled)
Bezdrátové připojení k síti: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{747CAA5F-2B6A-4AFE-A3B2-1E1F6279F804}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0471BC2A-36E0-4514-9852-359297753052}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BE044462-DFD4-433F-A40A-0AF3B1C1BC87}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{BE39B61D-164A-429C-824D-87EE212D127F}C:\program files (x86)\abb\ego-n asistent 2\egon.exe] => (Allow) C:\program files (x86)\abb\ego-n asistent 2\egon.exe () [File not signed]
FirewallRules: [UDP Query User{471FB966-1A9C-4005-BF66-4E8575D612E1}C:\program files (x86)\abb\ego-n asistent 2\egon.exe] => (Allow) C:\program files (x86)\abb\ego-n asistent 2\egon.exe () [File not signed]
FirewallRules: [{159A630C-4720-4727-8ED1-733EE5BB222C}] => (Allow) C:\Users\Vladimir\Downloads\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{77B2A23B-2BD6-4615-B42E-F5817073C097}] => (Allow) C:\Users\Vladimir\Downloads\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0DE1F008-FE9A-4BEA-9C5A-8ED382307311}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{7170D73F-0606-4D68-B711-C3A2A6D3F825}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{8117C0FD-AC73-4289-8D2B-8433405A0426}] => (Allow) C:\Program Files\DxO Labs\DxO Optics Pro v9\DXOOpticsPro.exe (DxO Labs -> DxO Labs)
FirewallRules: [{50A00B2E-0426-43C5-B1A3-E581F5268C65}] => (Allow) C:\Program Files\DxO Labs\DxO Optics Pro v9\DXOOpticsPro.exe (DxO Labs -> DxO Labs)
FirewallRules: [{4E250BA5-02F7-45AF-8A9D-D18F2D04708A}] => (Allow) C:\Program Files\DxO Labs\DxO Optics Pro v9\DXOOpticsPro.exe (DxO Labs -> DxO Labs)
FirewallRules: [{3595C2E9-CBEB-4568-B9A9-636AFB1818E3}] => (Allow) C:\Program Files\DxO Labs\DxO Optics Pro v9\DXOOpticsPro.exe (DxO Labs -> DxO Labs)
FirewallRules: [TCP Query User{8638FB3D-D861-4653-B7EE-52C8262A5636}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{3802AEFD-A919-4932-9CD4-0B5FAF32D075}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{9F0CC557-48E3-4116-8EED-F53EA3FF7EE0}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe No File
FirewallRules: [{F6D500C6-4D5B-40B5-9E2D-DC5825C3E5AE}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe No File
FirewallRules: [TCP Query User{69900540-E0EA-4E72-B3FE-3598C0893530}C:\users\vladimir\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [UDP Query User{2AB35BE2-7EBA-4C8A-BFFA-0993865EF5B7}C:\users\vladimir\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [{514A3109-9D34-465B-8CEA-E18DBA077DF7}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe No File
FirewallRules: [{523F751C-CF8B-41D7-B9A4-0F4E99C5321C}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe No File
FirewallRules: [TCP Query User{9496F559-AFD3-4B6F-9538-065F25788999}C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe No File
FirewallRules: [UDP Query User{00D1271E-1BE3-4459-A96A-2AD8CFC28D73}C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe No File
FirewallRules: [TCP Query User{4C0828D2-5C70-4D25-B7F8-653D0686BDE7}C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe No File
FirewallRules: [UDP Query User{DA9F18E1-00BE-4351-B67C-636599602A86}C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe No File
FirewallRules: [{FA552ECA-2E93-4B14-8CC2-B569585EC930}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe (Nero AG -> )
FirewallRules: [{A83F0008-87C9-4FEF-A5E8-CEED0879488D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ED631FDB-B5C2-493B-9E27-6FD659633DFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6128511D-8958-4CA2-A961-5A71FFC7006F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{DA3BC9CD-3EC2-47C0-980F-6709868C263B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [TCP Query User{A27A958E-F574-4BB8-88C2-B0CF8E588B48}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [UDP Query User{8C289F14-7757-4822-A233-84C507CF29EB}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [{EDF36577-A234-435A-A09D-9125861FDB15}] => (Block) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [{FB7F92A4-CB1A-4732-9128-7C9F0C821391}] => (Block) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [{54AE0FDA-FC87-4CE6-BDD3-B6CCE1569FF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{73DBFF72-F495-414D-B0C7-115D8508B448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{DBC65E67-D1B5-4718-BE73-7BAD8CAA2E0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{430772D8-0987-49AE-9F49-975723D460BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9F488015-37D5-46FB-AA5C-2CB033634109}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F52732F1-AFB3-49AC-9C0C-708CE6727495}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{D1F3A16A-C50B-4E3B-9A33-C1C3D8521CD3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{468E9AF5-C3D7-4426-B33C-294847FAFBB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E56B6B54-06A2-418D-BA62-F048CB7A0F24}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C4D6B147-CB2B-42DD-8787-E992C23DA42B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4177C00B-EE4A-40A0-95E8-8ACE6EDADD13}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8E4B1DB1-4224-4C1C-9AE9-20CDFB1840C5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B1110BB4-BF37-4DE2-BD3C-78C5FC368567}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFDB4C76-430F-4A45-BFD5-ABCC22244D8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6B38341-4C08-40F4-B114-9EDDC92172D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{740418F7-186A-4BB0-BADE-3300AC0A5356}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DBC3379-AE69-447A-8596-61560076BC39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2D12CD99-058E-4866-A479-570B9E98DBED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{939A0238-B2CA-4E03-818D-BE94F9F5B8B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5CBBAF1-12A5-46A1-B901-B4A0982C804F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/27/2019 03:53:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10708,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/27/2019 03:46:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: esu.exe, verze: 1.0.0.0, časové razítko: 0x58dac8d5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.535, časové razítko: 0x5bd9df62
Kód výjimky: 0xe0434352
Posun chyby: 0x001135d2
ID chybujícího procesu: 0x3874
Čas spuštění chybující aplikace: 0x01d5bcc47bf3c1ba
Cesta k chybující aplikaci: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ffb73470-1ae7-4011-aba0-c1ab708d9c5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/27/2019 03:46:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: esu.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
na System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
na Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
na Garmin.Omt.Service.Shared.Overrides..cctor()

Informace o výjimce: System.TypeInitializationException
na Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
na Garmin.Omt.Express.SelfUpdater.Program.RealMain()
na Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])

Error: (12/26/2019 11:31:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 11:21:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10432,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 10:48:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 10:38:16 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12328,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 10:31:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2320,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

System errors:
=============
Error: (12/25/2019 10:17:11 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: C:\Device\HarddiskVolume12

Error: (12/25/2019 09:13:03 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0xf00000005bd0b. Název souboru je \ProgramData\HitmanPro.Alert\excalibur.db.

Error: (12/25/2019 09:07:59 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x2100000005e6fb. Název souboru je \Users\Vladimir\AppData\Local\Temp\CreativeCloud\ACC\ACC.log.

