VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2019 01
Ran by HP (administrator) on HP-PC (18-01-2019 13:44:21)
Running from C:\Users\HP.HP-PC\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Loaded Profiles: HP (Available Profiles: HP & Administrator)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\regedit.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Farbar) C:\Users\HP.HP-PC\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-08-24] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] C:\WINDOWS\SYSTEM32\0 [0 2016-06-18] ()
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] C:\WINDOWS\SYSTEM32\0 [0 2016-06-18] ()
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\HP.HP-PC\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\HP.HP-PC\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\RunOnce: [Uninstall 18.240.1202.0003\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\HP.HP-PC\AppData\Local\Microsoft\OneDrive\18.240.1202.0003\amd64"
HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\RunOnce: [Uninstall 18.240.1202.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\HP.HP-PC\AppData\Local\Microsoft\OneDrive\18.240.1202.0003"
HKLM\...\Drivers32: [VIDC.FPS1] => frapsv64.dll
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32-x32: [VIDC.FPS1] => frapsvid.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-13] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2012-09-27] (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-09-02]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{2506727a-803a-449b-ae7a-f0472e16141d}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{879f889a-b56c-49c0-8b37-8db4b760d4ef}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b5dcf707-8d1d-40a4-b930-506c916c698c}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-12-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-11-14] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-13] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-14] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-14] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-13] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-14] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-01-14] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-08-15] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-09-28] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-12-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-08-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Default [2019-01-18]
CHR Extension: (Seznam doplněk - Email) - C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-01-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-14]
CHR Extension: (Chrome Media Router) - C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-14]
CHR HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9619816 2019-01-04] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-27] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-14] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-14] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
S3 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [22568 2014-08-12] (IVT Corporation.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-20] (Malwarebytes)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-10-23] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [376448 2013-11-01] (Huawei Technologies Co., Ltd.)
S3 IvtAudioBusSrv; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtPanBusSrv; C:\WINDOWS\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-13] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-14] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-18] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-18] (Malwarebytes)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2018-12-14] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2018-12-14] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-14] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-18 13:44 - 2019-01-18 13:44 - 000000000 ____D C:\FRST
2019-01-18 10:12 - 2019-01-18 13:37 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\MicrosoftEdge
2019-01-18 10:12 - 2019-01-18 10:12 - 000000000 ___HD C:\Users\HP.HP-PC\MicrosoftEdgeBackups
2019-01-18 10:00 - 2019-01-18 10:00 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\D3DSCache
2019-01-18 08:06 - 2019-01-18 08:06 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\mbam
2019-01-15 09:39 - 2019-01-15 09:39 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\FreeFileViewer
2019-01-15 08:59 - 2019-01-15 08:59 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\DBG
2019-01-15 08:38 - 2019-01-15 08:38 - 000009591 _____ C:\Users\HP.HP-PC\Downloads\e0ca85b1-b821-46b7-8516-17664a65ce61 (1)
2019-01-15 06:06 - 2019-01-15 06:06 - 000000884 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk
2019-01-15 06:06 - 2019-01-15 06:06 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-01-15 06:06 - 2019-01-15 06:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2019-01-15 05:59 - 2019-01-15 06:00 - 043584600 _____ (EaseUS ) C:\Users\HP.HP-PC\Downloads\drw_setup.exe
2019-01-14 18:50 - 2019-01-14 20:28 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\vlc
2019-01-14 18:37 - 2019-01-14 18:37 - 000000000 ____D C:\Users\HP.HP-PC\Documents\Vlastní šablony Office
2019-01-14 16:56 - 2019-01-14 16:56 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\Hewlett-Packard
2019-01-14 13:35 - 2019-01-14 13:35 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\Publishers
2019-01-14 11:01 - 2019-01-18 11:50 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-14 11:01 - 2019-01-18 07:45 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-14 11:01 - 2019-01-14 11:01 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-14 11:01 - 2019-01-14 11:01 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-14 10:53 - 2019-01-14 10:53 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\PeerDistRepub
2019-01-14 10:48 - 2019-01-14 16:09 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\PlaceholderTileLogoFolder
2019-01-14 10:34 - 2019-01-14 10:37 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\FreeFileViewer
2019-01-14 10:34 - 2019-01-14 10:37 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\FinalMediaPlayer
2019-01-14 03:33 - 2019-01-18 08:05 - 000002435 _____ C:\Users\HP.HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-14 03:33 - 2019-01-18 08:05 - 000000000 ___RD C:\Users\HP.HP-PC\OneDrive
2019-01-14 03:30 - 2019-01-18 07:53 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz
2019-01-14 03:29 - 2019-01-18 09:14 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\Adobe
2019-01-14 03:29 - 2019-01-14 03:29 - 000001417 _____ C:\Users\HP.HP-PC\Desktop\Microsoft Edge.lnk
2019-01-14 03:29 - 2019-01-14 03:29 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\VirtualStore
2019-01-14 03:28 - 2019-01-18 13:41 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\Packages
2019-01-14 03:28 - 2019-01-18 10:12 - 000000000 ____D C:\Users\HP.HP-PC
2019-01-14 03:28 - 2019-01-15 04:45 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\Adobe
2019-01-14 03:28 - 2019-01-14 05:04 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\ConnectedDevicesPlatform
2019-01-14 03:28 - 2019-01-14 03:55 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\Google
2019-01-14 03:28 - 2019-01-14 03:28 - 000000020 ___SH C:\Users\HP.HP-PC\ntuser.ini
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Šablony
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Soubory cookie
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Poslední
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Okolní tiskárny
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Okolní síť
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Nabídka Start
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Dokumenty
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Documents\Obrázky
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Documents\Hudba
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Documents\Filmy
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\Data aplikací
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 _SHDL C:\Users\HP.HP-PC\AppData\Local\Data aplikací
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 ___RD C:\Users\HP.HP-PC\Virtual Machines
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 ___RD C:\Users\HP.HP-PC\3D Objects
