VIRY.CZ

Ahoj,
prosím o preventivní kontrolu logu PC. Děkuji vám za váš čas.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by gereg (administrator) on PSYCHIQPC (Micro-Star International Co., Ltd. MS-7B79) (01-03-2021 21:38:55)
Running from E:\Firefox Download
Loaded Profiles: gereg
Platform: Windows 10 Pro Version 20H2 19042.844 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(A-Volute SAS -> A-Volute) C:\Users\gereg\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.7342\Agent.exe
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) D:\Hry\Battle.net\Battle.net.exe <3>
(GlassWire -> SecureMix LLC) D:\Programy\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) D:\Programy\GlassWire\GWIdlMon.exe
(INMUSIC BRANDS INC -> Akai Professional) C:\Program Files (x86)\Akai Professional\AMX\AudioDevMon.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit Information Technology -> IObit) D:\Programy\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.101.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Nahimic\NahimicMonitorX64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe <2>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA) C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) D:\Programy\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [824240 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Spectrum] => C:\Program Files (x86)\CZC\GamingMouse\HID.exe [1597440 2020-03-05] (CZC) [File not signed]
HKLM-x32\...\Run: [CZC G GK1000] => C:\Program Files\CZC G GK1000\CZC G GK1000.exe [2031616 2019-02-14] (TODO: <Company name>) [File not signed]
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\gereg\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5052648 2020-03-31] (Acronis International GmbH -> )
HKLM-x32\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files (x86)\Microsoft OneDrive\Update\OneDriveSetup.exe"
HKLM-x32\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files (x86)\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\Run: [1Password] => C:\Users\gereg\AppData\Local\1Password\app\7\1Password.exe [5254480 2021-02-06] (AgileBits Inc. -> AgileBits Inc.)
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\Run: [GlassWire] => D:\Programy\GlassWire\glasswire.exe [8853400 2021-01-22] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\Run: [GUDelayStartup] => D:\Programy\Glary Utilities 5\StartupManager.exe [44344 2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\MountPoints2: {fb0cf69e-2f51-11eb-baa5-2cf05d0bfa38} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\MountPoints2: {fb0cf6ee-2f51-11eb-baa5-2cf05d0bfa38} - "E:\HiSuiteDownLoader.exe"
BootExecute: autocheck autochk * BootDefrag.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A88E44-D9CD-4E0E-BDDA-4262F5988482} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03B503C9-3DF0-43C9-A44A-4195F18DD8A9} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {0B1CC6F1-4D09-4C83-9EB4-E143958CB7F9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E00EB84-FDF7-4B5F-AAF3-40017B8FBDF5} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [823304 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {26923921-F4B8-4343-A247-7A3232347F9F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {32C2E178-2B92-40EB-AE6D-7CF9E7DA997C} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [823304 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {32D5B1C3-31EF-4BE3-A977-BA16B04624DB} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {34515680-22D6-485D-9ECC-B10B436106EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {34645E23-7939-4343-9B0F-387691C03B7F} - System32\Tasks\klcp_update => D:\Programy\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-02-11] () [File not signed]
Task: {36EDA3E7-9BDD-483F-8B6E-36F2942FEB60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E855E0B-7CE0-4B12-838D-28D2E008E80A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EA92424-FF4E-402E-B1A1-C61BD9B21EE6} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1067016 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {47F5B2A0-8B39-4A1D-8C71-C6487E6A97DE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FA106C4-BC2F-47DE-80C4-DA5EF01B224E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51099A69-0370-497C-B3C1-397CC7173E40} - System32\Tasks\GU5SkipUAC => D:\Programy\Glary Utilities 5\Integrator.exe [917816 2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
Task: {562A8B6B-5FF2-4FA9-9FAE-7760C100DADD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CD8392C-26C1-4EA2-B5B7-28F4920055C0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {636B27D6-6D6B-4484-A295-532BFB021FD0} - System32\Tasks\SmartShare => D:\Programy\LG Smart Share\SmartShareStart.exe [513216 2017-12-12] (LG Electronics Inc. -> LG Electronics Inc.)
Task: {6D50231E-F13A-44C4-8A8E-4A2BD1E1F929} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7662ED25-4EA4-44CA-AA40-19B7EFE75002} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {773AA81E-86D8-4DA0-A947-D3E5005CC70A} - System32\Tasks\Uninstaller_SkipUac_gereg => D:\Programy\IObit Uninstaller\IObitUninstaler.exe [6435088 2020-09-22] (IObit Information Technology -> IObit)
Task: {78AC390B-A9D8-454A-A75C-E8C5D49A142F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [3047944 2020-10-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
Task: {7B7BF9C3-9750-4F99-B80B-0DC2839464DF} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {80DF1CA8-21A1-4989-B312-2410887FCDDF} - System32\Tasks\GlaryUpdate 5 => D:\Programy\Glary Utilities 5\CheckUpdate.exe [43832 2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
Task: {85D4C1F0-530E-4215-A98E-8B9FED38592D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {872A7CD5-BEFF-489B-A57B-4AE49F0E60AB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2862440 2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {957C052F-9097-4F88-B4AE-1B484C7B65AC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1126320 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {984A67D1-77A4-4BC6-9287-9ABA1A223B6A} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1067016 2020-12-10] (A-Volute SAS -> Nahimic)
Task: {99FDE51F-0502-481C-AEA6-3957A4B6E5F3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {A080A95D-6D7E-4EE0-8325-BA02FE55EAC2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8882C4B-CC96-4947-BC26-BF50EDAE5AB0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {C5937CAF-7E7A-4F95-8C99-54E511784CB6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6C863D5-A5A5-48F2-934F-8F5F53C99479} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE620A17-E836-4BCC-BA39-5D5614CB9D25} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [44720 2020-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {D168B8AB-843E-4E4F-A0DC-788CB4FD753F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {DCFC1955-588D-4B36-9F65-933D6353A86A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE338EB1-9DF7-4BA8-A0DE-31499AD84B6F} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1669128 2021-02-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {E9BAE799-6D67-4D73-93B6-6ECE0FC56566} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F037F5D2-B7D7-4C1A-8519-0E3B40E7D311} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F28A8B8B-1407-4499-934B-B6959073ABC8} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [74736 2021-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {FECAF2AE-94FF-40C8-9225-9252FDAA72F9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-19] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.0.0.138
Tcpip\..\Interfaces\{358cc6bf-ef21-4789-8c36-b336a5eec16c}: [DhcpNameServer] 192.168.1.1 10.0.0.138
Tcpip\..\Interfaces\{d2633ef3-a02c-4f32-a61f-0db4d43a81c5}: [DhcpNameServer] 192.168.1.1 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\gereg\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-01]
Edge HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>