Error: (12/25/2019 09:07:59 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0xb0000000066ab7. Název souboru je \Users\Vladimir\AppData\Local\Temp\CreativeCloud\CoreSync\CoreSync-2019-12-25.log.

Error: (12/23/2019 10:40:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:31:34, ‎23.‎12.‎2019) bylo neočekávané.

Error: (12/23/2019 10:34:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby OneSyncSvc_44313 bylo dosaženo časového limitu (30000 ms).

Error: (12/23/2019 10:31:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:40:33, ‎23.‎12.‎2019) bylo neočekávané.

Error: (12/23/2019 12:26:53 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Windows Defender:
===================================
Date: 2019-12-24 19:44:39.692
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8F77E8F5-0110-4410-842C-17DCB3CF5390}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-24 18:12:21.657
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D0BAAD15-0ADF-4D84-A289-6AFB148644D7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-24 18:01:22.091
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {68E767F9-E3E3-449F-A115-C7608A02BA68}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-24 17:53:13.094
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6080681C-23D9-4CDF-8CF0-32052584DF91}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-24 15:07:30.029
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D2EDD592-1F1C-46C3-BF71-D1DFAABEDF25}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: Award Software International, Inc. F7 08/31/2009
Motherboard: Gigabyte Technology Co., Ltd. EP45-UD3LR
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 64%
Total physical RAM: 8190.46 MB
Available physical RAM: 2894.32 MB
Total Virtual: 16382.46 MB
Available Virtual: 10836.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.74 GB) (Free:5.71 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:12.94 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:25.78 GB) NTFS
Drive h: (Verbatim HDD) (Fixed) (Total:1630.14 GB) (Free:23.71 GB) NTFS

\\?\Volume{11834c50-0000-0000-0000-20af37000000}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 11834C50)
Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=853 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F462D24F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: FA67A002)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Size: 1630.1 GB) (Disk ID: 7C6E4192)
Partition 1: (Not Active) - (Size=1630.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#4 Příspěvek od **Rudy** » 27 pro 2019 16:50

Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

ed · #5 Příspěvek od ed » 27 pro 2019 17:00

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-27-2019
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 33
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583

***** [ Files ] *****

Deleted C:\Users\Vladimir\Downloads\ReimageRepair.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AC21804-8243-4C25-9D7D-21CF621ABEDB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F1808E6-83FF-4376-85F9-61C068DAD712}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50FD26F6-8A20-4C13-A461-49391B2BC5FB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F468F34-7226-407C-B314-8742B188DE52}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69A32CA2-2C7D-4963-85B5-3751BA1B156C}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A41AEEA-9A75-47F8-9019-236747245A9}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{766C924E-B3BE-44C5-99E-19A430CE281}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D60D9D0-FF80-468E-9AFC-29B6572D8AEC}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{919AC42A-DDAD-4822-886F-D9235B20E8A5}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD1B2D66-1A3E-4BA8-8EA9-ED5A7AF89E7B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAB8AF9D-E855-4E98-97A5-44E3A43B9F4E}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D27BA936-92EE-4D76-8968-9F509CCE6A3}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBC055E6-5053-45F4-A021-692EFDA0EA88}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEFF0B9-71DC-4BA4-BEA2-FC88D5E68CA7}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBC399FD-CDEF-4DC5-8CAF-D2F051F49AB}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBEF2833-897-40E3-8719-74C584E09CD1}
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\OB
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{514A3109-9D34-465B-8CEA-E18DBA077DF7}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{523F751C-CF8B-41D7-B9A4-0F4E99C5321C}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{9F0CC557-48E3-4116-8EED-F53EA3FF7EE0}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F6D500C6-4D5B-40B5-9E2D-DC5825C3E5AE}
Deleted HKLM\Software\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted HKLM\Software\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6574 octets] - [27/12/2019 16:57:06]
AdwCleaner[S01].txt - [6635 octets] - [27/12/2019 17:00:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#6 Příspěvek od **Rudy** » 27 pro 2019 17:57

Dejte nové logy FRST+Addition.