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\Synaptics
2019-01-14 03:28 - 2019-01-14 03:28 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\mbamtray
2019-01-14 03:28 - 2017-12-18 08:03 - 000001205 _____ C:\Users\HP.HP-PC\Desktop\T-Mobile Internet Manager.lnk
2019-01-14 03:28 - 2016-09-28 16:21 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\TuneUp Software
2019-01-14 03:28 - 2016-09-28 16:21 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Roaming\Media Center Programs
2019-01-14 03:28 - 2016-09-28 16:21 - 000000000 ____D C:\Users\HP.HP-PC\AppData\Local\AVG
2019-01-14 03:00 - 2019-01-14 03:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\DBG
2019-01-13 16:28 - 2019-01-13 16:28 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\WinRAR
2019-01-13 16:10 - 2019-01-13 16:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\FreeFileViewer
2019-01-13 15:52 - 2019-01-13 15:52 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2019-01-13 15:45 - 2019-01-13 15:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2019-01-13 15:32 - 2019-01-13 15:32 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-13 15:27 - 2019-01-13 15:27 - 000003756 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2019-01-13 15:27 - 2019-01-13 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2019-01-13 15:26 - 2019-01-13 15:27 - 000295130 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt
2019-01-13 15:26 - 2019-01-13 15:26 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2019-01-13 12:27 - 2019-01-13 12:27 - 000000000 ____D C:\Users\Administrator\AppData\Local\GHISLER
2019-01-13 12:25 - 2019-01-13 12:25 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\GHISLER
2019-01-13 12:01 - 2019-01-14 03:06 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-13 12:01 - 2019-01-13 12:01 - 000002884 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-13 12:00 - 2019-01-13 12:00 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-13 12:00 - 2019-01-13 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-13 11:59 - 2019-01-13 12:01 - 000000000 ____D C:\Program Files\CCleaner
2019-01-13 11:57 - 2019-01-18 09:19 - 000000000 ____D C:\Program Files\Recuva
2019-01-13 11:57 - 2019-01-13 11:57 - 000001699 _____ C:\Users\Public\Desktop\Recuva.lnk
2019-01-13 11:57 - 2019-01-13 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2019-01-13 11:56 - 2019-01-13 11:56 - 005473600 _____ (Piriform Ltd) C:\Users\Administrator\Downloads\rcsetup153.exe
2019-01-13 11:49 - 2019-01-13 11:49 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2019-01-13 11:47 - 2019-01-13 12:02 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2857369919-3782095254-1905678099-500
2019-01-13 11:38 - 2019-01-13 17:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2019-01-13 11:38 - 2019-01-13 12:02 - 000000000 ___RD C:\Users\Administrator\OneDrive
2019-01-13 11:35 - 2019-01-13 11:35 - 000000000 ____D C:\Users\Administrator\AppData\Local\mbamtray
2019-01-13 11:33 - 2019-01-14 03:05 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Seznam.cz
2019-01-13 11:33 - 2019-01-13 11:34 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2019-01-13 11:33 - 2019-01-13 11:33 - 000001417 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2019-01-13 11:33 - 2019-01-13 11:33 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2019-01-13 11:32 - 2019-01-13 11:33 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2019-01-13 11:32 - 2019-01-13 11:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2019-01-13 11:31 - 2019-01-13 11:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2019-01-13 11:31 - 2019-01-13 11:31 - 000000000 ___RD C:\Users\Administrator\Virtual Machines
2019-01-13 11:31 - 2019-01-13 11:31 - 000000000 ___RD C:\Users\Administrator\3D Objects
2019-01-13 11:30 - 2019-01-13 17:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-01-13 11:30 - 2019-01-13 12:08 - 000000000 ____D C:\Users\Administrator
2019-01-13 11:30 - 2019-01-13 12:02 - 000002446 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-13 11:30 - 2019-01-13 11:36 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2019-01-13 11:30 - 2019-01-13 11:31 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2019-01-13 11:30 - 2019-01-13 11:30 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Šablony
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Poslední
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2019-01-13 11:30 - 2019-01-13 11:30 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Synaptics
2019-01-13 11:30 - 2017-12-18 08:03 - 000001205 _____ C:\Users\Administrator\Desktop\T-Mobile Internet Manager.lnk
2019-01-13 11:30 - 2016-09-28 16:21 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\TuneUp Software
2019-01-13 11:30 - 2016-09-28 16:21 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2019-01-13 11:30 - 2016-09-28 16:21 - 000000000 ____D C:\Users\Administrator\AppData\Local\AVG
2019-01-13 10:52 - 2019-01-13 10:53 - 000000000 ____D C:\Program Files (x86)\R-Studio
2019-01-12 22:14 - 2019-01-12 22:39 - 000000000 ___HD C:\$SysReset
2019-01-12 21:03 - 2019-01-12 21:57 - 000000000 ____D C:\Users\TEMP.HP-PC.000\AppData\Local\Packages
2019-01-12 21:02 - 2019-01-12 21:57 - 000000000 ____D C:\Users\TEMP.HP-PC.000
2019-01-12 19:33 - 2019-01-12 19:35 - 000000000 ____D C:\Users\TEMP.HP-PC
2019-01-12 09:26 - 2019-01-12 09:27 - 002510704 _____ (Beepa Pty Ltd) C:\Users\HP\Downloads\setup.exe
2019-01-10 11:42 - 2019-01-10 11:42 - 000000080 ___SH C:\bootTel.dat
2019-01-09 09:04 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 09:03 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 09:03 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 09:03 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 09:03 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 09:03 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 09:03 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 09:03 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 09:03 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 09:03 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 09:03 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 09:03 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 09:03 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 09:03 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 09:03 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 09:03 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 09:03 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 09:03 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 09:03 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 09:03 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 09:03 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 09:03 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 09:03 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 09:03 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 09:03 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 09:03 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 09:03 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 09:03 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 09:03 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 09:03 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 09:03 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 09:03 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 09:03 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 09:03 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 09:03 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 09:03 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 09:03 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 09:03 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 09:03 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 09:03 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 09:03 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 09:03 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 09:03 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 09:03 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 09:03 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 09:03 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 09:03 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 09:03 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 09:03 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 