FireFox:
========
FF DefaultProfile: si6nocij.default
FF ProfilePath: C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\si6nocij.default [2020-08-31]
FF ProfilePath: C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release [2021-03-01]
FF DownloadDir: E:\Firefox Download
FF Extension: (Dark Reader) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\addon@darkreader.org.xpi [2021-02-23]
FF Extension: (To Google Translate) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (No Name) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\KeeperFFStoreExtension@KeeperSecurityInc.xpi [2021-01-16]
FF Extension: (uBlock Origin) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-02-05]
FF Extension: (AbyssYellow) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\{adc5e39e-0f46-4326-a1c3-32681e673e00}.xpi [2021-01-26]
FF Extension: (Video DownloadHelper) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-01-26]
FF Extension: (Greasemonkey) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2021-01-30]
FF Extension: (Dark Fox) - C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2020-08-16]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Brave:
=======
BRA Profile: C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-01]
BRA DownloadDir: D:\Download\Firefox
BRA Extension: (Brave Local Data Files Updater) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-07]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-02-11]
BRA Extension: (Brave NTP sponsored images) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2021-02-11]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-02-07]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-02-11]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\gereg\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-02-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10341560 2020-03-31] (Acronis International GmbH -> )
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1254784 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6383744 2021-02-26] (Acronis International GmbH -> )
R2 AMXAudioDevMon; C:\Program Files (x86)\Akai Professional\AMX\AudioDevMon.exe [521304 2016-12-13] (INMUSIC BRANDS INC -> Akai Professional)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-01-20] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-02-26] (Microsoft Windows -> Microsoft Corporation)
S2 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-01-05] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\FileSyncHelper.exe [2198376 2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
R2 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 GalaxyClientService; G:\GOG Galaxy\GalaxyClientService.exe [1741384 2021-02-07] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-08] (GOG Sp. z o.o. -> GOG.com)
R2 GlassWire; D:\Programy\GlassWire\GWCtlSrv.exe [6426008 2021-01-22] (GlassWire -> SecureMix LLC)
S2 IObitUnSvr; D:\Programy\IObit Uninstaller\IUService.exe [158992 2020-07-31] (IObit Information Technology -> IObit)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1918976 2020-03-31] (Acronis International GmbH -> )
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [131568 2021-01-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe [35824 2021-01-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [35848 2021-01-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1633288 2020-12-10] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\OneDriveUpdaterService.exe [2573160 2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [144576 2021-02-11] (Oculus VR, LLC -> Facebook Technologies, LLC)
S3 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [511680 2021-02-11] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-02-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7395256 2020-03-31] (Acronis International GmbH -> )
R2 TeamViewer; D:\Programy\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
R2 VoiceControlService; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [32400 2020-07-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\WINDOWS\system32\drivers\ACE-BASE.sys [1001736 2020-10-17] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 AMX1; C:\WINDOWS\System32\drivers\AkaiProfessionalAMX.sys [496248 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Akai Professional)
S3 Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 athrusb; C:\WINDOWS\System32\drivers\athrxusb.sys [1075712 2008-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [27616 2021-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [687768 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2021-02-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [30720 2021-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [38544 2018-12-13] (Feature Integration Technology Inc -> FINTEK Corp.)
S3 Imf8HpRegFilter; D:\Programy\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2019-12-17] (IObit Information Technology -> IObit)
S3 IMFEFSFileControl; D:\Programy\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [40824 2019-08-13] (IObit Information Technology -> IObit)
S3 ImfHpFileFilter; D:\Programy\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2019-12-17] (IObit Information Technology -> IObit)
R3 ipadtst2; C:\ProgramData\MSI\Super_Charger\ipadtst2_64.sys [26168 2021-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 IUFileFilter; D:\Programy\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; D:\Programy\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; D:\Programy\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R3 MpKsl16352ff2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9D693D98-B879-4556-B8A5-9283E644164E}\MpKslDrv.sys [47344 2021-03-01] (Microsoft Windows -> Microsoft Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 oculusvad_oculusvad; C:\WINDOWS\System32\drivers\oculusvad.sys [72208 2020-12-31] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [32856 2020-12-31] (Oculus VR, LLC -> Facebook Inc.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2021-02-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [812208 2020-10-16] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [883256 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171968 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
S3 UniSafe; C:\WINDOWS\system32\drivers\UniSafe.sys [581912 2020-11-15] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
R3 VirtualAudioCable_83ed7f0e-2028-4956-b0b4-39c76fdaef1d; C:\WINDOWS\System32\drivers\vrtaucbl.sys [202672 2021-02-15] (Muzychenko Evgenii Viktorovich, IP -> EuMus Design)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [330176 2021-02-26] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2021-02-26] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S1 UimBus; \SystemRoot\System32\drivers\uimbus.sys [X]
S1 Uim_DEVIM; \SystemRoot\System32\drivers\uimdevim.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-01 21:37 - 2021-03-01 21:39 - 000000000 ____D C:\FRST
2021-03-01 20:44 - 2021-03-01 20:44 - 000000901 _____ C:\Users\gereg\Desktop\HD Video Converter Factory Pro.lnk
2021-03-01 20:44 - 2021-03-01 20:44 - 000000000 ____D C:\Users\gereg\Documents\WonderFox Soft
2021-03-01 20:44 - 2021-03-01 20:44 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2021-03-01 20:20 - 2021-03-01 20:35 - 000000000 ____D C:\Users\gereg\Desktop\Snappy Driver Installer
2021-03-01 20:01 - 2021-03-01 20:04 - 000000000 ____D C:\Users\gereg\Desktop\ServiWin
2021-03-01 19:54 - 2021-03-01 19:55 - 000001359 _____ C:\Users\gereg\Desktop\Vyčištění pevného disku.lnk
2021-03-01 19:53 - 2021-03-01 19:53 - 000000600 __RSH C:\ProgramData\ntuser.pol
2021-03-01 17:37 - 2021-03-01 17:37 - 000000000 ____D C:\Users\gereg\AppData\Local\Rockstar_Games
2021-03-01 17:33 - 2021-03-01 17:33 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Goldberg SocialClub Emu Saves
2021-03-01 14:21 - 2021-03-01 14:47 - 000000000 ____D C:\Users\gereg\AppData\Local\Star Stable
2021-03-01 14:08 - 2021-03-01 14:21 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Star Stable Online
2021-03-01 14:08 - 2021-03-01 14:08 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable Online.lnk
2021-02-27 14:05 - 2021-02-27 14:05 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-02-27 14:05 - 2021-02-27 14:05 - 000002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 13:57 - 2021-02-27 13:57 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2021-02-27 13:57 - 2021-02-27 13:57 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2021-02-27 02:15 - 2021-02-27 02:17 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2021-02-27 02:15 - 2021-02-27 02:15 - 000001177 _____ C:\Users\gereg\Desktop\MSI Afterburner.lnk