ed · #7 Příspěvek od ed » 27 pro 2019 18:18

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2019
Ran by Vladimir (administrator) on VLADIMIR-PC (Gigabyte Technology Co., Ltd. EP45-UD3LR) (27-12-2019 18:14:03)
Running from C:\Users\Vladimir\Desktop
Loaded Profiles: Vladimir (Available Profiles: Vladimir & DefaultAppPool)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(JRD COMMUNICATION (SHENZHEN) LTD -> ) C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe
(JRD COMMUNICATION (SHENZHEN) LTD -> ) C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\McAfee Security Scan\3.11.1512\SSScheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Vladimir\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Nero AG -> ) C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2724432 2015-12-26] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [Tmobile_Czech Estoril ModemListener] => C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ModemListener.exe [159016 2014-12-11] (JRD COMMUNICATION (SHENZHEN) LTD -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [638352 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [407440 2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [GoogleChromeAutoLaunch_E7E7B640C719C6D8CE20F2E50D91D1E8] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-11-26] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software, a.s. -> ZONER software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-11-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1512\SSScheduler.exe (McAfee, LLC -> McAfee, LLC.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009307BB-1456-4C08-A044-EBDC89C887B4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0169D2A6-CC93-4E9F-8DDB-F30C42593E52} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {0517E315-330F-4D6C-947E-3161E904B5A7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1305BE7B-B995-478E-8E17-9829A1B8CB3D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B5C0CCB-AD12-4F14-A855-2A706F201A4D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1DCC81B0-3B6F-438A-8417-93D918235175} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {217081FB-A88D-4DDF-8424-1048BCCEB8BE} - \Reimage Reminder -> No File <==== ATTENTION
Task: {222B9874-5AB3-488D-A73A-DC9226BC4A06} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6889176 2016-09-28] (Piriform Ltd -> Piriform Ltd)
Task: {22E2131B-3F83-4253-AA63-A16BCA5DD91F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {245942BB-81E1-4266-98D7-248B8225C755} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {27D1319D-42DD-4F63-ADB7-6F6DE442D2DA} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {2C3FCFD1-09A7-44D0-9A6A-14408217AB1B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {32A03337-44C6-4658-8840-F2689FE27B64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {36FE0783-A9BF-4F66-962A-C20910E7D341} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3B3F0652-247A-4C6E-A722-4192C174602B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {3BBFA573-4D52-4E0F-BEB3-AEF24A29B138} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {3C05E5EA-3B55-4217-8C53-977FB2737EB9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {3CB7C269-8BAD-4077-95AD-1A47A4926E55} - System32\Tasks\{92BAE46E-7FB0-41D7-8D4F-7DDB9FD88AEF} => C:\Windows\system32\pcalua.exe -a C:\Users\Vladimir\Downloads\install\S-CNX2__-020301WU-___EN-ALL___.exe -d C:\Users\Vladimir\Downloads\install
Task: {3D46B06C-6B0E-4D6A-BCDF-2125EDF7FC7E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D9F7CD2-3331-4C72-A795-4A47E6B35148} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {3DD2DC4A-C3F5-4C22-8B59-316F61B657E9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E913995-F5F5-4AF3-8042-404D58F4B52F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39848 2017-03-28] (Garmin International, Inc. -> )
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CB5DCD3-C72C-4A89-8EF9-500712B6AECB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {53236378-B38E-4C92-BE4F-2A5CE9DB74FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5B8409FA-9B05-4016-A9AC-358C621AEF46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2016-05-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6700AE5D-0509-48FC-BF7C-1E4DAA987822} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6726618A-9A72-4EEF-B72C-6B782A7AAC4C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {688B4C16-FCCF-4F2D-89DE-296F0E3AE670} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6BDE3817-4600-4E6F-A4FC-DD4437459B64} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {6C1559B6-62E3-46C4-8F60-5AA8B2088491} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E90CAC4-7650-475A-8A17-C764D1D8F6C9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {70DC75D4-01E7-4064-B1A6-585618CB0F19} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {75694CA5-A9AB-4520-B690-B6C4F5879610} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {76AB045A-5B52-419D-8BC0-0F61A5B0AE5A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {777B72AE-C569-42E4-B466-C445E6448A71} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {812AAAD1-864B-4ECE-8C81-BD2B67AFFC45} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8856C83E-E37B-4819-92AA-148F068B20A8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {88F11029-D52B-40E3-A596-D3DB3C30D277} - \ReimageUpdater -> No File <==== ATTENTION
Task: {8AD70B51-B7CF-469A-B1DD-05098E53A175} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9121C318-2109-4AA9-B141-F50E2A940872} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {92E13B23-35E1-4929-8275-DC694C2F219F} - System32\Tasks\{6DD7216D-A9FC-4AA9-8025-8A45DBB1FEFE} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\SavePass\Uninstall.exe" -c /fcp=1
Task: {95FF13D3-E5E6-4D45-882A-E08B97F6D7D1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {99C1F44F-9956-45C3-B516-A0BCEB31F55D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {9F011627-3182-4F4E-99FE-06B0AD1FAAD7} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A45B5DBF-2BC7-4A37-A3FE-FED0F55EF7B5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AA6FE720-784C-4531-BBA1-2D66D73D4D3E} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ec2a61b6c888 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {AE2B4861-433D-4282-9605-00F9EEB6A0C6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B15BF2E1-14FC-4FA0-8F49-A3601AB17AAE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {B3B291E1-F902-4F8B-89EA-9C871B124ACB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B6CF68C8-168E-4AFB-9A40-769875F2F9BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BD105439-712D-48F5-BE93-FB2694CF9813} - System32\Tasks\{699B3B67-6396-40E6-BBAB-611E693B1CD9} => C:\Windows\system32\pcalua.exe -a "C:\Users\Vladimir\Downloads\Office 2007_CZ\setup.exe" -d "C:\Users\Vladimir\Downloads\Office 2007_CZ"