09:03 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 09:03 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 09:03 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 09:03 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 09:03 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 09:03 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 09:03 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 09:03 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 09:03 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 09:03 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 09:03 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 09:03 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 09:03 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 09:03 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 09:03 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 09:03 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 09:03 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 09:03 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 09:03 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 09:03 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 09:03 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 09:03 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 09:03 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 09:03 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 09:03 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 09:03 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 09:03 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 09:03 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 09:03 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 09:03 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 09:03 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 09:03 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 09:03 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 09:03 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 09:03 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 09:03 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 09:03 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 09:03 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-12-31 19:02 - 2018-12-31 19:02 - 000000000 ____D C:\Users\HP\AppData\Local\Wondershare
2018-12-31 18:59 - 2018-12-31 19:09 - 000000000 ____D C:\Users\HP\Documents\Wondershare Filmora
2018-12-31 18:55 - 2018-12-31 19:03 - 000000000 ____D C:\Users\Public\Documents\iSkysoft
2018-12-31 18:21 - 2019-01-01 05:43 - 000003178 _____ C:\WINDOWS\System32\Tasks\FRAPS
2018-12-25 20:36 - 2018-12-25 20:36 - 000122159 _____ C:\Users\HP\Downloads\Torrente.5.2014.720p.BluRay.DD5.1.x264-HiFi.EN.srt
2018-12-25 12:46 - 2019-01-18 10:26 - 000000000 ____D C:\TEMP
2018-12-25 12:43 - 2019-01-01 05:44 - 000000000 ____D C:\Users\HP\AppData\Roaming\IrfanView
2018-12-25 12:43 - 2019-01-01 05:44 - 000000000 ____D C:\Program Files\IrfanView
2018-12-25 12:38 - 2018-12-25 12:38 - 000000000 ____D C:\Users\HP\Downloads\Languages
2018-12-25 12:38 - 2018-12-25 12:38 - 000000000 ____D C:\Languages
2018-12-20 14:43 - 2019-01-13 15:31 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-12-20 11:36 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 11:35 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 11:35 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 11:35 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 11:35 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 11:35 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 11:35 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 11:35 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 11:35 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 11:35 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 11:35 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 11:35 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 11:35 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 11:35 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 11:35 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 11:35 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 11:35 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-18 13:41 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-18 13:41 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-18 09:47 - 2018-05-25 03:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-18 08:15 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-18 08:05 - 2018-05-25 04:35 - 000003352 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2857369919-3782095254-1905678099-1000
2019-01-18 08:05 - 2016-01-03 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-18 08:02 - 2016-01-03 11:39 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-18 08:02 - 2016-01-03 11:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-18 08:01 - 2018-11-17 15:01 - 000000000 ____D C:\Program Files\rempl
2019-01-18 07:43 - 2018-05-25 04:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-14 10:59 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-14 04:06 - 2016-02-26 20:13 - 000000000 ____D C:\Program Files\Microsoft Office
2019-01-14 03:28 - 2015-12-01 21:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-14 03:07 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-13 13:21 - 2017-05-21 16:15 - 000000000 ____D C:\Users\HP\Downloads\violetka
2019-01-13 13:17 - 2018-10-25 09:41 - 000000000 ____D C:\Users\HP\Documents\Corel User Files
2019-01-13 13:13 - 2018-09-30 05:30 - 000000000 ____D C:\Users\HP\Documents\ostatní podívat se a vymazat
2019-01-13 13:10 - 2016-04-12 05:08 - 000000000 ____D C:\Users\HP\Documents\traficon
2019-01-13 11:49 - 2018-07-10 13:11 - 000000000 ____D C:\ProgramData\Packages
2019-01-13 11:48 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-01-13 11:16 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-13 08:10 - 2018-09-30 05:43 - 000000000 ____D C:\Users\HP\škola
2019-01-12 21:53 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-01-12 18:54 - 2016-08-26 07:35 - 000007598 _____ C:\Users\HP\AppData\Local\resmon.resmoncfg
2019-01-12 17:38 - 2018-05-25 04:35 - 000004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3ECD56B1-C828-4A4D-9761-1149D13AEC0D}
2019-01-12 07:29 - 2015-11-27 13:08 - 000000000 ____D C:\Users\HP\AppData\Local\Adobe
2019-01-12 05:36 - 2017-12-19 03:39 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2019-01-10 12:10 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-01-10 11:45 - 2018-05-25 03:42 - 005195560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-09 20:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 20:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 09:39 - 2015-11-19 11:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 09:30 - 2015-11-19 11:06 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-08 16:10 - 2018-05-25 04:35 - 000004628 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-08 16:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 16:09 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-04 16:08 - 2018-05-25 17:20 - 000000000 ____D C:\Users\HP\AppData\Local\PlaceholderTileLogoFolder
2019-01-02 20:41 - 2018-11-15 05:24 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-15 05:24 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-01 17:40 - 2016-03-11 08:22 - 000000000 ____D C:\Users\HP\AppData\Local\ElevatedDiagnostics
2019-01-01 05:50 - 2016-01-08 19:14 - 000000000 ____D C:\Users\HP\AppData\Roaming\TeamViewer
2019-01-01 05:50 - 2016-01-08 19:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-12-31 19:08 - 2016-04-28 11:05 - 000000000 ____D C:\ProgramData\wondershare
2018-12-25 20:36 - 2015-11-19 11:53 - 000000000 ____D C:\KMPlayer
2018-12-22 03:58 - 2018-05-25 04:35 - 000003628 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-HP-PC-HP
2018-12-21 05:21 - 2018-05-25 04:09 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-21 05:21 - 2018-04-12 16:51 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-21 05:21 - 2018-04-12 16:51 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-20 14:41 - 2018-09-25 11:37 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-20 04:00 - 2018-05-25 04:35 - 000003472 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-20 04:00 - 2018-05-25 04:35 - 000003348 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 20:23 - 2018-05-25 03:49 - 000000000 ____D C:\Users\HP