2021-02-27 02:15 - 2021-02-27 02:15 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2021-02-27 02:15 - 2021-02-27 02:15 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2021-02-27 02:15 - 2021-02-27 02:15 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2021-02-27 00:09 - 2021-02-27 00:09 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-02-26 23:50 - 2021-02-24 13:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-26 23:50 - 2021-02-24 13:01 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-02-26 23:50 - 2021-02-24 13:01 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-26 23:50 - 2021-02-24 13:01 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-02-26 23:50 - 2021-02-24 13:01 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-26 23:50 - 2021-02-24 13:01 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-02-26 23:50 - 2021-02-24 12:58 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-02-26 23:50 - 2021-02-24 12:58 - 000671504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-02-26 23:50 - 2021-02-24 12:58 - 000612120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-02-26 23:50 - 2021-02-24 12:58 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 001511184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 000687896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-02-26 23:50 - 2021-02-24 12:57 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-02-26 23:50 - 2021-02-24 12:57 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 008260888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 007391504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 004610352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 002729744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-02-26 23:50 - 2021-02-24 12:56 - 000445200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-02-26 23:50 - 2021-02-24 12:55 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-02-26 23:50 - 2021-02-24 12:54 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-02-26 23:50 - 2021-02-24 12:54 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-02-26 23:50 - 2021-02-24 02:50 - 000084450 _____ C:\WINDOWS\system32\nvinfo.pb
2021-02-26 21:16 - 2021-02-26 21:16 - 000000983 _____ C:\Users\gereg\Desktop\Apeaksoft Screen Recorder EN.lnk
2021-02-26 20:13 - 2021-02-26 20:13 - 000000000 ___HD C:\$SysReset
2021-02-26 20:05 - 2021-02-26 20:05 - 001048576 _____ C:\WINDOWS\system32\defltbase.sdb
2021-02-26 20:05 - 2021-02-26 20:05 - 000016384 _____ C:\WINDOWS\system32\defltbase.jfm
2021-02-26 19:46 - 2021-02-26 19:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-26 19:46 - 2021-02-26 19:46 - 000002150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-26 19:26 - 2021-02-26 19:26 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-26 19:26 - 2021-02-26 19:26 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-26 19:26 - 2021-02-26 19:26 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-26 19:26 - 2021-02-26 19:26 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-02-26 19:26 - 2021-02-26 19:26 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-26 19:26 - 2021-02-26 19:26 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-02-26 19:26 - 2021-02-26 19:26 - 000011002 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-26 17:52 - 2021-02-26 17:52 - 000000000 ____D C:\Users\gereg\AppData\Local\Acronis
2021-02-26 17:47 - 2021-02-26 17:52 - 000000000 ____D C:\ProgramData\Acronis Mobile Backup Data
2021-02-26 17:47 - 2021-02-26 17:47 - 000883256 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000693768 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000687768 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000390592 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000371144 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000330176 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file2441.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000330176 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000243472 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\volume_tracker.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2310.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000171968 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2021-02-26 17:47 - 2021-02-26 17:47 - 000001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2021-02-26 17:25 - 2021-02-26 17:49 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Acronis
2021-02-26 17:24 - 2021-02-26 17:52 - 000000000 ____D C:\ProgramData\Acronis
2021-02-26 17:24 - 2021-02-26 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2021-02-26 17:24 - 2021-02-26 17:24 - 000000000 ____D C:\Program Files (x86)\Acronis
2021-02-26 17:14 - 2021-02-26 17:14 - 000003216 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - MSI.True Color
2021-02-26 17:14 - 2021-02-26 17:14 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2021-02-26 17:13 - 2020-01-19 19:49 - 000017424 _____ (MICSYS Technology Co., LTd) C:\WINDOWS\system32\Drivers\MsIo64.sys
2021-02-26 16:49 - 2021-02-26 17:04 - 000000000 ____D C:\Users\gereg\AppData\Local\iTubeGo
2021-02-26 16:27 - 2021-02-26 16:27 - 000003284 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - Detect_Monitor
2021-02-26 16:27 - 2021-02-26 16:27 - 000003268 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - DisplayID
2021-02-26 16:26 - 2020-01-19 19:49 - 000017424 _____ (MICSYS Technology Co., LTd) C:\WINDOWS\system32\Drivers\MsIo64.old
2021-02-26 16:26 - 2014-04-30 16:23 - 000011248 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\acpimof.dll
2021-02-26 16:25 - 2021-02-26 16:25 - 000000000 ____D C:\Program Files (x86)\MSI
2021-02-24 18:49 - 2021-02-24 18:49 - 000000632 _____ C:\Users\gereg\Desktop\CCleaner64.lnk
2021-02-24 18:49 - 2021-02-24 18:49 - 000000632 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner64.lnk
2021-02-24 18:49 - 2021-02-24 18:49 - 000000624 _____ C:\Users\gereg\Desktop\CCleaner32.lnk
2021-02-24 18:49 - 2021-02-24 18:49 - 000000624 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner.lnk
2021-02-24 18:30 - 2021-02-24 18:30 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dashboard.lnk
2021-02-24 18:30 - 2021-02-24 18:30 - 000002244 _____ C:\Users\gereg\Desktop\Dashboard.lnk
2021-02-24 18:26 - 2021-02-24 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2021-02-24 18:26 - 2021-02-24 18:26 - 000000000 ____D C:\Program Files (x86)\Seagate
2021-02-24 00:20 - 2021-02-24 00:20 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2021-02-24 00:19 - 2021-02-26 17:12 - 000000000 ____D C:\Program Files (x86)\Intel
2021-02-24 00:19 - 2021-02-24 00:19 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Intel
2021-02-24 00:19 - 2021-02-24 00:19 - 000000000 ____D C:\ProgramData\Intel
2021-02-24 00:19 - 2021-02-24 00:19 - 000000000 ____D C:\Program Files\Common Files\Intel
2021-02-24 00:18 - 2021-02-24 00:19 - 000000000 ____D C:\Program Files\Intel
2021-02-23 21:32 - 2021-02-23 21:32 - 010591864 _____ C:\WINDOWS\system32\Drivers\Netwfw10.dat
2021-02-23 21:32 - 2021-02-23 21:32 - 005333864 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2021-02-23 21:32 - 2021-02-23 21:32 - 001058152 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter08.dll
2021-02-23 21:32 - 2021-02-23 21:32 - 000133944 _____ (Samsung Electronics Co., Ltd) C:\WINDOWS\system32\Drivers\secnvme.sys
2021-02-23 21:32 - 2021-02-23 21:32 - 000063176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2021-02-23 21:24 - 2021-02-23 21:24 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Easeware
2021-02-23 21:24 - 2021-02-23 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2021-02-23 21:15 - 2021-02-23 21:15 - 000000042 _____ C:\WINDOWS\SysWOW64\guid.dat
2021-02-23 20:11 - 2021-02-23 20:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-23 20:01 - 2021-02-24 17:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-23 19:58 - 2021-02-23 20:08 - 000000000 ____D C:\ProgramData\A-Volute
2021-02-23 19:58 - 2021-02-23 19:58 - 000000000 ____D C:\WINDOWS\system32\A-Volute
2021-02-23 19:54 - 2021-01-13 17:54 - 006021608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-02-23 19:54 - 2021-01-13 17:44 - 044132505 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-02-23 19:32 - 2021-02-23 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-02-23 18:08 - 2021-03-01 17:33 - 000000765 _____ C:\Users\gereg\Desktop\GTA V Redux CZ.lnk
2021-02-23 18:08 - 2021-02-23 18:08 - 000000765 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\GTA V Redux CZ.lnk
2021-02-21 14:16 - 2021-02-26 17:26 - 000002576 _____ C:\WINDOWS\system32\Tasks\SmartShare
2021-02-21 14:16 - 2021-02-21 14:16 - 000000000 ____D C:\WINDOWS\SysWOW64\SSFilter
2021-02-21 14:16 - 2021-02-21 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Software