Task: {BE6C05F4-FABE-4CF5-ABBC-2C3DF1F2A5FD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C094ECD7-CC8E-49B7-8275-C0136B3A0A4A} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {C11C580E-2AA0-487D-AB6F-48DB796EC30E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {C8255AEC-074F-4DBD-AA46-C33F8A41E5A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C888F290-B570-4604-AB41-FAA8281E8FA6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB4E68A2-8F36-4C16-BF61-C7949FDDFAA8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC4C1E21-B3A2-4910-818F-11D8B1D3302C} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D48051FD-7385-4A14-AEE0-9A7E151A43A2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D8739396-B8CD-43AC-ACCA-A0E1A3258B8F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {DD178FDC-8D77-4413-A81B-C29B581A97A6} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {DE02839E-4F1D-4F9A-B90F-05C9AF1A19EC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DF2701F3-8059-4A90-86C4-D8D407282646} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E13D46A2-1855-46E9-AA59-B58ACDF3B38D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E63A03BB-91C0-4E99-9266-5958051765B7} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ec2a61db19e5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E8ED12AC-BF2B-4953-BEFD-7751882C9E91} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EAE6F53C-8925-428C-ABC1-DAD62D2EA724} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC06D0E5-821E-4E83-BF8D-FEA81A1CE6D8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC084933-8B46-49B7-BEEF-E3CC3E9DC6FC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0334C39-9BA2-40EB-B7C4-F4B1AEA8AA73} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F0FFB706-4948-4283-ABBF-C20E33666ADE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2493690-0413-45AB-89D9-BED37E243007} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F4F5D483-5A94-4622-BCBF-DB913C9328BC} - System32\Tasks\AdobeAAMUpdater-1.0-Vladimir-PC-Vladimir => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FA8977F8-AE07-4B81-B5D2-AE854B0F6BBA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19e480ab-3ab1-4c98-b201-ebe59ce78930}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{aa049f91-33bd-4900-9193-00ad49120759}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: d668d38e.default-1403463649564
FF ProfilePath: C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\d668d38e.default-1403463649564 [2019-12-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-12] (Adobe Systems Incorporated -> )
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-05-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://www.dxomark.com; hxxps://www.mall.tv; hxxps://www.maxikovy-hracky.cz
CHR Profile: C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default [2019-12-27]
CHR Extension: (Podpořte) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\amaegjccccajmhnbcbeagblpdccimoeh [2016-11-30]
CHR Extension: (Hudba Google Play) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-11-04]
CHR Extension: (Google Play Music) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2017-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13]
CHR Profile: C:\Users\Vladimir\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-31]
CHR HKU\S-1-5-21-1822121048-3009854048-383741908-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4473288 2019-12-05] (SurfRight B.V. -> SurfRight B.V.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG -> Nero AG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1512\McCHSvc.exe [408416 2019-11-13] (McAfee, LLC -> McAfee, LLC.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation -> Sony Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [76584 2014-12-11] (JRD COMMUNICATION (SHENZHEN) LTD -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [38424 2010-10-18] (ZTE CORPORATION -> Google Inc)
R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [323896 2019-12-05] (SurfRight B.V. -> SurfRight B.V.)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2012-12-07] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 jrdusbser; C:\WINDOWS\system32\DRIVERS\jrdusbser.sys [123776 2013-06-18] (Microsoft Windows Hardware Compatibility Publisher -> TCT International Mobile Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2015-11-26] (Acronis International GmbH -> Acronis International GmbH)
S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198432 2015-11-26] (Acronis International GmbH -> Acronis International GmbH)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbUDisc; C:\WINDOWS\System32\drivers\USBDrv_AMD64.sys [18392 2013-01-25] (Allwinner Technology Co.,Ltd. -> Scott)
R0 vidsflt; C:\WINDOWS\System32\DRIVERS\vidsflt.sys [117024 2015-11-26] (Acronis International GmbH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 zghsdiag; C:\WINDOWS\system32\DRIVERS\zghsdiag.sys [122624 2011-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 zghsmdm; C:\WINDOWS\system32\DRIVERS\zghsmdm.sys [122624 2011-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 zghsnmea; C:\WINDOWS\system32\DRIVERS\zghsnmea.sys [122624 2011-01-13] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-27 16:59 - 2019-12-27 16:55 - 008237744 _____ (Malwarebytes) C:\Users\Vladimir\Desktop\adwcleaner_8.0.1.exe
2019-12-27 16:55 - 2019-12-27 16:55 - 008237744 _____ (Malwarebytes) C:\Users\Vladimir\Downloads\adwcleaner_8.0.1.exe
2019-12-27 15:52 - 2019-12-27 15:58 - 000050840 _____ C:\Users\Vladimir\Desktop\Addition.txt
2019-12-27 15:49 - 2019-12-27 18:15 - 000039834 _____ C:\Users\Vladimir\Desktop\FRST.txt
2019-12-27 15:48 - 2019-12-27 18:14 - 000000000 ____D C:\FRST
2019-12-27 15:47 - 2019-12-27 15:47 - 002272256 _____ (Farbar) C:\Users\Vladimir\Desktop\FRST64.exe
2019-12-27 15:46 - 2019-12-27 15:47 - 002272256 _____ (Farbar) C:\Users\Vladimir\Downloads\FRST64.exe
2019-12-23 22:46 - 2019-12-23 22:46 - 000000000 ____D C:\rsit
2019-12-23 22:45 - 2019-12-23 22:45 - 001222144 _____ C:\Users\Vladimir\Downloads\RSITx64.exe
2019-12-23 11:24 - 2019-12-23 11:24 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-12-23 11:24 - 000004000 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2017-10-11 02:05 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-12-23 11:24 - 2017-10-11 00:26 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-12-11 17:42 - 2019-12-11 17:42 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 17:42 - 2019-12-11 17:42 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 17:42 - 2019-12-11 17:42 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-11 17:42 - 2019-12-11 17:42 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-11 17:42 - 2019-12-11 17:42 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-11 17:42 - 2019-12-11 17:42 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-11 17:42 - 2019-12-11 17:42 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-11 17:42 - 2019-12-11 17:42 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-11 17:42 - 2019-12-11 17:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 17:41 - 2019-12-11 17:41 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-11 17:41 - 2019-12-11 17:41 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-11 17:41 - 2019-12-11 17:41 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-11 17:41 - 2019-12-11 17:41 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-11 17:41 - 2019-12-11 17:41 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-11 07:34 - 2019-12-11 07:34 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2019-12-11 07:23 - 2019-12-11 07:23 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2019-12-11 07:12 - 2019-12-11 07:12 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2020.lnk
2019-12-11 07:00 - 2019-12-11 07:00 - 000000000 ____D C:\WINDOWS\Panther