==================== Files in the root of some directories =======

2019-01-15 04:45 - 2019-01-15 04:45 - 000000000 _____ () C:\Users\HP.HP-PC\AppData\Local\oobelibMkey.log

Some files in TEMP:
====================
2019-01-01 05:44 - 2018-12-25 12:43 - 000141280 _____ (Irfan Skiljan, IrfanView) C:\Users\HP\AppData\Local\Temp\iv_uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-25 03:42

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.01.2019 01
Ran by HP (18-01-2019 13:47:10)
Running from C:\Users\HP.HP-PC\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-05-25 03:38:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2857369919-3782095254-1905678099-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2857369919-3782095254-1905678099-503 - Limited - Disabled)
Guest (S-1-5-21-2857369919-3782095254-1905678099-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2857369919-3782095254-1905678099-1002 - Limited - Enabled)
HP (S-1-5-21-2857369919-3782095254-1905678099-1000 - Administrator - Enabled) => C:\Users\HP.HP-PC
WDAGUtilityAccount (S-1-5-21-2857369919-3782095254-1905678099-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7 Sticky Notes (HKLM-x32\...\{2DB7DD8E-F17B-408A-B93B-92867EF7974D}_is1) (Version: - Fabio Martin)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2017 (HKLM-x32\...\DRWV_17_0_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Any Video Recorder version 1.0.2 (HKLM-x32\...\{17D86E62-4849-49BC-83D2-FA369CEEA9D9}_is1) (Version: 1.0.2 - anvsoft, Inc.)
AT&T Labs' Natural Voices 1.4 - Desktop Runtime (HKLM-x32\...\AT&T Labs' Natural Voices 1.4 - Desktop Runtime_is1) (Version: 1.4.0916 - AT&T Labs)
Balíček ovladače systému Windows - Broadcom Corporation (bcbtums) Bluetooth (07/14/2015 12.0.1.658) (HKLM\...\BABE4E18F2E0DA329C1139E5584082BBE6F64E5F) (Version: 07/14/2015 12.0.1.658 - Broadcom Corporation)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.03 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Corel Graphics Suite 11 (HKLM-x32\...\{07A540AB-D785-11D5-8E89-0090275862A0}) (Version: 11 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 11 (HKLM-x32\...\InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}) (Version: 11 - Corel Corporation)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 16.501 (20160601_14) - CÍGLER SOFTWARE, a.s.)
Epic Pen (HKLM-x32\...\Epic Pen_is1) (Version: - Brian Hoary)
Final Media Player 2014 (HKLM-x32\...\FinalMediaPlayer_is1) (Version: 2015.02.27.00 - Bitberry Software) <==== ATTENTION
Flexibooks 4.5.7 (64 bit) (HKLM\...\{49CA9C80-7A38-44A6-860B-F14A445D1049}) (Version: 4.5.7 - Fraus Media s.r.o. 2016)
FM PDF To Word Converter Pro 3.05 (HKLM-x32\...\FM PDF To Word Converter Pro_is1) (Version: 3.05 - )
Free File Viewer 2014 (HKLM-x32\...\FreeFileViewer_is1) (Version: 2014.2.16.0 - Bitberry Software) <==== ATTENTION
Free PDF To Word Converter 2.25 (HKLM-x32\...\Free PDF To Word Converter_is1) (Version: 2.25 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\{DC7D9EC9-2AD1-33A7-92CF-5F5051E62843}) (Version: 71.0.3578.98 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Quick Launch (HKLM-x32\...\{77CC64F2-74CE-47D7-A4B0-5AEBA688FC69}) (Version: 3.0.5 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{3D6FF65E-EE93-4D90-B5D7-0DC856E2AFEB}) (Version: 12.10.49.21 - HP)
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 5.01.05.00 - )
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2857 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)
K-Lite Codec Pack 11.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.5 - )
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.18 - PandoraTV)
LibreOffice 5.0.3.2 (HKLM\...\{F6536765-3E8F-4D1E-9833-0A89F4681D79}) (Version: 5.0.3.2 - The Document Foundation)
Macromedia Flash Player 8 Plugin (HKLM-x32\...\{91057632-CA70-413C-B628-2D3CDBBB906B}) (Version: 8.0.22.0 - Macromedia)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\OneDriveSetup.exe) (Version: 19.002.0107.0006 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11126.20266 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)
Mobirise4 (HKLM-x32\...\Mobirise4_is1) (Version: - Mobirise.com)
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Mozilla Thunderbird 45.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.5.0 (x86 cs)) (Version: 45.5.0 - Mozilla)
MRP Aktualizační manažer (HKLM-x32\...\MRP NetAgent CZ_is1) (Version: 2.3.32 - MRP)
MRP Mzdy a personalistika - zkušební verze (HKLM-x32\...\MRP Mzdy a personalistika CZ - demoverze_is1) (Version: 7.80.3 - MRP)
MRP Základ vizuálního systému (HKLM-x32\...\MRP Zaklad_is1) (Version: 7.80.3 - MRP)
NetBeans IDE 8.2 (HKLM\...\nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 - NetBeans.org)
Nvu 1.0 (HKLM-x32\...\Nvu) (Version: 1.0 - CZilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11126.20266 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.25.824.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11073 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
R-Studio 8.8 (HKLM-x32\...\R-Studio 8.8NSIS) (Version: 8.8.172035 - R-Tools Technology Inc.)
Seznam Software (HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
SmartPivot (HKLM-x32\...\{482FB944-ACF8-4D8D-8188-27250AC9689B}) (Version: 2.38.0.0 - DevScope)
StormWare Pamica DEMO (HKLM-x32\...\{5E370270-B614-4708-893A-C48F0173201D}) (Version: 5.1.11201.12 - StormWare) Hidden
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
Stylizer 6 (HKLM-x32\...\Skybound Stylizer 6) (Version: 6 - Skybound Research Inc.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.4.1 - Tweaking.com)
Unknown File Handler (HKLM-x32\...\UFH_is1) (Version: 2015.12.29.0 - File.org)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9188 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.2700 - Broadcom)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.30-1 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1038CFF5-328D-4EC2-AFFB-B19003A05C06} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10F0482A-F3B0-4E84-BBC5-7CC0F7F80539} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {192B6B97-2856-491C-9D12-ACBCC16F8D1F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {19E3D4DF-4E4D-4460-A94F-B531F83352D5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-13] (Microsoft Corporation)
Task: {1C9F0627-6D05-4955-9425-07E0D806636D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22B2C5B8-AA76-44F5-96E7-4AEB09253677} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {29AB1878-9B32-41A9-85BA-F23D2DEA7BBD} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E5DF04A-22CD-44C9-B7A6-1E6767A6BA9C} - System32\Tasks\{1AE57CCB-7222-4E61-A5DE-72A23B9B0CA0} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Corel\Corel Graphics 11\Programs\CorelPP.exe" -d "C:\Program Files (x86)\Corel\Corel Graphics 11\Programs\"
Task: {34587DCA-A82E-4E6C-B7B9-9FA1314233AF} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {3ECDD6FC-6180-494A-8273-815CE397BA16} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {422514BF-ECF9-4331-8264-71A1258F1327} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-12-13] (Microsoft Corporation)
Task: {424F028C-0920-43E8-BC1E-6BE1E5755A9D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {439C2746-FE68-4E65-84D0-CB90ADEA2FA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {452346C1-1CFB-40C6-ADBC-4840AC58A8E7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {460C52B5-43B0-415A-AB3C-B024FD7550E8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {480BE527-BEAD-4DB5-BB21-D44D86910EE4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {49370BD7-E65D-4E29-B1B6-1F6F5547BEC6} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe
Task: {4CF8BDB9-9325-4E4A-B711-047F6CE3F96F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {527AEF50-DBED-46BC-B3E9-74E1F9E59929} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {59A8D274-36AB-4A7E-BAED-6A062EBA15D1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2019-01-14] (Microsoft Corporation)
Task: {5A2B9E1E-FAFD-4F03-B749-5AE1A8DB5D3A} - System32\Tasks\AdobeAAMUpdater-1.0-HP-PC-HP => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {5C8B6948-8513-4BB3-97C9-363DD78E5843} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {695E08A6-A73F-4B2C-A52A-C04626637C1C} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2015-12-30] (Bitberry Software) <==== ATTENTION
Task: {7038AF08-8659-4F70-B803-4F423D17D626} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {707FEB61-B23C-42EF-985A-E3824F5240FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-14] (Microsoft Corporation)
Task: {7096A1DF-809D-4538-AE61-FB69FC1BD7AD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {75D2B328-2ECF-4502-A689-CFF4236A9D4A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {79BF2F6A-88A9-4E50-8DD9-47C73585DBEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-19] (Google Inc.)
Task: {7A74173B-AE55-4FAF-BA69-1CB60A81EC02} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7BBEEFE9-5FBC-47D3-A8E7-1E259B0CE24C} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {7C9B9379-290D-49EA-9E5F-3EE9BA12B34C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2019-01-02] (HP Inc.)
Task: {7F69F2A3-636B-4F8A-8A5B-19D008217784} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-19] (Google Inc.)
Task: {7FE869C2-CDC7-4AA3-B71F-C2B3F2717791} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {83D4DB98-439F-4336-BF22-B2306177B37F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {83FDE5E7-1D68-4B9B-B915-DDC4B961484F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {84048583-013A-418F-8BAE-9BCE85CA466D} - System32\Tasks\Final Media Player Update Checker => C:\Program Files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe [2015-12-30] (Bitberry Software)
Task: {85720C03-90A4-4891-879D-F67283347B13} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86D57F76-9397-4426-8BC0-4C994B33D5FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {873245C8-C2A1-4122-9397-BD5E19FBBD35} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8CB43E7E-D330-46B4-8FA0-AF007FBDAAB9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-09] (Microsoft Corporation)
Task: {8E1FCD81-BD69-4234-B0FF-EF4037DEEED3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {8E26B23B-31D4-4FF7-B290-D02809BDACA9} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {99A3D193-7C98-4BC7-97FB-8222AF1C2C39} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {99D52F79-3853-4667-81C8-8C1705C6322A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A067DFA0-15E1-4426-81E1-61300AF53A40} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2019-01-14] (Microsoft Corporation)
Task: {A25FD94F-0A28-442F-A681-51B1DE426710} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {A2D3174E-D0D6-4C6F-9963-6A888ECF9849} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {A2FDCA9B-C264-42F2-AD81-E1E92E72B1E2} - System32\Tasks\{B94FF154-64AA-4365-8ADA-67C357D230F2} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\HP\Downloads\statistika.exe -d C:\Users\HP\Downloads
Task: {A4002541-5574-47C9-8637-B21057C4BB34} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A99E1A70-239C-4D67-975F-F4A7491228BC} - System32\Tasks\{EE2F0469-55AF-48FC-8682-34C2830B5C9C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/cs/abandoninstall?page=tsProgressBar
Task: {AA80B4D7-6EF5-41CA-B306-4FE40B5D20F5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {ACB272DF-50EC-4900-97B8-689DE52114F1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BD7C1BF5-D2AD-4860-A458-B4879BCFED31} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF762728-6A80-447D-B8EB-A0B3C18F8868} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-02] (Microsoft Corporation)
Task: {BFC5090B-ABFA-4511-AA41-714953F0420A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2019-01-14] (Microsoft Corporation)
Task: {C0195DE0-D1B1-4412-A47E-D857B2F1325F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {C1369779-C81D-4FB2-A31A-DC2A037E8A4B} - System32\Tasks\0316avzUpdateInfo => C:\ProgramData\Avg_Update_0316avz\0316avz_AVG-Secure-Search-Update.exe [2016-03-06] ()
Task: {D0D2B20E-2A72-4341-BDA6-98A36BC54E6A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D2B6BB80-6595-40C7-A6E7-705A1651AC9E} - System32\Tasks\{85BAA057-5C69-4B28-9C14-1DC0C398F029} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\HP\Downloads\net_radio_rekorder.exe -d C:\Users\HP\Downloads
Task: {D93A822E-0609-4C7B-9A75-11081FDF7014} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {E219AA6C-DEA8-4267-917F-B57B161E2BEC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E405EA61-E4E2-4146-9621-6325F837B50A} - System32\Tasks\AdobeGCInvoker-1.0-HP-PC-HP => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {E77EF003-63C7-4CB7-B792-F95BC78C7351} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-01-14] (Microsoft Corporation)
Task: {E9A09066-C588-418F-A7A4-C6BBEAA54CC6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {ED458761-5CC9-471F-8CA7-CFB658E01AA7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA177210-511C-4C6B-9DA0-F2058B2CD4C3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Final Media Player Update Checker.job => C:\Program Files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe
Task: C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2018-09-25 11:37 - 2018-12-20 14:41 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-25 11:37 - 2018-12-20 14:41 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2012-09-27 23:52 - 2012-09-27 23:52 - 000047480 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\BtwLeAPI.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2016-06-10 00:41 - 2016-06-10 00:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 11:24 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-14 03:31 - 2017-11-13 15:46 - 000092368 _____ () C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\bin\13773libfoxloader-x64.dll
2019-01-09 09:03 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2019-01-14 03:31 - 2017-11-13 15:38 - 000506064 _____ () C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2019-01-14 03:31 - 2017-02-08 12:39 - 000080576 _____ () C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-10-01 06:08 - 2016-10-01 06:08 - 031723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2019-01-14 03:31 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\bin\13767libfoxloader.dll
2019-01-14 03:31 - 2018-02-21 10:36 - 000869584 _____ () C:\Users\HP.HP-PC\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2016-10-12 16:28 - 2016-10-12 16:28 - 040523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-10-12 00:08 - 2016-10-12 00:08 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 00:08 - 2016-10-12 00:08 - 000223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 00:08 - 2016-10-12 00:08 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 00:08 - 2016-10-12 00:08 - 000124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-12 19:11 - 2016-10-12 19:11 - 000098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-12 00:08 - 2016-10-12 00:08 - 000166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2015-11-18 16:44 - 2013-01-14 10:25 - 001200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0A8E2C33 [116]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\...\sharepoint.com -> hxxps://unihk-files.sharepoint.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-09-02 08:32 - 000001050 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

