Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019
Ran by Michal (20-04-2019 07:46:25)
Running from C:\Users\Michal\Desktop\FRST
Windows 7 Professional N Service Pack 1 (X64) (2017-09-07 18:27:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2180884660-450883477-2478548842-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2180884660-450883477-2478548842-1003 - Limited - Enabled)
Guest (S-1-5-21-2180884660-450883477-2478548842-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2180884660-450883477-2478548842-1005 - Limited - Enabled)
Michal (S-1-5-21-2180884660-450883477-2478548842-1000 - Administrator - Enabled) => C:\Users\Michal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
AIDA64 Extreme v5.92 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.92 - FinalWire Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.4.1 - Advanced Micro Devices, Inc.)
Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.8 - Arduino LLC)
ARM Toolchain (HKLM-x32\...\{6433785E-9AFB-4346-805D-283FB8435E9F}) (Version: 7.0.1640 - Atmel) Hidden
Atmel Driver Files (HKLM-x32\...\{6C70C2A5-48A6-44F6-8F95-1619109A17D1}) (Version: 8.0.29 - Atmel Corporation)
Atmel LibUSB0 Driver (x64) (HKLM\...\{C1F86585-CDAC-4ABE-B163-161DDBCC4332}) (Version: 7.0.125 - Atmel)
Atmel Segger USB Drivers (501e) (HKLM-x32\...\{156C0C95-4DDE-4F88-97A0-5EEE22269CE3}) (Version: 7.0.417 - Atmel)
Atmel Software Framework (HKLM-x32\...\{8518CA98-3778-4FA0-8F36-6E086A45B3D2}) (Version: 7.0.1922 - Atmel) Hidden
Atmel Studio 7.0 (HKLM-x32\...\{8ea32284-3341-41bb-b757-d6335c74cb67}) (Version: 7.0.1931 - Atmel)
Atmel Studio Development Environment (HKLM-x32\...\{4BDCAE74-617D-4FDA-BA9A-13998FB294AB}) (Version: 7.0.1931 - Atmel) Hidden
Atmel WinUSB (HKLM-x32\...\{22D3C72E-42F9-4B0F-B331-E0AA134ADF76}) (Version: 6.2.32 - Atmel)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Automation Software Updater (HKLM-x32\...\{CCC0B7DD-EBDB-4DF1-BC0E-5F37ED239DEA}) (Version: 02.02.0100 - Siemens AG) Hidden
AVR32 Device Support (HKLM-x32\...\{F5907D5E-125E-44B3-B856-C5578ECD53AA}) (Version: 7.0.1418 - Atmel) Hidden
AVR32 Toolchain 7.0 (HKLM-x32\...\{8AF6AD1C-A2DE-412D-9FEE-ECF60AD534BB}) (Version: 7.0.536 - Atmel) Hidden
AVR8 Device Support (HKLM-x32\...\{3B244372-C1E3-46FD-8703-534458C11B97}) (Version: 7.0.1921 - Atmel) Hidden
AVR8 Toolchain (HKLM-x32\...\{AC81CD0F-1C44-4BD6-AFE8-E5C2DF6D7EA7}) (Version: 7.0.1586 - Atmel) Hidden
BOARDS.TXT Editor 1.60.0.0622 (HKLM-x32\...\BOARDS.TXT Editor_is1) (Version: 1.60.0.0622 - Heinz Kessler)
Brackets (HKLM-x32\...\{73C9B88C-61DF-4DC1-9F38-8FBB2AF45816}) (Version: 1.12.1 - brackets.io)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Cisco Packet Tracer 7.0 64Bit (HKLM\...\Cisco Packet Tracer 7.0 64Bit_is1) (Version:  - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.49.0 - Conexant)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
DiagnosticsHub_CollectionService (HKLM\...\{440C5592-4EA5-4772-B256-969D66068843}) (Version: 15.9.28016 - Microsoft Corporation) Hidden
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.3.0.4908 - DLL-Files.com Client)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.1 - Poikosoft)
EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies)
Exsys_demo (HKLM-x32\...\{38C7D3CC-5AFE-11D4-88F2-B65034F1AC50}) (Version: 8.0 - Exsys Inc)
FileZilla Client 3.28.0 (HKLM-x32\...\FileZilla Client) (Version: 3.28.0 - Tim Kosse)
Flip 3.4.7 (HKLM-x32\...\flip.exe) (Version: 3.4.7 - Atmel)
GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 2.31.007 - Runtime Software)
GNS3 (HKLM-x32\...\GNS3) (Version: 2.1.3 - GNS3 Technology Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
IBM Rational Rhapsody 8.2.1 (HKLM-x32\...\{66AE6019-8505-4798-ADED-EDF2F43EF89C}) (Version: 8.2.1 - IBM Corporation)
icecap_collection_neutral (HKLM-x32\...\{A3B4D258-74E1-49D6-9A86-2DFEFEE48DEC}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{E524832A-C567-499A-8872-0D79596E4DEE}) (Version: 15.8.27906 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{469961DF-482F-4213-ACD4-4AFD443F2A88}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{12246E9A-D1A6-4D96-8CEA-CCFD064B16E2}) (Version: 15.8.27924 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3114 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
JetBrains PyCharm Community Edition 2018.2.7 (HKLM-x32\...\PyCharm Community Edition 2018.2.7) (Version: 182.5107.56 - JetBrains s.r.o.)