2019-12-10 23:23 - 2019-12-10 23:23 - 000001085 _____ C:\Users\Vladimir\Desktop\Adobe Lightroom Classic.lnk
2019-12-10 23:23 - 2019-12-10 23:23 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2019-12-10 21:24 - 2019-12-10 21:24 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2019-12-10 21:24 - 2019-12-10 21:24 - 000001038 _____ C:\Users\Vladimir\Desktop\Lightroom.lnk
2019-12-08 18:09 - 2019-12-08 18:11 - 000000000 ____D C:\Users\Vladimir\Downloads\d500
2019-12-08 18:09 - 2019-12-08 18:09 - 024281256 _____ C:\Users\Vladimir\Downloads\F-D500-V120W.exe
2019-12-07 13:40 - 2019-12-07 13:40 - 000178261 _____ C:\Users\Vladimir\Downloads\PJ2020_PK_ticket.pdf
2019-12-05 06:49 - 2019-12-05 06:49 - 000089591 _____ C:\Users\Vladimir\Downloads\OPEL INSIGNIA 2.0 CDTi 154kW Innovation ST Auto 4x4 A8 154kw AN_nabidka_OL.pdf
2019-12-05 06:41 - 2019-12-05 06:41 - 001107912 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll
2019-12-05 06:41 - 2019-12-05 06:41 - 000946120 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll
2019-12-05 06:38 - 2019-12-05 06:38 - 000001487 _____ C:\Users\Vladimir\Downloads\WEFfY29udHJvbGxlci5YQV9SRVNfQVBQTElDQVRJT04gJFM1LTEw (2).ica
2019-12-03 15:18 - 2019-12-03 15:18 - 000001486 _____ C:\Users\Vladimir\Downloads\WEFfY29udHJvbGxlci5YQV9SRVNfQVBQTElDQVRJT04gJFM1LTEw.ica
2019-12-01 21:52 - 2019-12-01 21:52 - 015397931 _____ C:\Users\Vladimir\Downloads\Photos (9).zip
2019-12-01 21:49 - 2019-12-01 21:49 - 001605024 _____ C:\Users\Vladimir\Downloads\Photos (8).zip
2019-12-01 21:48 - 2019-12-01 21:48 - 003956095 _____ C:\Users\Vladimir\Downloads\Photos (7).zip
2019-12-01 21:46 - 2019-12-01 21:46 - 006962705 _____ C:\Users\Vladimir\Downloads\Photos (6).zip
2019-12-01 21:31 - 2019-12-01 21:31 - 002753822 _____ C:\Users\Vladimir\Downloads\Photos (5).zip
2019-12-01 21:30 - 2019-12-01 21:31 - 009936299 _____ C:\Users\Vladimir\Downloads\Photos (4).zip
2019-12-01 21:28 - 2019-12-01 21:28 - 011352125 _____ C:\Users\Vladimir\Downloads\Photos (3).zip
2019-12-01 21:25 - 2019-12-01 21:25 - 006052063 _____ C:\Users\Vladimir\Downloads\Photos (2).zip
2019-12-01 21:24 - 2019-12-01 21:24 - 001534012 _____ C:\Users\Vladimir\Downloads\Photos (1).zip
2019-12-01 09:36 - 2019-12-01 09:36 - 000488722 _____ C:\Users\Vladimir\Downloads\5c511970-ce0f-469d-9e7f-9cc1ce425b92.tmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-27 18:02 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-27 17:08 - 2019-10-05 06:38 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-27 17:08 - 2019-08-01 01:05 - 001920462 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-27 17:08 - 2019-03-19 12:57 - 000781808 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-27 17:08 - 2019-03-19 12:57 - 000172426 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-27 17:08 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-27 17:04 - 2017-10-12 23:00 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-27 17:03 - 2015-06-01 21:29 - 000000000 ___RD C:\Users\Vladimir\Creative Cloud Files
2019-12-27 17:03 - 2014-03-28 00:33 - 000000000 ____D C:\Users\Vladimir\AppData\Local\Adobe
2019-12-27 17:02 - 2019-08-01 01:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-27 17:02 - 2017-01-15 15:19 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2019-12-27 17:02 - 2015-07-07 23:19 - 000000000 ____D C:\Users\Vladimir\AppData\Local\HTC MediaHub
2019-12-27 17:01 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-27 16:57 - 2015-03-30 18:34 - 000000000 ____D C:\AdwCleaner
2019-12-26 23:48 - 2019-08-01 00:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-24 23:40 - 2019-11-26 23:41 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-12-24 00:05 - 2019-08-01 00:53 - 000000000 ____D C:\Users\Vladimir
2019-12-23 22:46 - 2014-11-22 09:26 - 000000000 ____D C:\Program Files\trend micro
2019-12-23 22:31 - 2014-05-06 21:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-23 11:25 - 2014-05-06 22:18 - 000000000 ____D C:\Users\Vladimir\AppData\Local\NVIDIA
2019-12-23 11:24 - 2019-08-01 01:10 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003866 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003696 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2019-08-01 01:10 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-23 11:24 - 2017-10-12 23:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-23 11:24 - 2017-10-12 23:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-23 11:24 - 2016-10-26 21:31 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-12-23 11:24 - 2016-10-23 21:40 - 000000000 ____D C:\Users\Vladimir\AppData\Local\NVIDIA Corporation
2019-12-23 11:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-20 23:15 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-20 23:15 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-20 16:22 - 2015-11-16 21:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 21:55 - 2019-11-04 19:06 - 000000000 ___HD C:\adobeTemp
2019-12-19 21:54 - 2014-09-14 10:46 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 21:54 - 2014-09-14 10:46 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-16 09:00 - 2019-07-11 05:32 - 000000000 ____D C:\Users\Vladimir\AppData\Local\Citrix
2019-12-13 20:21 - 2019-08-01 01:10 - 000003504 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d1ec2a61db19e5
2019-12-13 20:21 - 2019-08-01 01:10 - 000003380 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d1ec2a61b6c888
2019-12-13 06:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-13 06:17 - 2017-12-22 23:12 - 000000000 ____D C:\Users\Vladimir\AppData\Local\Packages
2019-12-12 07:04 - 2019-08-01 00:53 - 000000000 ____D C:\Users\DefaultAppPool
2019-12-12 07:04 - 2017-12-22 23:27 - 000000000 ___RD C:\Users\Vladimir\3D Objects
2019-12-12 07:04 - 2016-04-27 08:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 07:03 - 2019-08-01 00:44 - 000258176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-11 23:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-11 23:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-11 23:31 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 17:56 - 2014-03-28 07:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 17:46 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 17:46 - 2014-03-28 07:34 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 17:41 - 2014-03-27 23:15 - 000410830 __RSH C:\bootmgr
2019-12-11 17:17 - 2014-03-27 23:32 - 000000000 ____D C:\Users\Vladimir\AppData\Roaming\Adobe
2019-12-11 07:34 - 2014-03-28 00:38 - 000000000 ____D C:\Users\Vladimir\Documents\Adobe
2019-12-11 07:12 - 2014-03-28 00:30 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-12-11 07:12 - 2014-03-28 00:29 - 000000000 ____D C:\Program Files\Adobe
2019-12-11 07:11 - 2014-03-28 00:30 - 000000000 ____D C:\ProgramData\Adobe
2019-12-11 07:00 - 2017-01-15 15:19 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2019-12-09 14:13 - 2018-02-25 18:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-08 17:28 - 2014-10-12 21:55 - 000002131 _____ C:\Users\Public\Desktop\SIGMA Optimization Pro.lnk
2019-12-08 17:28 - 2014-03-28 00:03 - 000000000 ____D C:\WINDOWS\Downloaded Installations
2019-12-05 06:41 - 2017-01-15 15:19 - 000323896 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpalert.sys
2019-12-02 19:39 - 2018-12-25 02:15 - 000000000 ____D C:\Users\Vladimir\AppData\Local\D3DSCache
2019-12-01 21:51 - 2019-11-12 22:55 - 000000000 ____D C:\WINDOWS\Minidump