2017-08-12 13:41 - 2017-08-12 19:06 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\PROGRAM FILES (X86)\INTEL\ICLS CLIENT\;C:\PROGRAM FILES\INTEL\ICLS CLIENT\;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\2.0\BIN\X64;C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL;C:\PROGRAM FILES\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\IPT;C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\DAL;C:\PROGRAM FILES (X86)\INTEL\INTEL(R) MANAGEMENT ENGINE COMPONENTS\IPT;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2857369919-3782095254-1905678099-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7E6583FA-51D9-47E7-A5FE-DA4DEECD8134}C:\program files\netbeans 8.2\bin\netbeans64.exe] => (Block) C:\program files\netbeans 8.2\bin\netbeans64.exe (Oracle Corporation)
FirewallRules: [TCP Query User{849E3DF4-9971-4241-98C5-61EEF73A6066}C:\program files\netbeans 8.2\bin\netbeans64.exe] => (Block) C:\program files\netbeans 8.2\bin\netbeans64.exe (Oracle Corporation)
FirewallRules: [UDP Query User{F596ED9C-0076-4763-AF48-20DAF4B99C38}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe ()
FirewallRules: [TCP Query User{FB26062F-1ED9-41D3-9950-D09C6019FFFB}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe ()
FirewallRules: [UDP Query User{5719BF6E-9DE9-4B1F-A89A-8DB1FB19351E}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
FirewallRules: [TCP Query User{AAE0FABF-22F5-4B32-9EEC-EAD465BAA3DF}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
FirewallRules: [UDP Query User{5FF6B2C5-4BA9-4070-AD28-F71C44DD24C4}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH)
FirewallRules: [TCP Query User{8E7F2D31-3A43-4FC0-A608-52764B6AAB9A}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH)
FirewallRules: [{C3921D7F-35DA-498D-B275-7E64DCAC4F11}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{E95AAB3E-C484-4F7C-A7C6-011816FFF741}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{440FAF0E-491B-4ECE-BF6E-926B55B19577}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{283558CC-785E-4B0B-BFFB-A92BCD4681EE}C:\program files (x86)\redsystem\net radio rekorder\net radio rekorder.exe] => (Allow) C:\program files (x86)\redsystem\net radio rekorder\net radio rekorder.exe (Redsystem)
FirewallRules: [UDP Query User{D4BAEAFA-092F-4DD5-A133-EAB95B62A42F}C:\program files (x86)\redsystem\net radio rekorder\net radio rekorder.exe] => (Allow) C:\program files (x86)\redsystem\net radio rekorder\net radio rekorder.exe (Redsystem)
FirewallRules: [{3A76F9FC-B585-4AE0-8DB3-0A05627C5989}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [{C9CD464C-AF70-4FAD-81FC-3AD21DE9E9AC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [{6604DDE2-50A0-47AD-8D96-AAABF820D222}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{BCAE1CE6-0CA7-4197-A7D3-75B7A0D80211}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [TCP Query User{2FD0B0CB-95EC-4E0D-8496-68815C1D61A2}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe No File
FirewallRules: [UDP Query User{BCE2D504-881A-4259-A4DC-CB5365E2759B}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe No File
FirewallRules: [{21E467B6-04B4-4719-BDD2-9DAA06B29565}] => (Allow) C:\Users\HP\AppData\Roaming\Media-Assistant\Media-Assistant.exe No File
FirewallRules: [{5EADA809-091F-4036-98BD-6860E4AAA487}] => (Allow) C:\Users\HP\AppData\Roaming\Media-Assistant\updater.exe No File
FirewallRules: [{A157E0DB-2D06-4235-8BC9-89D48CAB34D8}] => (Allow) C:\Users\HP\AppData\Roaming\Media-Assistant\Media-Assistant.exe No File
FirewallRules: [{1E53B983-16CB-4ADD-8D88-AE5A1411BB63}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe No File
FirewallRules: [{4598EC0F-4623-466C-B559-AD1C4CA2F929}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe No File
FirewallRules: [{A4E6EDC0-C817-44DC-8430-5F3D93642736}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\cPhoneSDKCS.exe No File
FirewallRules: [{3D501C86-3378-4A7F-AF12-228948756681}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe No File
FirewallRules: [{332630E8-66C5-4233-8DD1-4A24530D7E20}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [{A5639D2B-EECF-4A34-8199-42BAB30DF9FA}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [{FF57B5C2-ACB1-46F9-957D-81969698C39B}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [{BAA1BD79-4DE9-4B0D-A883-B7A128EF968C}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [{30D5874D-FF15-4095-A68D-2D4E327FB106}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [{501D5C90-BE43-4C12-BE33-9F77143B75B5}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{63114893-F27D-4AA5-9185-6B529E9AD462}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Joyent, Inc)
FirewallRules: [UDP Query User{73784A01-EB71-4374-B2B0-B6F0B07AB3A0}C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2017\node\node.exe (Joyent, Inc)
FirewallRules: [{7091293F-4E5C-40AF-84E5-997DE0364DE4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{56231CDA-8E7C-47E0-8ED7-23E894283D8B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{C94863B7-349A-422F-A276-876E5C04F5D8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{B0F44808-37C4-4B36-AE29-BEC6CDDED95D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation)
FirewallRules: [{F6F0E2AA-EECD-4A4C-93AC-4F5CE1C345CB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{E642FAB5-9732-4BFA-AFB9-070986BF3D44}] => (Allow) C:\Program Files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe (Bitberry Software)
FirewallRules: [{1255F08E-AEDF-40AF-8BFC-E47461F0E803}] => (Allow) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe (Bitberry Software)
FirewallRules: [{68D1064A-F719-407F-93A2-7A970AD234B6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{AD48BA51-2F5C-49A7-8A31-72178BC387E4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{6866C882-06B2-4B95-919D-22DFC27B6001}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)