2021-02-21 14:16 - 2021-02-21 14:16 - 000000000 ____D C:\ProgramData\LG Software
2021-02-21 14:16 - 2011-08-10 14:00 - 000378880 _____ C:\WINDOWS\SysWOW64\av_dll.dll
2021-02-21 14:16 - 2011-08-10 14:00 - 000020992 _____ C:\WINDOWS\SysWOW64\av_proxy.dll
2021-02-20 22:26 - 2021-02-26 19:01 - 000002594 _____ C:\WINDOWS\system32\Tasks\SamsungMagician
2021-02-20 22:26 - 2021-02-20 22:26 - 000000000 ____D C:\ProgramData\Samsung
2021-02-20 22:26 - 2021-02-20 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2021-02-20 22:26 - 2021-02-20 22:26 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-02-20 13:40 - 2021-02-20 13:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 11:46 - 2018-03-04 11:24 - 000054376 _____ (Trafficreg Software) C:\WINDOWS\system32\Drivers\tmeter.sys
2021-02-20 01:20 - 2021-02-20 01:20 - 000000917 _____ C:\Users\gereg\Desktop\Far Cry 2 CZ Remastered.lnk
2021-02-20 01:20 - 2021-02-20 01:20 - 000000917 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Far Cry 2 CZ Remastered.lnk
2021-02-20 00:40 - 2021-02-20 00:40 - 000001539 _____ C:\Users\gereg\AppData\Local\recently-used.xbel
2021-02-19 21:43 - 2021-02-19 21:43 - 000000234 _____ C:\Users\gereg\Desktop\WATCH_DOGS® 2.url
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Origin
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\Users\gereg\AppData\Local\Origin
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\Users\gereg\.QtWebEngineProcess
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\Users\gereg\.Origin
2021-02-19 21:34 - 2021-02-19 21:34 - 000000000 ____D C:\ProgramData\Origin
2021-02-19 20:50 - 2021-02-07 02:57 - 000125240 _____ (Glarysoft Ltd) C:\WINDOWS\system32\BootDefrag.exe
2021-02-19 20:50 - 2021-01-26 06:21 - 000027616 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\BootDefragDriver.sys
2021-02-19 20:12 - 2021-02-19 20:12 - 000030720 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2021-02-19 20:12 - 2021-02-19 20:12 - 000003008 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC
2021-02-19 20:12 - 2021-02-19 20:12 - 000000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2021-02-19 20:12 - 2021-02-19 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2021-02-19 20:00 - 2021-02-19 20:00 - 000000203 _____ C:\Users\gereg\Desktop\Counter-Strike Source.url
2021-02-16 18:52 - 2021-02-16 18:52 - 000000000 ____D C:\Users\gereg\AppData\Roaming\NVDCache
2021-02-16 18:51 - 2021-02-26 18:09 - 000000000 ____D C:\Users\gereg\AppData\Roaming\TunePat Spotify Converter
2021-02-16 18:51 - 2021-02-16 19:35 - 000000000 ____D C:\Users\gereg\Documents\TunePat Spotify Converter
2021-02-16 18:51 - 2021-02-16 18:51 - 000000000 ____H C:\Users\gereg\MJKJRegInfo_H6WMO2ROFJIFYIJLKZKOXK43HQ2CBSGQ
2021-02-16 18:44 - 2021-02-16 18:44 - 000000000 ____D C:\Users\gereg\AppData\Local\Wisdom-Soft
2021-02-16 18:39 - 2021-02-16 18:39 - 000000870 _____ C:\Users\gereg\Desktop\TunePat Spotify Converter.lnk
2021-02-16 18:39 - 2021-02-16 18:39 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tunepat
2021-02-16 17:45 - 2021-02-27 13:57 - 000000000 ____D C:\Users\gereg\AppData\Roaming\DiskDefrag
2021-02-16 17:44 - 2021-01-27 12:17 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-02-16 17:41 - 2021-02-16 17:41 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:41 - 2021-02-16 17:41 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-16 17:11 - 2021-02-16 17:11 - 000000000 ____D C:\ProgramData\GlarySoft
2021-02-16 17:06 - 2021-02-16 17:06 - 000003656 _____ C:\WINDOWS\system32\Tasks\GlaryUpdate 5
2021-02-16 00:07 - 2021-02-26 17:42 - 000000000 ____D C:\Users\gereg\AppData\Roaming\HD Tune Pro
2021-02-16 00:07 - 2021-02-16 00:07 - 000000722 _____ C:\Users\gereg\Desktop\HD Tune Pro.lnk
2021-02-16 00:07 - 2021-02-16 00:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2021-02-15 19:07 - 2021-02-15 19:07 - 000000000 ____D C:\Users\gereg\Documents\GOG Galaxy
2021-02-15 18:15 - 2021-02-15 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OWN3D for OBS Studio
2021-02-15 18:12 - 2021-02-15 18:12 - 000000969 _____ C:\Users\gereg\Desktop\StreamElements OBS.Live.lnk
2021-02-15 18:05 - 2021-02-15 18:05 - 000202672 _____ (EuMus Design) C:\WINDOWS\system32\Drivers\vrtaucbl.sys
2021-02-15 17:01 - 2021-02-15 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2021-02-15 16:59 - 2021-02-15 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato
2021-02-15 13:27 - 2014-04-09 08:49 - 000000000 ____D C:\Users\gereg\Desktop\GW2255_Win8
2021-02-12 20:20 - 2021-02-26 17:14 - 000000000 ____D C:\MSI
2021-02-12 19:12 - 2021-02-12 19:46 - 000000000 ____D C:\Users\gereg\Documents\Call of Duty Modern Warfare
2021-02-11 21:35 - 2021-02-11 21:35 - 000000000 ____D C:\Users\gereg\AppData\Local\IsolatedStorage
2021-02-11 20:54 - 2021-02-11 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2021-02-11 16:58 - 2021-03-01 21:34 - 000000000 ____D C:\Users\gereg\AppData\Roaming\MPC-HC
2021-02-11 16:45 - 2021-03-01 21:36 - 000000000 ____D C:\Users\gereg\AppData\Local\Battle.net
2021-02-11 16:45 - 2021-02-11 16:52 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Battle.net
2021-02-11 16:44 - 2021-02-11 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-02-07 20:06 - 2021-02-19 16:48 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-02-07 20:06 - 2021-02-07 20:06 - 000000000 ____D C:\Users\gereg\AppData\Local\BraveSoftware
2021-02-07 19:36 - 2021-02-07 19:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-07 19:36 - 2021-02-07 19:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-07 19:26 - 2021-02-16 17:08 - 000002208 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2021-02-07 19:26 - 2015-08-18 09:51 - 001692840 _____ (MSI) C:\WINDOWS\SysWOW64\muachost.exe
2021-02-07 19:20 - 2021-02-16 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2021-02-07 17:59 - 2021-02-07 17:59 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\Adobe
2021-02-07 17:58 - 2021-02-07 17:58 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-02-07 17:57 - 2021-02-07 18:01 - 000000000 ____D C:\ProgramData\Adobe
2021-02-07 13:27 - 2021-02-07 13:27 - 000000000 ____D C:\WINDOWS\system32\%PROGRAMDATA%
2021-02-07 13:25 - 2021-02-16 17:07 - 000000000 ____D C:\Users\gereg\AppData\Roaming\GlarySoft
2021-02-07 12:02 - 2021-02-07 12:02 - 000000000 ____D C:\Users\gereg\AppData\Local\AMD_Common
2021-02-07 12:02 - 2021-02-07 12:02 - 000000000 ____D C:\ProgramData\AMD
2021-02-07 12:00 - 2021-02-07 12:00 - 000003472 _____ C:\WINDOWS\system32\Tasks\AMDAutoUpdate
2021-02-07 12:00 - 2021-02-07 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Ryzen Master
2021-02-07 12:00 - 2021-02-07 12:00 - 000000000 ____D C:\ProgramData\AMD AutoUpdate
2021-02-07 11:59 - 2021-02-07 11:59 - 000000000 ____D C:\Users\gereg\AppData\Local\Setup
2021-02-07 11:28 - 2021-03-01 17:33 - 000000000 ____D C:\Users\gereg\Documents\Rockstar Games
2021-02-07 11:27 - 2020-10-14 11:56 - 000114040 _____ (Auslogics) C:\WINDOWS\system32\ndefrg.exe
2021-02-07 11:12 - 2021-02-07 11:15 - 000000000 ____D C:\Users\gereg\AppData\Local\glasswire
2021-02-07 11:12 - 2021-02-07 11:12 - 000000000 ____D C:\ProgramData\GlassWire
2021-02-07 11:12 - 2015-05-29 08:30 - 000008392 _____ C:\WINDOWS\system32\Drivers\gwdrv.cat
2021-02-07 11:12 - 2015-05-29 08:15 - 000033152 _____ (SecureMix LLC) C:\WINDOWS\system32\Drivers\gwdrv.sys
2021-02-07 10:26 - 2021-02-23 19:34 - 000000000 ____D C:\Users\gereg\Desktop\realtek_audio_N_APO3_6.0.9088.1
2021-02-07 10:25 - 2020-12-22 03:46 - 000000000 ____D C:\Users\gereg\Desktop\7B79vHB1
2021-02-07 06:47 - 2021-02-07 06:47 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp
2021-02-07 04:31 - 2021-02-07 04:31 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\Unity
2021-02-07 03:15 - 2019-03-02 17:03 - 000000000 ____D C:\Users\gereg\Desktop\ps4-exploit-host
2021-02-06 05:55 - 2021-02-06 05:55 - 000001371 _____ C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2021-02-06 03:13 - 2021-02-06 03:13 - 000003019 _____ C:\Users\gereg\Desktop\Keeper Password Manager.lnk
2021-02-06 03:13 - 2021-02-06 03:13 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Keeper Security, Inc
2021-02-06 03:12 - 2021-02-26 18:29 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Keeper Password Manager
2021-02-06 03:12 - 2021-02-16 18:22 - 000000000 ____D C:\Users\gereg\AppData\Local\keeperpasswordmanager
2021-02-01 22:09 - 2021-01-08 03:21 - 001147352 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-02-01 17:21 - 2021-02-01 17:21 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2021-02-01 17:01 - 2021-02-15 21:52 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-01 17:01 - 2021-02-07 09:45 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-30 16:36 - 2021-01-30 16:36 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\Creepy Jar