==================== Files in the root of some directories ========

2014-03-30 10:31 - 2015-05-03 21:03 - 000000268 ___RH () C:\Users\Vladimir\AppData\Roaming\Grapher
2015-05-03 21:03 - 2015-05-03 21:03 - 000000268 ___RH () C:\Users\Vladimir\AppData\Roaming\Guides
2014-03-28 00:11 - 2014-03-28 00:11 - 000000268 ___RH () C:\Users\Vladimir\AppData\Roaming\Guitars
2014-05-26 20:53 - 2014-05-30 21:08 - 000000268 ___RH () C:\Users\Vladimir\AppData\Roaming\Phaser
2015-06-06 16:15 - 2019-09-08 11:09 - 000001456 _____ () C:\Users\Vladimir\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-09-27 22:18 - 2018-01-31 14:21 - 000003584 _____ () C:\Users\Vladimir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-11-04 12:46 - 2018-11-04 12:46 - 000000000 _____ () C:\Users\Vladimir\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by Vladimir (27-12-2019 18:16:58)
Running from C:\Users\Vladimir\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-08-01 00:11:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1822121048-3009854048-383741908-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1822121048-3009854048-383741908-503 - Limited - Disabled)
Guest (S-1-5-21-1822121048-3009854048-383741908-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1822121048-3009854048-383741908-1003 - Limited - Enabled)
Vladimir (S-1-5-21-1822121048-3009854048-383741908-1001 - Administrator - Enabled) => C:\Users\Vladimir
WDAGUtilityAccount (S-1-5-21-1822121048-3009854048-383741908-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Bridge 2019 (HKLM-x32\...\KBRG_9_1) (Version: 9.1 - Adobe Systems Incorporated)
Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0_1) (Version: 10.0.1 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.14 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\LRCC_3_1) (Version: 3.1 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_1) (Version: 9.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_9) (Version: 19.1.9 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_8) (Version: 20.0.8 - Adobe Systems Incorporated)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BookWright version 1.1.148 (HKLM-x32\...\{C17978EB-5A2C-40E3-B351-F03A27245BF9}_is1) (Version: 1.1.148 - Blurb, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version: - )
Canon MP980 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP980_series) (Version: - )
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.4.7 - NIKON CORPORATION)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Citrix Receiver 4.12 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.12.0.18020 - Citrix Systems, Inc.)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Dell System Detect (HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\73f463568823ebbe) (Version: 6.6.0.1 - Dell)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DxO Optics Pro 9 (HKLM\...\{CD5F5030-44C8-4432-9F61-209BA3F2F4BA}) (Version: 9.5.2 - DxO Labs)
DxO Optics Pro 9 plug-in for Adobe Lightroom (HKLM-x32\...\{57817091-BC9F-4C72-A0CE-17C6D6DE45AB}) (Version: 1.0.20 - DxO Labs)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Easy Drive Data Recovery (HKLM-x32\...\Easy Drive Data Recovery) (Version: 3.0 - MunSoft)
Ego-n Asistent 2.1.29 (HKLM-x32\...\Ego-n Asistent 2_is1) (Version: - ABB s. r. o., Elektro-Praga)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
FLAC to MP3 Converter 6.1.9.a (HKLM-x32\...\DD4F47DF-6540-4BDA-BEAD-2B19250B0C48_is1) (Version: - Accmeware Corporation)
Free AVI to MP4 Converter 1.0 (HKLM-x32\...\{756DF96D-E40E-4B52-A53D-036E3D6AAB44}_is1) (Version: - PolySoft Solutions)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.50 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Hetman Photo Recovery 4.5 (HKLM-x32\...\Hetman Photo Recovery) (Version: - )
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.7.12.793 - SurfRight B.V.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
Internet Manager (HKLM-x32\...\Tmobile_Czech Estoril Internet Manager_is1) (Version: - T-mobile)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{E109DA49-B4C0-4576-AC6C-7053C5782A61}) (Version: 12.10.2.3 - Apple Inc.)
LG AirDrive (HKLM-x32\...\{101E5DB3-07FA-4E52-8923-05068C94CF43}) (Version: 1.2.60617.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.40 - LG Electronics)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
LGUP 8994 DLL (HKLM-x32\...\{4504D6ED-2584-4CCA-9B24-3B09277473DF}) (Version: 0.0.3.23 - LG Electronics)
LGUP for Store (HKLM-x32\...\{27FDA0D1-5BEA-427A-913C-FF050C211674}) (Version: 1.14.3 - LG Electronics)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.1512.1 - McAfee, LLC.)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 43.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 cs)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Neat Image v7.6.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.18 - DxO)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Online Plug-in (HKLM-x32\...\{2E9881CA-E41C-45E5-8055-61A4CC1BF93F}) (Version: 14.12.0.18020 - Citrix Systems, Inc.) Hidden
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.0.2 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.1 - Nikon)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation)
PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.1.00 - Sony Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
RAMMon V1.0 (HKLM\...\{D0E36B69-687C-43B3-93BA-5E4B6E531023}_is1) (Version: 1.0 - PassMark Software)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Self-service Plug-in (HKLM-x32\...\{7A029AB7-8CC4-4FE8-904F-A090248C1BC7}) (Version: 4.12.0.18013 - Citrix Systems, Inc.) Hidden
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.5.0.5 - SIGMA CORPORATION)
Spořič obrazovky Českých drah a.s., verze 2.0.40 (HKLM-x32\...\Spořič obrazovky Českých drah a.s._is1) (Version: 2.0.40 - České dráhy a.s., TELEMATIKA o.z.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
Topaz DeNoise 5 (64-bit) (HKLM\...\{06B60360-9DBD-4593-90A0-FD237F0845A2}) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz DeNoise 5 (64-bit) (HKLM-x32\...\Topaz DeNoise 5 (64-bit)) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (HKLM-x32\...\{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}) (Version: 5.0.1 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
TOPO Czech 2010 (HKLM-x32\...\{3C19E918-13AF-4C57-B50D-8C3738EFCABF}) (Version: 4.00 - PICODAS PRAHA, spol. s r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.55 public beta 2 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Verbatim Hard Drive Formatter 1.42 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
Verbatim Product Update 1.06 (HKLM-x32\...\Verbatim Product Update_is1) (Version: - Verbatim)
ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.0.0 - Nikon Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebClient (HKLM-x32\...\WebClient) (Version: - )
Windows Driver Package - Android (WUDFRd) WPD (04/07/2011 5.2.5326.4762) (HKLM\...\78917410BE8040E4932D812DC4AE7CA774A40096) (Version: 04/07/2011 5.2.5326.4762 - Android)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (07/09/2013 8.0.0000.00000) (HKLM\...\DE12FF493B03DCC873171B8CEFC537806B127B52) (Version: 07/09/2013 8.0.0000.00000 - Google, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.6 - ZONER software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-17] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0 [2019-12-19] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-11-03] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2017-04-19] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1822121048-3009854048-383741908-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-D25DF724F523} -> [Creative Cloud Files] => C:\Users\Vladimir\Creative Cloud Files [2015-06-01 21:29]
CustomCLSID: HKU\S-1-5-21-1822121048-3009854048-383741908-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-04-09] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-02-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2014-04-09] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2014-03-14] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Vladimir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\Vladimir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --remote-debugging-port=9223