==================== Restore Points =========================

18-01-2019 07:58:12 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2019 09:48:16 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru C:\Windows\Prefetch\LOCKAPP.EXE-F5519A46.pf z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Host Process for Windows Services.

Program: Host Process for Windows Services
Soubor: C:\Windows\Prefetch\LOCKAPP.EXE-F5519A46.pf

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: C000009C
Typ disku: 3

Error: (01/18/2019 09:48:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_SysMain, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: sysmain.dll, verze: 10.0.17134.191, časové razítko: 0xd2f66a7b
Kód výjimky: 0xc0000006
Posun chyby: 0x0000000000025434
ID chybujícího procesu: 0x930
Čas spuštění chybující aplikace: 0x01d4af0863a145ef
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\sysmain.dll
ID zprávy: b2b4f03d-28bc-4743-9220-5e975744b542
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/18/2019 09:31:44 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru C:\Windows\Prefetch\LOCKAPP.EXE-F5519A46.pf z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Host Process for Windows Services.

Program: Host Process for Windows Services
Soubor: C:\Windows\Prefetch\LOCKAPP.EXE-F5519A46.pf

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: C000009C
Typ disku: 3

Error: (01/18/2019 09:31:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_SysMain, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: sysmain.dll, verze: 10.0.17134.191, časové razítko: 0xd2f66a7b
Kód výjimky: 0xc0000006
Posun chyby: 0x0000000000025434
ID chybujícího procesu: 0x50c
Čas spuštění chybující aplikace: 0x01d4af056b0a2c8b
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\sysmain.dll
ID zprávy: 9c51b97d-c82b-479b-936d-34f730cb722a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/18/2019 09:10:19 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru C:\Windows\Prefetch\LOCKAPP.EXE-F5519A46.pf z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Host Process for Windows Services.

Program: Host Process for Windows Services
Soubor: C:\Windows\Prefetch\LOCKAPP.EXE-F5519A46.pf

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: C000009C
Typ disku: 3

Error: (01/18/2019 09:10:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_SysMain, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: sysmain.dll, verze: 10.0.17134.191, časové razítko: 0xd2f66a7b
Kód výjimky: 0xc0000006
Posun chyby: 0x0000000000025434
ID chybujícího procesu: 0x4d8
Čas spuštění chybující aplikace: 0x01d4aef92a94022a
Cesta k chybující aplikaci: c:\windows\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\sysmain.dll
ID zprávy: a16ba2c1-dd7a-4fba-bab1-b832addbba6f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/18/2019 07:57:49 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/15/2019 01:04:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbamtray.exe verze 3.1.0.1662 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1fb8

Čas spuštění: 01d4aca86ede9cc2

Čas ukončení: 60000

Cesta k aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

ID hlášení: 9462e0af-4b57-4d6f-8f08-9f3d6e0eca18

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:


System errors:
=============
Error: (01/18/2019 01:37:47 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/18/2019 01:37:43 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/18/2019 01:36:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/18/2019 01:36:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/18/2019 01:09:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/18/2019 01:09:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/18/2019 01:09:05 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (01/18/2019 01:09:01 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.


Windows Defender:
===================================
Date: 2019-01-11 16:26:43.717
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3C7EE940-3D8D-4960-9860-F65BBA16327E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-12-15 15:23:37.260
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {22205DEC-8B5B-4F77-A34E-26C9AEDE65AF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-12-15 13:22:48.036
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9B19524B-EBC6-4A6D-B09A-D84A98229452}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-10 08:33:34.041
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {43645F85-1503-48EB-8A83-66E8AF69B685}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-10-09 20:19:58.764
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C531B8B7-2A83-4AEA-AD43-FD8FA2D097F6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-13 15:31:20.846
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2019-01-12 21:51:18.593
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-12-20 11:59:37.254
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-20 11:59:03.514
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-20 08:08:17.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-20 08:07:45.428
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-20 08:03:43.972
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-20 08:03:12.838
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-20 07:40:50.950
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-12-20 07:40:27.758
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2367M CPU @ 1.40GHz
Percentage of memory in use: 75%
Total physical RAM: 3998.31 MB
Available physical RAM: 969.3 MB
Total Virtual: 9630.31 MB
Available Virtual: 6327.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:295.11 GB) (Free:207.54 GB) NTFS

\\?\Volume{6778cde1-8dfe-11e5-8216-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{b4445d7e-0000-0000-0000-d04d4a000000}\ () (Fixed) (Total:0.87 GB) (Free:0.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: B4445D7E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=295.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=895 MB) - (Type=27)

==================== End of Addition.txt ============================

Zdravím!
Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/ a přes Úpravy>Kopírovat sem dejte log.