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-01 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-01 21:20 - 2020-08-16 23:32 - 000000000 ____D C:\Users\gereg\AppData\Roaming\qBittorrent
2021-03-01 19:39 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-01 19:37 - 2020-08-16 22:53 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\Mozilla
2021-03-01 19:37 - 2020-08-16 22:53 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-01 19:36 - 2020-09-16 22:15 - 000000000 ____D C:\Users\gereg\AppData\Local\CrashDumps
2021-03-01 19:31 - 2020-10-27 21:51 - 000007681 _____ C:\Users\gereg\AppData\Local\Resmon.ResmonCfg
2021-03-01 19:20 - 2020-08-20 17:28 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-01 17:17 - 2020-09-08 17:46 - 000000000 ____D C:\Users\gereg\AppData\Roaming\RenPy
2021-03-01 16:11 - 2020-08-16 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-27 14:05 - 2021-01-13 06:26 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2021-02-27 14:05 - 2020-08-16 22:30 - 000000000 ___RD C:\Users\gereg\OneDrive
2021-02-27 14:04 - 2020-08-16 22:29 - 001693576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-27 14:04 - 2019-12-07 15:43 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-27 14:04 - 2019-12-07 15:43 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-27 14:00 - 2021-01-08 17:31 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-27 14:00 - 2020-11-06 00:40 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-27 14:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-27 13:57 - 2020-08-16 22:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-27 13:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-27 03:48 - 2020-12-31 12:10 - 000000000 ____D C:\Users\gereg\AppData\Local\Oculus
2021-02-27 03:48 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-02-27 03:47 - 2020-11-08 09:58 - 000000000 ____D C:\Users\gereg\AppData\Roaming\uTorrent
2021-02-27 01:50 - 2020-12-31 12:21 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Oculus
2021-02-27 01:17 - 2020-09-19 20:08 - 000000000 ____D C:\Users\gereg\AppData\Roaming\discord
2021-02-27 00:12 - 2020-08-17 01:50 - 000000000 ____D C:\Users\gereg\AppData\Local\D3DSCache
2021-02-26 20:13 - 2020-08-31 16:40 - 000000000 ____D C:\ProgramData\ProductData
2021-02-26 20:07 - 2020-08-16 22:21 - 000751624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-26 20:07 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-26 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-26 19:35 - 2020-08-16 22:27 - 000000000 ____D C:\Users\gereg
2021-02-26 19:27 - 2021-01-13 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-26 17:22 - 2020-12-31 12:22 - 000000000 ____D C:\Users\gereg\AppData\Roaming\OculusClient
2021-02-26 17:19 - 2021-01-06 23:23 - 000000000 ____D C:\Users\gereg\Desktop\Programy
2021-02-26 17:14 - 2020-10-11 17:03 - 000000000 ____D C:\Program Files\ENE
2021-02-26 17:14 - 2020-08-16 23:02 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-24 18:50 - 2020-10-17 16:12 - 000000000 ____D C:\Temp
2021-02-24 17:48 - 2020-08-16 22:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-23 21:15 - 2020-08-16 22:29 - 000000000 ____D C:\Users\gereg\AppData\Local\Packages
2021-02-23 20:11 - 2020-08-16 22:53 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-23 20:08 - 2020-08-16 22:30 - 000000000 ____D C:\Users\gereg\AppData\Local\PlaceholderTileLogoFolder
2021-02-23 19:55 - 2020-08-16 23:05 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-02-23 19:54 - 2020-08-16 23:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-23 19:35 - 2020-08-16 23:02 - 000000000 ____D C:\AMD
2021-02-20 03:43 - 2021-01-06 21:01 - 000000000 ____D C:\Users\gereg\Documents\My Games
2021-02-20 02:49 - 2021-01-07 23:16 - 000000000 ____D C:\Users\gereg\AppData\Local\Ubisoft Game Launcher
2021-02-20 01:07 - 2021-01-07 16:52 - 000000000 ____D C:\Users\gereg\dwhelper
2021-02-20 00:40 - 2020-11-16 09:19 - 000000000 ____D C:\Users\gereg\AppData\Local\babl-0.1
2021-02-19 16:51 - 2020-10-29 19:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-19 16:46 - 2020-12-14 19:07 - 000000000 ____D C:\Users\gereg\AppData\Roaming\TeamViewer
2021-02-19 16:46 - 2020-08-16 23:02 - 000000000 ____D C:\Program Files\WinRAR
2021-02-16 20:27 - 2021-01-07 21:39 - 000001087 _____ C:\Users\gereg\Desktop\Half Life Alyx.lnk
2021-02-16 20:14 - 2021-01-13 17:50 - 000000000 ____D C:\Users\gereg\AppData\Roaming\obs-studio
2021-02-16 17:51 - 2020-11-25 21:55 - 000000000 ____D C:\Users\gereg\.android
2021-02-16 17:44 - 2020-08-16 22:29 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-16 17:41 - 2020-08-20 17:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-16 17:41 - 2020-08-16 22:29 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-16 17:35 - 2020-08-16 23:02 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-16 17:35 - 2020-08-16 23:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-16 17:12 - 2021-01-06 23:23 - 000000000 ____D C:\Users\gereg\Desktop\Hry
2021-02-16 17:08 - 2020-11-06 00:40 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-16 17:08 - 2020-11-06 00:40 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-16 17:08 - 2020-08-20 17:01 - 000002402 _____ C:\WINDOWS\system32\Tasks\NahimicSvc64Run
2021-02-16 17:08 - 2020-08-20 17:01 - 000002402 _____ C:\WINDOWS\system32\Tasks\NahimicSvc32Run
2021-02-16 17:03 - 2021-01-06 23:23 - 000001386 _____ C:\Users\gereg\Desktop\License code of IObit Malware Fighter.txt
2021-02-15 22:11 - 2020-11-16 14:13 - 000000000 ____D C:\Users\gereg\.idlerc
2021-02-15 17:01 - 2020-08-31 12:20 - 000000000 ____D C:\ProgramData\Apple Computer
2021-02-13 20:19 - 2020-08-16 22:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-13 20:17 - 2020-08-16 22:32 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 18:40 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 18:38 - 2020-08-16 22:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-12 00:04 - 2020-12-31 12:17 - 000000000 ____D C:\Program Files\Oculus
2021-02-11 16:52 - 2020-08-17 00:50 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-02-11 16:50 - 2020-11-13 09:16 - 000003158 _____ C:\WINDOWS\system32\Tasks\klcp_update
2021-02-11 16:42 - 2020-08-17 00:27 - 000000000 ____D C:\ProgramData\Battle.net
2021-02-11 16:20 - 2020-08-20 17:36 - 000000000 ____D C:\Users\gereg\AppData\Local\Downloaded Installations
2021-02-11 16:20 - 2020-08-20 17:18 - 000000000 ____D C:\Program Files\AMD
2021-02-07 19:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-07 19:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-07 19:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-07 19:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-07 19:41 - 2020-09-17 13:47 - 000000000 ____D C:\Users\gereg\AppData\Local\Adobe
2021-02-07 17:59 - 2020-08-16 22:29 - 000000000 ____D C:\Users\gereg\AppData\Roaming\Adobe
2021-02-07 13:45 - 2020-08-16 23:02 - 000000000 ____D C:\Users\gereg\AppData\Local\NVIDIA
2021-02-07 13:44 - 2020-08-31 16:40 - 000000000 ____D C:\Users\gereg\AppData\Roaming\IObit
2021-02-07 13:44 - 2020-08-31 16:40 - 000000000 ____D C:\Users\gereg\AppData\LocalLow\IObit
2021-02-07 13:44 - 2020-08-20 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-02-07 13:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-02-07 12:46 - 2020-12-15 18:56 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-02-07 12:05 - 2020-08-16 23:02 - 000000000 ____D C:\Program Files (x86)\AMD
2021-02-07 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-02-07 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-02-07 10:37 - 2020-09-01 17:15 - 000000000 ____D C:\Program Files\Rockstar Games
2021-02-07 10:37 - 2020-09-01 17:15 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2021-02-07 10:36 - 2020-12-15 20:19 - 000000000 ____D C:\Program Files (x86)\Western Digital
2021-02-07 09:30 - 2021-01-20 17:09 - 000000000 ____D C:\ProgramData\Doctor Web
2021-02-07 09:23 - 2021-01-08 20:31 - 000001066 _____ C:\Users\gereg\Desktop\VRParadise – zástupce.lnk
2021-02-07 05:14 - 2020-11-08 13:51 - 000000000 ____D C:\Users\gereg\AppData\Local\Abelssoft
2021-02-07 05:09 - 2020-08-16 22:32 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-07 05:08 - 2021-01-20 17:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Doctor Web
2021-02-07 05:08 - 2021-01-15 23:19 - 000000000 ____D C:\Program Files\Common Files\AV
2021-02-07 05:08 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-06 05:55 - 2020-09-08 12:37 - 000000000 ____D C:\Users\gereg\AppData\Local\1Password
2021-02-05 19:19 - 2020-11-15 18:05 - 000000000 ____D C:\Program Files\CZC G GK1000
2021-02-05 18:13 - 2020-12-16 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2021-02-02 00:32 - 2020-12-31 12:21 - 000000000 ____D C:\ProgramData\Oculus
2021-02-01 22:09 - 2020-08-16 23:04 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-02-01 16:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2021-02-20 00:40 - 2021-02-20 00:40 - 000001539 _____ () C:\Users\gereg\AppData\Local\recently-used.xbel
2020-10-27 21:51 - 2021-03-01 19:31 - 000007681 _____ () C:\Users\gereg\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by gereg (01-03-2021 21:40:50)
Running from E:\Firefox Download
Windows 10 Pro Version 20H2 19042.844 (X64) (2020-08-16 21:24:52)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2672217650-3271366909-1307559834-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2672217650-3271366909-1307559834-503 - Limited - Disabled)
gereg (S-1-5-21-2672217650-3271366909-1307559834-1001 - Administrator - Enabled) => C:\Users\gereg
Guest (S-1-5-21-2672217650-3271366909-1307559834-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2672217650-3271366909-1307559834-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
1Password (HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\1Password) (Version: 7.6.791 - AgileBits Inc.)
Acronis True Image (HKLM-x32\...\{831FFE5C-11F4-4E48-A3A5-8535FC93B75A}) (Version: 24.6.25700 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Akai Professional AMX 1.0.11 (HKLM\...\{705A3600-8492-4B1F-9B30-A104AD494ABD}) (Version: 1.0.11 - Akai Professional)
Aktualizace NVIDIA 38.0.6.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.6.0 - NVIDIA Corporation) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.6.0.1702 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{ac726f18-c961-4fa1-a46d-6f0c644cd12b}) (Version: 2.11.26.106 - Advanced Micro Devices, Inc.) Hidden
Apeaksoft Screen Recorder EN (HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\{A559093D-FCCB-1B3D-5504-74D07E48A7FB}) (Version: v.1.3.22 EN - libbi)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{97e1a863-427f-481e-b259-b691eb7b45cd}) (Version: 21.0.1 - Intel Corporation)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beat Saber (HKLM-x32\...\Beat Saber_is1) (Version: - )
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CPUID CPU-Z MSI 1.94 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.94 - CPUID, Inc.)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.12 - GOG.com)
CZC G GK1000 (HKLM-x32\...\CZC G GK1000) (Version: V1.01n - CZC G GK900)
CZC Gaming Mouse (HKLM-x32\...\{BBF3868B-3246-46FD-B02D-CA81A73EE05D}_is1) (Version: 1.0 - Dragonwar)
Dashboard (HKLM-x32\...\Western Digital SSD Dashboard) (Version: 3.2.2.9 - Western Digital Corporation)