==================== Loaded Modules (Whitelisted) =============

2017-03-28 14:32 - 2017-03-28 14:32 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000326144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XercesLib.dll
2009-07-14 02:20 - 2009-07-14 02:40 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2014-04-01 20:06 - 2009-07-14 02:40 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2017-03-28 14:34 - 2017-03-28 14:34 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\ANT_WrappedLib.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\legacyio.dll
2017-02-14 08:42 - 2017-02-14 08:42 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\IMG_GPSMAP.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XMLdll.dll
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-08-01 00:46 - 2016-11-14 10:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2017-03-28 14:32 - 2017-03-28 14:32 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\DSI_SiUSBXp_3_1.DLL
2017-06-27 20:08 - 2015-08-18 14:42 - 004420608 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 18\Program32\sciter32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30 [138]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\dell.com -> dell.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-05-30 21:06 - 2019-11-26 23:41 - 000000092 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.1 mssplus.mcafee.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\QuickTime\QTSystem\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled)
Bezdrátové připojení k síti: HTC NDIS Protocol Driver -> MS_NDISPROT (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{747CAA5F-2B6A-4AFE-A3B2-1E1F6279F804}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0471BC2A-36E0-4514-9852-359297753052}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BE044462-DFD4-433F-A40A-0AF3B1C1BC87}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{BE39B61D-164A-429C-824D-87EE212D127F}C:\program files (x86)\abb\ego-n asistent 2\egon.exe] => (Allow) C:\program files (x86)\abb\ego-n asistent 2\egon.exe () [File not signed]
FirewallRules: [UDP Query User{471FB966-1A9C-4005-BF66-4E8575D612E1}C:\program files (x86)\abb\ego-n asistent 2\egon.exe] => (Allow) C:\program files (x86)\abb\ego-n asistent 2\egon.exe () [File not signed]
FirewallRules: [{159A630C-4720-4727-8ED1-733EE5BB222C}] => (Allow) C:\Users\Vladimir\Downloads\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{77B2A23B-2BD6-4615-B42E-F5817073C097}] => (Allow) C:\Users\Vladimir\Downloads\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0DE1F008-FE9A-4BEA-9C5A-8ED382307311}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{7170D73F-0606-4D68-B711-C3A2A6D3F825}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{8117C0FD-AC73-4289-8D2B-8433405A0426}] => (Allow) C:\Program Files\DxO Labs\DxO Optics Pro v9\DXOOpticsPro.exe (DxO Labs -> DxO Labs)
FirewallRules: [{50A00B2E-0426-43C5-B1A3-E581F5268C65}] => (Allow) C:\Program Files\DxO Labs\DxO Optics Pro v9\DXOOpticsPro.exe (DxO Labs -> DxO Labs)
FirewallRules: [{4E250BA5-02F7-45AF-8A9D-D18F2D04708A}] => (Allow) C:\Program Files\DxO Labs\DxO Optics Pro v9\DXOOpticsPro.exe (DxO Labs -> DxO Labs)
FirewallRules: [{3595C2E9-CBEB-4568-B9A9-636AFB1818E3}] => (Allow) C:\Program Files\DxO Labs\DxO Optics Pro v9\DXOOpticsPro.exe (DxO Labs -> DxO Labs)
FirewallRules: [TCP Query User{8638FB3D-D861-4653-B7EE-52C8262A5636}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{3802AEFD-A919-4932-9CD4-0B5FAF32D075}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{69900540-E0EA-4E72-B3FE-3598C0893530}C:\users\vladimir\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [UDP Query User{2AB35BE2-7EBA-4C8A-BFFA-0993865EF5B7}C:\users\vladimir\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\utorrent.exe No File
FirewallRules: [TCP Query User{9496F559-AFD3-4B6F-9538-065F25788999}C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe No File
FirewallRules: [UDP Query User{00D1271E-1BE3-4459-A96A-2AD8CFC28D73}C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe No File
FirewallRules: [TCP Query User{4C0828D2-5C70-4D25-B7F8-653D0686BDE7}C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe No File
FirewallRules: [UDP Query User{DA9F18E1-00BE-4351-B67C-636599602A86}C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe] => (Block) C:\users\vladimir\appdata\roaming\utorrent\updates\3.4.2_38913.exe No File
FirewallRules: [{FA552ECA-2E93-4B14-8CC2-B569585EC930}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe (Nero AG -> )
FirewallRules: [{A83F0008-87C9-4FEF-A5E8-CEED0879488D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{ED631FDB-B5C2-493B-9E27-6FD659633DFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6128511D-8958-4CA2-A961-5A71FFC7006F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{DA3BC9CD-3EC2-47C0-980F-6709868C263B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [TCP Query User{A27A958E-F574-4BB8-88C2-B0CF8E588B48}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [UDP Query User{8C289F14-7757-4822-A233-84C507CF29EB}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [{EDF36577-A234-435A-A09D-9125861FDB15}] => (Block) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [{FB7F92A4-CB1A-4732-9128-7C9F0C821391}] => (Block) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe (LG Electronics Inc. -> LG Electronics)
FirewallRules: [{54AE0FDA-FC87-4CE6-BDD3-B6CCE1569FF4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{73DBFF72-F495-414D-B0C7-115D8508B448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{DBC65E67-D1B5-4718-BE73-7BAD8CAA2E0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{430772D8-0987-49AE-9F49-975723D460BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9F488015-37D5-46FB-AA5C-2CB033634109}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F52732F1-AFB3-49AC-9C0C-708CE6727495}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{D1F3A16A-C50B-4E3B-9A33-C1C3D8521CD3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{468E9AF5-C3D7-4426-B33C-294847FAFBB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E56B6B54-06A2-418D-BA62-F048CB7A0F24}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C4D6B147-CB2B-42DD-8787-E992C23DA42B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4177C00B-EE4A-40A0-95E8-8ACE6EDADD13}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8E4B1DB1-4224-4C1C-9AE9-20CDFB1840C5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B1110BB4-BF37-4DE2-BD3C-78C5FC368567}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFDB4C76-430F-4A45-BFD5-ABCC22244D8A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6B38341-4C08-40F4-B114-9EDDC92172D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{740418F7-186A-4BB0-BADE-3300AC0A5356}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DBC3379-AE69-447A-8596-61560076BC39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2D12CD99-058E-4866-A479-570B9E98DBED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{939A0238-B2CA-4E03-818D-BE94F9F5B8B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D5CBBAF1-12A5-46A1-B901-B4A0982C804F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.122.633.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/27/2019 05:27:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2028,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/27/2019 05:22:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14076,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/27/2019 05:13:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5652,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/27/2019 04:28:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3336,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/27/2019 04:08:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10020,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/27/2019 03:59:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11872,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/27/2019 03:53:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10708,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/27/2019 03:46:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: esu.exe, verze: 1.0.0.0, časové razítko: 0x58dac8d5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.535, časové razítko: 0x5bd9df62
Kód výjimky: 0xe0434352
Posun chyby: 0x001135d2
ID chybujícího procesu: 0x3874
Čas spuštění chybující aplikace: 0x01d5bcc47bf3c1ba
Cesta k chybující aplikaci: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ffb73470-1ae7-4011-aba0-c1ab708d9c5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (12/27/2019 05:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Vladimir-PC)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/27/2019 05:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Vladimir-PC)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/27/2019 05:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Vladimir-PC)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/27/2019 05:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Vladimir-PC)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/27/2019 05:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Vladimir-PC)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/27/2019 05:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Vladimir-PC)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/27/2019 05:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Vladimir-PC)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/27/2019 05:01:13 PM) (Source: DCOM) (EventID: 10010) (User: Vladimir-PC)
Description: Server {1EF75F33-893B-4E8F-9655-C3D602BA4897} se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
===================================
Date: 2019-12-24 19:44:39.692
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8F77E8F5-0110-4410-842C-17DCB3CF5390}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-24 18:12:21.657
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D0BAAD15-0ADF-4D84-A289-6AFB148644D7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-24 18:01:22.091
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {68E767F9-E3E3-449F-A115-C7608A02BA68}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-24 17:53:13.094
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6080681C-23D9-4CDF-8CF0-32052584DF91}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-24 15:07:30.029
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D2EDD592-1F1C-46C3-BF71-D1DFAABEDF25}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: Award Software International, Inc. F7 08/31/2009
Motherboard: Gigabyte Technology Co., Ltd. EP45-UD3LR
Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 8190.46 MB
Available physical RAM: 3769.37 MB
Total Virtual: 16382.46 MB
Available Virtual: 12235.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.74 GB) (Free:5.69 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:12.94 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:1863.01 GB) (Free:25.78 GB) NTFS
Drive h: (Verbatim HDD) (Fixed) (Total:1630.14 GB) (Free:23.71 GB) NTFS

\\?\Volume{11834c50-0000-0000-0000-20af37000000}\ () (Fixed) (Total:0.83 GB) (Free:0.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 11834C50)
Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=853 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F462D24F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: FA67A002)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Size: 1630.1 GB) (Disk ID: 7C6E4192)
Partition 1: (Not Active) - (Size=1630.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 27 pro 2019 19:06

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {009307BB-1456-4C08-A044-EBDC89C887B4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0169D2A6-CC93-4E9F-8DDB-F30C42593E52} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {217081FB-A88D-4DDF-8424-1048BCCEB8BE} - \Reimage Reminder -> No File <==== ATTENTION
Task: {22E2131B-3F83-4253-AA63-A16BCA5DD91F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {245942BB-81E1-4266-98D7-248B8225C755} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {32A03337-44C6-4658-8840-F2689FE27B64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {36FE0783-A9BF-4F66-962A-C20910E7D341} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
ask: {3CB7C269-8BAD-4077-95AD-1A47A4926E55} - System32\Tasks\{92BAE46E-7FB0-41D7-8D4F-7DDB9FD88AEF} => C:\Windows\system32\pcalua.exe -a C:\Users\Vladimir\Downloads\install\S-CNX2__-020301WU-___EN-ALL___.exe -d C:\Users\Vladimir\Downloads\install
Task: {3D9F7CD2-3331-4C72-A795-4A47E6B35148} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {53236378-B38E-4C92-BE4F-2A5CE9DB74FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4CB5DCD3-C72C-4A89-8EF9-500712B6AECB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6BDE3817-4600-4E6F-A4FC-DD4437459B64} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {6E90CAC4-7650-475A-8A17-C764D1D8F6C9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {70DC75D4-01E7-4064-B1A6-585618CB0F19} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {75694CA5-A9AB-4520-B690-B6C4F5879610} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {88F11029-D52B-40E3-A596-D3DB3C30D277} - \ReimageUpdater -> No File <==== ATTENTION
Task: {99C1F44F-9956-45C3-B516-A0BCEB31F55D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B3B291E1-F902-4F8B-89EA-9C871B124ACB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C11C580E-2AA0-487D-AB6F-48DB796EC30E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E13D46A2-1855-46E9-AA59-B58ACDF3B38D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
U3 idsvc; no ImagePath
C:\ProgramData\McAfee Security Scan
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d1ec2a61db19e5
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d1ec2a61b6c888
C:\Users\Vladimir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{73DBFF72-F495-414D-B0C7-115D8508B448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