Dobrý den,
děkuji že se tomu věnujete. Zasílám požadované:

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 17134] (x64)
Date : 2019/01/18 15:59:43

-- Controller Map ----------------------------------------------------------
+ Intel Chipset SATA RAID Controller [SCSI]
- TOSHIBA MQ01ABD032
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABD032 : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABD032
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABD032
Firmware : AX001C
Serial Number : Y2IIS8D8S
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 13197 hod.
Power On Count : 3177 krát
Temperature : 24 C (75 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Počet chyb čtení
02 100 100 _50 000000000000 Průchodnost disku
03 100 100 __2 000000000404 Čas na roztočení ploten
04 100 100 __0 0000000037C9 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _50 000000000000 Počet chybných hledání
08 100 100 _50 000000000000 Čas potřebný na vyhledání
09 _68 _68 __0 00000000338D Hodin v činnosti
0A 253 100 _30 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000C69 Počet cyklů zapnutí zařízení
B7 100 100 __1 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
B9 100 100 __1 00000000FFFF Specifický pro výrobce
BB __1 __1 __0 000000002118 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __1 000000000000 Vysoká rychlost zápisu
BE _76 _54 _40 000018130018 Teplota toku vzduchu
BF 100 100 __0 000000000684 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 0000003D003D Počet vypnutí disku
C1 _97 _97 __0 000000008BEF Počet cyklů načítání/vymazání
C2 _76 _54 _40 000018130018 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000078 Počet podezřelých sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2059 3249 4953 3844 3853
020: 0000 4000 0000 4158 3030 3143 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4430 3332 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0004 004C 004C
080: 01F8 0000 706B 7C09 6123 7069 BC09 6123 203F 0022
090: 0022 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 6003 0000 5000 0394
110: 65E8 6C2D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 48A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 27
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 64 64 04
020: 04 00 00 00 00 00 04 32 00 64 64 C9 37 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 44 44 8D 33 00 00 00
060: 00 00 0A 33 00 FD 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 69 0C 00 00 00 00 00 B7 32 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 B9 32 00 64 64 FF FF 00 00 00 00 00 BB 32
0A0: 00 01 01 18 21 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
0C0: 00 00 BE 22 00 4C 36 18 00 13 18 00 00 00 BF 32
0D0: 00 64 64 84 06 00 00 00 00 00 C0 22 00 64 64 3D
0E0: 00 3D 00 00 00 00 C1 32 00 61 61 EF 8B 00 00 00
0F0: 00 00 C2 22 00 4C 36 18 00 13 18 00 00 00 C4 32
100: 00 64 64 00 00 00 00 00 00 00 C5 32 00 64 64 78
110: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 51
170: 03 00 01 00 02 45 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5C

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 02 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 01 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 B9 01 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BD 01 00 00 00 00 00 00 00 00
0C0: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0F0: 00 00 C2 28 00 00 00 00 00 00 00 00 00 00 C4 00
100: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
110: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A1

Disk má docela velké množství podezřelých sektorů. Udělejte ještě ErrorScan HDTune: https://www.stahuj.cz/utility_a_ostatni ... -tune-pro/ . Pokud se podezření potvrdí, bude třeba disk vyměnit. V tomto rozsahu nelze disk přeformátovat. Vadné sektory budou označeny červeným políčkem.

Toho jsem se bála, že to bude na výměnu Nepíšete o žádném výstupu. Má být nějaký?

V okně bude tabulka se zelenými a červenými políčky. Červené jsou vadné sektory. V počtu, který udává log z CrystalDiskInfo, by nebylo vhodné se pokoušet o opravu disku.

Zasílám screen ukončeného skenování chybných bloků. Takhle se to nejeví, že je to hodně, ale nevím. 6 červených. Co to říká Vám Rudy? Je nějaká naděje na přeformátování?

Je tam 6 vadných sektorů (podle obrázku). Pokud je to systémový disk, obával bych se toho, že se situace bude zhoršovat, pak začne padat systém a skončí to totální havárií. Disk by možná po zformátování šel použít jako druhý v PC (na data). Jako systémový bych určitě volil nový disk. Dokud to funguje, určitě bych udělal zálohu dat na jiné médium. Data se pak na nový disk jednoduše překopírují. Po havárii disku bude obtížné (a drahé) data z disku dostat.

Takže přeci jen. Já jsem si data zazálohovala; to co se nepodařilo převést a ztratilo se, jsem si nechala obnovit programem a chybí mi je ty nejčerstvější, kterých bylo v podstatě jen pár a dají se zase sehnat a dopsat. V mém případě trošku napomohl "osud", koupila jsem mamce k vánocům ntb. Ten jsem jí teď sebrala, abych mohla pokračovat v práci na bakalářce. V podstatě jsem ztratila jen pár dnů času. Nedá si nic dělat. Věděl byste jen co se stalo? Je to vidět v těch výpisech? Nebo je to už něco staršího? Každopádně děkuji, moc moc, a přispěji Vám alespoň dvěma kilčama. Díky!

Z kontroly vyplývá jen to, že je několik sektorů podezřelých. Dalším skenem (HDTune) z těch podezřelých bylo vadných celkem 6. Vadný sektor znamená, že do něj nelze zapisovat, ani číst. Pokud by v něm byl zapsán nějaký soubor oper. systému, začne systém padat. Důvod poškození ovšem z toho logu nevyčtu.