Discord (HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{52d1d7de-19c3-4f83-97bb-f9435dc84c5b}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fd812556-e0bb-4961-ac2b-cf5643484519}) (Version: 1.0.7.11 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}) (Version: 1.1.1.0 - Epic Games, Inc.)
Far Cry 2 CZ Remastered Steam v.1.03 Fortunes Edition - Remastered-New Dunia - v.36.7 FINAL6 - Nexusmods (HKLM-x32\...\Far Cry 2 CZ Remastered Steam v.1.03 Fortunes Edition - Remastered-New Dunia - v.36.7 FINAL6 - Nexusmods) (Version: Steam v.1.03 Fortunes Edition - Remastered-New Dunia - v.36.7 FINAL6 - Nexusmods - Libbi - Steam v.1.03 Fortunes Edition - Remastered-New Dunia - v.36.7 FINAL6 - Nexusmods)
GIMP 2.10.22 (HKLM\...\GIMP-2_is1) (Version: 2.10.22 - The GIMP Team)
Glary Utilities 5.160 (HKLM-x32\...\Glary Utilities 5) (Version: 5.160.0.186 - Glarysoft Ltd)
GlassWire 2.2 (remove only) (HKLM-x32\...\GlassWire 2.2) (Version: 2.2.291 - SecureMix LLC)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GTA V Redux CZ Mr.Goldberg v.1.0.2060 - Redux v.1.9 (HKLM-x32\...\GTA V Redux CZ Mr.Goldberg v.1.0.2060 - Redux v.1.9) (Version: Mr.Goldberg v.1.0.2060 - Redux v.1.9 - Libbi)
Half Life Alyx (HKLM-x32\...\Half Life Alyx_is1) (Version: - )
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HD Video Converter Factory Pro 21.3 (HKLM-x32\...\HD Video Converter Factory Pro) (Version: 21.3 - WonderFox Soft, Inc.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.0.2.23 - IObit)
Keeper Password Manager (HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\keeperpasswordmanager) (Version: 15.0.16 - Keeper Security, Inc.)
K-Lite Codec Pack 16.0.1 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.0.1 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
MSI Afterburner 4.6.3 Beta 5 (HKLM-x32\...\Afterburner) (Version: 4.6.3 Beta 5 - MSI Co., LTD)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0201.01 - MSI)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OWN3D for OBS Studio version 1.4.7.0 (HKLM\...\{31A72556-7590-4678-AB69-96D602C95C02}}_is1) (Version: 1.4.7.0 - Own3d media GmbH)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent 4.3.3 (HKLM-x32\...\qBittorrent) (Version: 4.3.3 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9102.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
RivaTuner Statistics Server 7.3.0 Beta 10 (HKLM-x32\...\RTSS) (Version: 7.3.0 Beta 10 - Unwinder)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.2.1.260 - Samsung Electronics)
SeaTools for Windows 1.4.0.7 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.7 - Seagate Technology)
Serato DJ Pro (HKLM\...\{9E2FC135-841E-43A0-B614-6BF06B7C5ADB}) (Version: 2.4.5.77 - Serato Limited) Hidden
Serato DJ Pro (HKLM-x32\...\{95f204a9-9277-4ea9-8cbb-9a6ed53c3f54}) (Version: 2.4.5.77 - Serato Limited)
SmartShare (HKLM-x32\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.3.1712.1201 - LG Electronics Inc.)
Star Stable Online 2.7.3 (HKLM-x32\...\8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.7.3 - Star Stable Entertainment AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements OBS.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 20.12.23.684 - StreamElements)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
The Walking Dead CZ Codex v.15.09.2019 . CZ - 24.08.2020 The Telltale Definitive Serie (HKLM-x32\...\The Walking Dead CZ Codex v.15.09.2019 . CZ - 24.08.2020 The Telltale Definitive Serie) (Version: Codex v.15.09.2019 . CZ - 24.08.2020 The Telltale Definitive Serie - Libbi)
The Walking Dead Saints and Sinners (HKLM-x32\...\The Walking Dead Saints and Sinners_is1) (Version: - )
TunePat Spotify Converter 1.3.2 (HKLM-x32\...\TunePat Spotify Converter) (Version: 1.3.2 - Tunepat)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 93.1 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VdhCoApp 1.6.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WATCH_DOGS2 (HKLM-x32\...\Uplay Install 2688) (Version: - Ubisoft)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
Diagnostic Data Viewer -> C:\Program Files\WindowsApps\Microsoft.DiagnosticDataViewer_4.2007.3014.0_x64__8wekyb3d8bbwe [2021-02-15] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-20] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.101.0_x64__kzh8wxbdkxb8p [2021-02-23] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2021-02-16] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-07] (Microsoft Corporation) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.5.7.0_x64__w2gh52qy24etm [2021-02-23] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-02-27] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-23] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-02-20] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2672217650-3271366909-1307559834-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-2672217650-3271366909-1307559834-1001_Classes\CLSID\{04271989-C4D2-4432-05A6-96DCEB2E166C} -> [OneDrive - Thermo Fisher Scientific] => D:\OneDrive - Thermo Fisher Scientific [2020-09-07 13:38]
CustomCLSID: HKU\S-1-5-21-2672217650-3271366909-1307559834-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\gereg\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_24_6_25700.dll [2020-03-31] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => D:\Programy\Glary Utilities 5\x64\ContextHandler.dll [2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Programy\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => D:\Programy\Glary Utilities 5\x64\ContextHandler.dll [2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Programy\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.016.0124.0003\amd64\FileSyncShell64.dll [2021-02-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_272b5c540127d6d2\nvshext.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => D:\Programy\Glary Utilities 5\x64\ContextHandler.dll [2021-02-07] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => D:\Programy\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-02-26 17:13 - 2017-08-03 05:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDControl.dll
2021-02-26 16:27 - 2005-07-19 04:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Support\unrar.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 104869376 ____C () [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\libcef.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000112128 ____C () [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\libegl.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 006227456 ____C () [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\libglesv2.dll
2020-04-07 15:50 - 2020-04-07 15:50 - 024490144 _____ (Acronis International GmbH -> ) [File not signed] [File is in use] C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2021-02-26 17:13 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-02-23 21:15 - 2021-02-23 21:15 - 001612800 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.101.0_x64__kzh8wxbdkxb8p\DCv2\SQLite.Interop.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000810496 ____C (The Chromium Authors) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\chrome_elf.dll
2015-07-08 16:54 - 2015-07-08 16:54 - 025338368 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icudt54.dll
2015-07-08 16:54 - 2015-07-08 16:54 - 002056704 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuin54.dll
2015-07-08 16:54 - 2015-07-08 16:54 - 001425408 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Acronis\TrueImageHome\icuuc54.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000047104 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\audio\qtaudio_windows.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000026112 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qgif.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000027136 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qico.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000243712 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qjpeg.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000223744 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qmng.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000020992 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qsvg.dll
2021-02-27 14:41 - 2021-02-27 14:41 - 000332288 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\imageformats\qtiff.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 001140224 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\platforms\qwindows.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 004943360 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Core.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 005022208 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Gui.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000626176 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Multimedia.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000877056 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Network.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 002908672 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Qml.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 003078656 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Quick.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000259072 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Svg.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 004718080 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Widgets.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000439296 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5WinExtras.dll
2021-02-27 14:42 - 2021-02-27 14:42 - 000159232 ____C (The Qt Company Ltd.) [File not signed] D:\Hry\Battle.net\Battle.net.beta.12713\Qt5Xml.dll
2021-02-26 17:13 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\System32:tdsrset_i.gfc [5846]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Programy\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\sharepoint.com -> hxxps://thermofisher-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-01-20 18:42 - 2021-02-26 17:45 - 000001305 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 activation.acronis.com
0.0.0.0 web-api-tih.acronis.com
0.0.0.0 web-api-tie.acronis.com
0.0.0.0 web-api-vmp.acronis.com
0.0.0.0 cloud-rs-ru2.acronis.com
0.0.0.0 cloud-fes-ru2.acronis.com
0.0.0.0 rpc.acronis.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;D:\Programy\QuickTime\QTSystem\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1 - 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary"
HKLM\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Spectrum"