ed · #9 Příspěvek od ed » 27 pro 2019 19:14

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by Vladimir (27-12-2019 19:12:13) Run:1
Running from C:\Users\Vladimir\Desktop
Loaded Profiles: Vladimir (Available Profiles: Vladimir & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1822121048-3009854048-383741908-1001\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {009307BB-1456-4C08-A044-EBDC89C887B4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0169D2A6-CC93-4E9F-8DDB-F30C42593E52} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {217081FB-A88D-4DDF-8424-1048BCCEB8BE} - \Reimage Reminder -> No File <==== ATTENTION
Task: {22E2131B-3F83-4253-AA63-A16BCA5DD91F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {245942BB-81E1-4266-98D7-248B8225C755} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {32A03337-44C6-4658-8840-F2689FE27B64} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {36FE0783-A9BF-4F66-962A-C20910E7D341} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
ask: {3CB7C269-8BAD-4077-95AD-1A47A4926E55} - System32\Tasks\{92BAE46E-7FB0-41D7-8D4F-7DDB9FD88AEF} => C:\Windows\system32\pcalua.exe -a C:\Users\Vladimir\Downloads\install\S-CNX2__-020301WU-___EN-ALL___.exe -d C:\Users\Vladimir\Downloads\install
Task: {3D9F7CD2-3331-4C72-A795-4A47E6B35148} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {53236378-B38E-4C92-BE4F-2A5CE9DB74FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4CB5DCD3-C72C-4A89-8EF9-500712B6AECB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6BDE3817-4600-4E6F-A4FC-DD4437459B64} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {6E90CAC4-7650-475A-8A17-C764D1D8F6C9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {70DC75D4-01E7-4064-B1A6-585618CB0F19} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {75694CA5-A9AB-4520-B690-B6C4F5879610} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {88F11029-D52B-40E3-A596-D3DB3C30D277} - \ReimageUpdater -> No File <==== ATTENTION
Task: {99C1F44F-9956-45C3-B516-A0BCEB31F55D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B3B291E1-F902-4F8B-89EA-9C871B124ACB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C11C580E-2AA0-487D-AB6F-48DB796EC30E} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E13D46A2-1855-46E9-AA59-B58ACDF3B38D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
U3 idsvc; no ImagePath
C:\ProgramData\McAfee Security Scan
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d1ec2a61db19e5
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d1ec2a61b6c888
C:\Users\Vladimir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{73DBFF72-F495-414D-B0C7-115D8508B448}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1822121048-3009854048-383741908-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{009307BB-1456-4C08-A044-EBDC89C887B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{009307BB-1456-4C08-A044-EBDC89C887B4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0169D2A6-CC93-4E9F-8DDB-F30C42593E52}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0169D2A6-CC93-4E9F-8DDB-F30C42593E52}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{217081FB-A88D-4DDF-8424-1048BCCEB8BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217081FB-A88D-4DDF-8424-1048BCCEB8BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Reimage Reminder" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22E2131B-3F83-4253-AA63-A16BCA5DD91F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22E2131B-3F83-4253-AA63-A16BCA5DD91F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{245942BB-81E1-4266-98D7-248B8225C755}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{245942BB-81E1-4266-98D7-248B8225C755}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32A03337-44C6-4658-8840-F2689FE27B64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32A03337-44C6-4658-8840-F2689FE27B64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36FE0783-A9BF-4F66-962A-C20910E7D341}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36FE0783-A9BF-4F66-962A-C20910E7D341}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
ask: {3CB7C269-8BAD-4077-95AD-1A47A4926E55} - System32\Tasks\{92BAE46E-7FB0-41D7-8D4F-7DDB9FD88AEF} => C:\Windows\system32\pcalua.exe -a C:\Users\Vladimir\Downloads\install\S-CNX2__-020301WU-___EN-ALL___.exe -d C:\Users\Vladimir\Downloads\install => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D9F7CD2-3331-4C72-A795-4A47E6B35148}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D9F7CD2-3331-4C72-A795-4A47E6B35148}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53236378-B38E-4C92-BE4F-2A5CE9DB74FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53236378-B38E-4C92-BE4F-2A5CE9DB74FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CB5DCD3-C72C-4A89-8EF9-500712B6AECB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CB5DCD3-C72C-4A89-8EF9-500712B6AECB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BDE3817-4600-4E6F-A4FC-DD4437459B64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BDE3817-4600-4E6F-A4FC-DD4437459B64}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E90CAC4-7650-475A-8A17-C764D1D8F6C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E90CAC4-7650-475A-8A17-C764D1D8F6C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70DC75D4-01E7-4064-B1A6-585618CB0F19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70DC75D4-01E7-4064-B1A6-585618CB0F19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75694CA5-A9AB-4520-B690-B6C4F5879610}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75694CA5-A9AB-4520-B690-B6C4F5879610}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88F11029-D52B-40E3-A596-D3DB3C30D277}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88F11029-D52B-40E3-A596-D3DB3C30D277}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99C1F44F-9956-45C3-B516-A0BCEB31F55D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99C1F44F-9956-45C3-B516-A0BCEB31F55D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B3B291E1-F902-4F8B-89EA-9C871B124ACB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3B291E1-F902-4F8B-89EA-9C871B124ACB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C11C580E-2AA0-487D-AB6F-48DB796EC30E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C11C580E-2AA0-487D-AB6F-48DB796EC30E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E13D46A2-1855-46E9-AA59-B58ACDF3B38D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E13D46A2-1855-46E9-AA59-B58ACDF3B38D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\ProgramData\McAfee Security Scan => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d1ec2a61db19e5 => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d1ec2a61b6c888 => moved successfully
C:\Users\Vladimir\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73DBFF72-F495-414D-B0C7-115D8508B448}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 156065898 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 10879261 B
Edge => 2936226 B
Chrome => 318879202 B
Firefox => 5958688 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 228128 B
Vladimir => 1171984275 B
DefaultAppPool => 1171984275 B

RecycleBin => 472581043 B
EmptyTemp: => 3.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 19:13:44 ====

#10 Příspěvek od **Rudy** » 27 pro 2019 19:58

Smazáno. Nastala nějaká změna?

ed · #11 Příspěvek od ed » 27 pro 2019 21:20

Zatím bez zámrzu,uvidíme v následujících hodinách.

Díky moc!

#12 Příspěvek od **Rudy** » 27 pro 2019 21:54

Zatím není zač!

VIRY.CZ

Zamrzání PC

Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC

Re: Zamrzání PC