HKLM\...\StartupApproved\Run32: => "CZC G GK1000"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKLM\...\StartupApproved\Run32: => "GammingApp"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "APP Manager"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "1Password"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-2672217650-3271366909-1307559834-1001\...\StartupApproved\Run: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B16463CC-001B-41C5-978D-C7C017124BC2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0BFC228B-7D82-4C05-BB43-D44D9A224802}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E47FF9C-C818-45B0-B198-136127960AD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8D8A7879-C71E-474C-AE02-3C42FC868965}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B76D05E2-DDAD-438C-B433-62C0D5E9CA64}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{50CB931B-A9F2-4A39-89CB-95DD95915B7A}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E0CBB3B7-EA81-49F6-9718-106FFDC9F091}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{1F9CA27B-43FD-473E-A5FD-F00ED4DAA7E2}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{A4D0D4B3-5C5C-444A-946A-A68F5709866F}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{694E9FF0-7E78-40F1-9597-0FF8E0E7ECE2}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{026BE749-53FC-49A9-982A-3DEC181459EC}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{181FB2ED-52B1-4C1B-8CEA-EC640A01CA1A}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{2EF6AD3B-6F4C-4CD8-97CD-F93914BBE707}] => (Allow) D:\Hry\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{D199307E-394D-4B02-990F-CD207A35FB08}] => (Allow) D:\Programy\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{66A26018-47FE-4CDB-9773-360B59563D21}] => (Allow) D:\Programy\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{6A46482A-0691-4FF2-8BB8-3812DF4E96BF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C5E89CCB-7DFC-4236-98A7-AF5DBEEDEB0B}G:\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) G:\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{2B594DE0-27A2-4E82-9D73-39EBCF60C0A1}G:\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) G:\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{2554BE20-5EA6-4240-BA9E-CC72B515AB68}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{E29EF54D-149B-4149-A8B9-5DD60890DB7C}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{39B95B22-5B77-4FA1-9FD0-B8EB9FD91EA4}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{E10684AC-AA1D-4A05-9575-24286844A30B}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{AF1F4855-FBFE-42E7-B0E9-512C5F1E0973}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{CB8B30CA-3F4D-4DBC-BFBA-D105B03DC0E8}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{952CF643-715F-4169-9E3D-D4F98BF964BC}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{FD1F4243-06B0-4915-8F85-400967831D36}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{316510E6-3CC3-4F1B-96E7-89BCE7D8398F}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D74E462C-B431-405D-9896-9F24CCBC98C9}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{C5F70233-0DEC-401B-BDBA-E162B2444C91}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{6D92E986-805D-48E0-8A3C-561AEF1A4DF9}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{548E330A-B79F-4D5D-B2FD-82326F526D08}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{E4B3FA97-ABB2-47B4-84E9-B11BB5FE5E03}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{E36A72E9-FFD1-4B0F-A9C5-7E713CF0251C}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{E064F689-7590-47CF-828B-5824F5A629DF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{41DADEAA-1167-4FE9-89EC-0ED15FABA558}] => (Allow) D:\Hry\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{D6E0FA28-C1E3-4309-BCDE-593317FD9E01}D:\hry\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe] => (Allow) D:\hry\steam\steamapps\common\steamvr\tools\steamvr_environments\game\bin\win64\steamtours.exe (Valve -> )
FirewallRules: [{E124281B-5A5F-43FB-B4F2-CDF50B4684F5}] => (Allow) D:\Hry\ANNO1800\Bin\Win64\Anno1800.exe (Ubisoft Blue Byte GmbH -> Ubisoft)
FirewallRules: [{AA85BF28-B14C-44FA-AE0A-29D3626DAB98}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen.exe () [File not signed]
FirewallRules: [{8B138075-F474-449A-895A-F171081C8617}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen.exe () [File not signed]
FirewallRules: [{EEB47832-1CAB-42F6-8567-8FAF5C503EB7}] => (Allow) D:\VR\Software\bigscreen-bigscreen\UnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [{870C626A-AAD0-43E3-9204-79909D40F2CB}] => (Allow) D:\VR\Software\bigscreen-bigscreen\UnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [{BA5EE798-A0B7-4EC4-B58E-D1E05D5F6E26}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\bsdevcon.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{9860C4F8-020F-4EB9-A09C-C4293BC0ED0E}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\bsdevcon.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{D6441DB3-49B0-4C68-A5F0-6D01C8030601}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToBigscreen.exe () [File not signed]
FirewallRules: [{D2191E50-4E0D-4E2F-9247-7DCF84926E34}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToBigscreen.exe () [File not signed]
FirewallRules: [{194CA2AB-F23E-4BB5-B866-D89B0EED6682}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToDefaults.exe () [File not signed]
FirewallRules: [{B3C95B4E-4F9A-4FEC-9D2B-CD3F87DE5808}] => (Allow) D:\VR\Software\bigscreen-bigscreen\Bigscreen_Data\StreamingAssets\bsvad\RouteToDefaults.exe () [File not signed]
FirewallRules: [{7CEFCDB8-5E4D-4053-8A83-CB978DFD1A4B}] => (Allow) D:\Hry\Steam\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{7018F910-226D-4F6D-91C7-8A4FF51FB2D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A5855EF-AE69-4418-A267-4DEB2FABB5B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{33567586-FCDC-4DA1-A3FD-74B48B1C6210}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F26B2DF1-4863-447E-B1E1-CEA776EB0705}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A7283B11-97E5-4EB4-9411-321373AFADC4}] => (Allow) D:\Programy\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{FF03C81E-C93D-48C5-9CC3-956F38BB57A0}] => (Allow) D:\Programy\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{0BDA26A5-EA90-433C-A83E-93379AF61D0F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09C57FB6-27A7-4EE8-A0FF-B1C82F001026}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2F2D812-35DD-4379-B999-2040CC45E1E5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB728999-FC6B-4F23-B27C-5778603549A4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{719DACE9-1911-4514-A216-C407EE142885}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93925008-AB68-4692-BB97-DC5BA0A6DB08}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BCC70102-773D-4410-99B4-41473B293F05}] => (Allow) D:\Programy\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{891F1DD4-3E9B-43E9-8A0C-C9D78FAC72B7}] => (Allow) D:\Programy\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{8393B434-370D-45E3-B9B5-5410DCFEEEB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{647DDBC8-0E5D-4E91-BC8E-5C2799E93740}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{72B8B574-5F41-4D11-AA02-D858CE301CFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B3BCD86-C9A4-4E44-934D-9A40572818E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4ADFC178-2F90-4C20-BC93-A800184B4FA5}] => (Allow) D:\Hry\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BA8802A9-4C8A-48C9-B0AD-1FB284854C77}] => (Allow) D:\Hry\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{169EC98F-5F27-424B-AAC9-5BE3CD3E3449}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{CEB1CE89-9980-4C7A-8EB8-B279163FB799}] => (Allow) D:\Hry\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{4534918E-37B1-499C-8F58-57300CFB9F5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{065E7D3E-593E-411D-9DB5-FFB2AF55DC5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B850CCE1-B0BE-4A6C-AD36-A749FE7825C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0AD676B0-B688-4495-8054-5D9F5961344A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{577953E3-9A63-4DB1-9F07-C419F89D328D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{888E3F06-2225-4F14-8FB0-19B10410E6B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2D057FB0-592E-4319-9554-412D7E347487}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{75B56FA6-0B65-4C78-BFE4-B25AD540129F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{12D6C6CE-AA0F-4108-8A21-2E3D72C1723B}] => (Allow) D:\Programy\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{6E3ECF59-3B4E-49D9-99E0-A407A02FB578}] => (Allow) D:\Programy\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{D2C29BDF-5117-428D-912C-1854A6415E01}] => (Allow) D:\Programy\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{7A2B8561-1EB9-4107-939E-FBD34F359F52}] => (Allow) D:\Programy\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{BB69E407-3FDC-470C-84E0-9E5539662B67}] => (Allow) D:\Programy\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{FB438F9B-0D60-4B5B-83B3-39D6BE2B325E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{35A3C723-1BE1-476A-9394-7EAB31B02D6E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{65DD1F77-29C8-4E99-9478-288233BE1275}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{6CE1CBA3-A1B1-4DC6-A318-A9CE0C03A024}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{B99DDCCC-F29F-4BB5-9AA1-A9D31AF9E18D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{19147207-9C42-487F-AEA4-7F94D8FE1202}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{4C8441AB-B16D-49B2-90EB-CD5ED9425C79}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{D79E7942-AA9E-4865-ABE4-430F13F994C4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{A50E17F9-3FE0-482B-B860-0BCE548E89B0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{02F09D3E-1726-4598-B6C9-DDD1EE5F89C4}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{FD2A8533-389D-492B-A850-6A98CA00E976}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{0AD70071-9DF5-40E8-B968-B9C6E23675D8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{11F2AC9D-7DD3-4DB9-B625-FB3EB654DA6B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{4E849EA1-2110-4831-9EE0-272E3270D71D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{6364A584-E04E-4F23-B438-2D3500157C02}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{8FC35490-8973-40C0-A9C3-C5B5C2E94C6D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{0ABE1D75-42CA-44E4-B779-32E824BA99E0}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{936AA0F1-D3B6-458A-AAA3-3A2299EE4711}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe (Acronis International GmbH -> )
FirewallRules: [{286AC1DA-C659-4C76-987B-4A99519F83A2}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{D258B733-0E0D-4DC5-AC69-3D502659A0F1}] => (Block) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> ) [File not signed]
FirewallRules: [{EA82B8D3-94F6-4573-9391-9BFE7D5FCF24}] => (Allow) LPort=32682
FirewallRules: [{56AFEBB1-4446-4AB5-B6A3-B9228ADF08EC}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E9C855A5-FECF-40A3-AB83-D03987C0F4BE}] => (Allow) D:\Programy\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DD8008B0-0C48-4EB7-B2DC-AEA109DEF99E}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{17BC36F5-3868-4860-A0F6-6151F6CD4991}] => (Allow) D:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{38656CF8-B892-4527-84EA-C0D113693229}] => (Allow) F:\Games\GTA V Redux CZ\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DFB3AF49-EEF5-4EC4-AE75-B1B0420BC1B1}] => (Allow) F:\Games\GTA V Redux CZ\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{997E775E-4A2B-4FC8-9492-D60165B9E223}] => (Block) E:\Programy\HD Video Converter Factory Pro\VideoConverterFactoryPro.exe (WonderFox Soft, Inc. -> WonderFox Soft, Inc)

==================== Restore Points =========================

26-02-2021 18:27:47 Instalační služba modulů systému Windows
26-02-2021 19:09:03 Instalační služba modulů systému Windows
26-02-2021 19:10:00 Instalační služba modulů systému Windows
26-02-2021 19:22:12 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/01/2021 09:28:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program VideoConverterFactoryPro.exe verze 21.3.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 38b8

Čas spuštění: 01d70ed5c492c83b

Čas ukončení: 4294967295

Cesta k aplikaci: E:\Programy\HD Video Converter Factory Pro\VideoConverterFactoryPro.exe

ID hlášení: 0f77dcc1-ddc4-4a12-a97b-36d779a89b3c

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (03/01/2021 07:26:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Battle.net.exe, verze: 1.32.0.12713, časové razítko: 0x6036a230
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0xb610d74d
Kód výjimky: 0xe0000008
Posun chyby: 0x0012a8b2
ID chybujícího procesu: 0x2ccc
Čas spuštění chybující aplikace: 0x01d70ec699ad8867
Cesta k chybující aplikaci: D:\Hry\Battle.net\Battle.net.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fdb96acb-ad34-4204-b24f-1205540b1d60
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2021 07:13:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Battle.net.exe, verze: 1.32.0.12713, časové razítko: 0x6036a230
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0xb610d74d
Kód výjimky: 0xe0000008
Posun chyby: 0x0012a8b2
ID chybujícího procesu: 0x4ed4
Čas spuštění chybující aplikace: 0x01d70ec08ae563bb
Cesta k chybující aplikaci: D:\Hry\Battle.net\Battle.net.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: be8e0973-249e-4b7f-b9f6-c70d7ef55cf0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2021 05:59:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GTA5.exe, verze: 1.0.2060.0, časové razítko: 0x5f2b11a9
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.844, časové razítko: 0x60a6ca36
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000024785
ID chybujícího procesu: 0x3a20
Čas spuštění chybující aplikace: 0x01d70eb893f1f291
Cesta k chybující aplikaci: F:\Games\GTA V Redux CZ\GTA5.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 74398d40-5021-4144-95f1-394ee788d411
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/01/2021 01:50:06 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (02/27/2021 03:48:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/27/2021 03:48:20 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/27/2021 03:48:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

System errors:
=============
Error: (03/01/2021 08:12:29 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Směrování a vzdálený přístup skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedený soubor.

Error: (03/01/2021 08:11:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Shared PC Account Manager byla ukončena s následující chybou:
Katastrofální selhání

Error: (03/01/2021 08:11:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Microsoft App-V Client skončila s následující chybou specifickou pro službu:
Kontext objektu MTS neexistuje.

Error: (03/01/2021 08:09:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba User Experience Virtualization Service skončila s následující chybou specifickou pro službu:
Řídicí bloky úložného prostoru byly zničeny.

Error: (03/01/2021 08:08:38 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Microsoft App-V Client skončila s následující chybou specifickou pro službu:
Kontext objektu MTS neexistuje.

Error: (03/01/2021 08:08:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Směrování a vzdálený přístup skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedený soubor.

Error: (03/01/2021 07:25:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (60000 ms).

Error: (03/01/2021 07:25:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Zasílání zpráv o chybách systému Windows byla ukončena s následující chybou:
K dokončení požadované služby je stránkovací soubor příliš malý.

Windows Defender:
================
Date: 2021-03-01 21:03:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_E:\Firefox Download\APF10.zip
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: PSYCHIQPC\gereg
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.2093.0, AS: 1.331.2093.0, NIS: 1.331.2093.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-01 21:00:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\gereg\AppData\Local\Temp\Rar$DRa18916.13302\Keygen.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: PSYCHIQPC\gereg
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.331.2093.0, AS: 1.331.2093.0, NIS: 1.331.2093.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-01 15:27:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4E84924E-57D6-46C8-84C2-5FF521526BAE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-26 18:06:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.DE!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\Programy\TunePat Spotify Converter\resources\com.tunepat.spotify.converter\native\register_wrapper.dll
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: PSYCHIQPC\gereg
Název procesu: D:\Programy\TunePat Spotify Converter\TunePat Spotify Converter.exe
Verze bezpečnostních informací: AV: 1.331.1878.0, AS: 1.331.1878.0, NIS: 1.331.1878.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-24 18:52:54
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/ICBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Windows\Temp\CC-Updates\Update-6382e83ee8373f7eb320c4ab6916c9dc.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: PSYCHIQPC\gereg
Název procesu: E:\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.331.1739.0, AS: 1.331.1739.0, NIS: 1.331.1739.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-26 19:17:17
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2021-02-19 17:01:07
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

CodeIntegrity:
===============
Date: 2021-02-21 14:12:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume11\Programy\K-Lite Codec Pack\Filters\LAV64\LAVSplitter.ax that did not meet the Microsoft signing level requirements.

Date: 2021-02-21 14:12:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume11\Programy\K-Lite Codec Pack\Filters\DirectVobSub64\vsfilter.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-21 14:12:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\MDEServer.exe) attempted to load \Device\HarddiskVolume11\Programy\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. H.A0 12/15/2020
Motherboard: Micro-Star International Co., Ltd. X470 GAMING PLUS MAX (MS-7B79)
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 16309.72 MB
Available physical RAM: 10589.04 MB
Total Virtual: 19209.72 MB
Available Virtual: 8471.94 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:111.22 GB) (Free:46.81 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:323.52 GB) NTFS
Drive e: (Datovka) (Fixed) (Total:1863 GB) (Free:1778.02 GB) NTFS
Drive f: (NVMe) (Fixed) (Total:931.5 GB) (Free:795.37 GB) NTFS
Drive g: (Games) (Fixed) (Total:232.87 GB) (Free:102.74 GB) NTFS

\\?\Volume{91f8f381-bd75-42cd-a4e3-947394d8f463}\ () (Fixed) (Total:0.46 GB) (Free:0.04 GB) NTFS
\\?\Volume{3ba472ab-91a7-463a-abdf-77b58926b30f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 0EFA0FA8)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 2519A0DF)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-02-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 13
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\Tencent
Deleted C:\Users\gereg\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\gereg\AppData\Local\Tencent
Deleted C:\Users\gereg\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\gereg\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

Deleted C:\Users\gereg\AppData\Roaming\Mozilla\Firefox\Profiles\jii7kvfo.default-release\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2361 octets] - [02/03/2021 17:29:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o nove logy FRST + ADDITION

VIRY.CZ

Preventivni kontrola PC

Preventivni kontrola PC

Re: Preventivni kontrola PC

Re: Preventivni kontrola PC

Re: Preventivni kontrola PC