KiCad 5.0.2_1 (HKLM-x32\...\KiCad) (Version: 5.0.2_1 - KiCad)
Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10230 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.14.1 - ELAN Microelectronic Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-2180884660-450883477-2478548842-1000\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-2180884660-450883477-2478548842-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202019072738198\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Malwarebytes verzia 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MATLAB R2017b (HKLM\...\Matlab R2017b) (Version: 9.3 - MathWorks)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.599.11 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.35 - McAfee, Inc.)
Messenger for Desktop (HKU\S-1-5-21-2180884660-450883477-2478548842-1000\...\messengerfordesktop) (Version: 2.0.9 - MessengerForDesktop.com)
Messenger for Desktop (HKU\S-1-5-21-2180884660-450883477-2478548842-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202019072738198\...\messengerfordesktop) (Version: 2.0.9 - MessengerForDesktop.com)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.11601.20072 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11601.20072 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2180884660-450883477-2478548842-1000\...\OneDriveSetup.exe) (Version: 19.062.0331.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2180884660-450883477-2478548842-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202019072738198\...\OneDriveSetup.exe) (Version: 19.062.0331.0003 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM\...\{98DD6908-C582-452A-954D-E79E6DF0310A}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server vNext CTP1.6 (HKLM-x32\...\{640EECB8-1962-4D23-ACB2-310107EC7ED9}) (Version: 15.0.600.33 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11601.20072 - Microsoft Corporation)
Microsoft Visio Professional 2016 - sk-sk (HKLM\...\VisioProRetail - sk-sk) (Version: 16.0.11601.20072 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27012 (HKLM-x32\...\{67f67547-9693-4937-aa13-56e296bd40f6}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 6.0 Introductory Edition (HKLM-x32\...\Visual C++ 6.0 Introductory Edition) (Version:  - )
Microsoft Visual Studio 2015 Shell (Isolated) (HKLM-x32\...\{d2981c27-a434-4c9a-96c7-0209e97c4eac}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1080.1029 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 66.0.3 (x64 sk) (HKLM\...\Mozilla Firefox 66.0.3 (x64 sk)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
MuseScore 2 (HKLM-x32\...\{DC8A2B29-D9A7-4D67-A049-BC0A659A2B57}) (Version: 2.1.0 - Werner Schweer and Others)
MuseScore 3 (HKLM\...\{FFF4F949-205B-47D0-B1FC-6F47994A208C}) (Version: 3.0.2.5315 - Werner Schweer and Others)
NCM GPRS 64 (HKLM\...\{482926C0-5D27-4031-BF06-B33D9C091CB0}) (Version: 01.02.0000 - Siemens AG) Hidden
Neuratron AudioScore Ultimate Demo (HKLM-x32\...\Neuratron AudioScore Ultimate Demo) (Version: 6.5.0 - Neuratron Limited)
Neuratron PhotoScore Ultimate Demo (HKLM-x32\...\Neuratron PhotoScore Ultimate Demo) (Version: 7.0.2 - Neuratron Ltd)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20072 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20072 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11601.20072 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.0.4 (HKLM\...\{79366295-CD6A-4467-9901-4A7DFCF90F40}) (Version: 6.0.4 - Oracle Corporation)
Packet Sender x64 (HKLM\...\{0733E0D4-8D2F-4CC8-A5C3-5319BC793BD1}}_is1) (Version:  - NagleCode, LLC)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PuTTY release 0.71 (64-bit) (HKLM\...\{B27534DB-4F72-4F49-A3AD-5EC1B6901E5E}) (Version: 0.71.0.0 - Simon Tatham)
Python 2.7.13 (64-bit) (HKLM\...\{4A656C6C-D24A-473F-9747-3A8D00907A04}) (Version: 2.7.13150 - Python Software Foundation)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
R-Studio 6.1 (HKLM-x32\...\R-Studio 6.1NSIS) (Version: 6.1.152019 - R-Tools Technology Inc.)
SAM Device Support (HKLM-x32\...\{92F1A6C4-BE42-4E2B-BB6D-B94E96E0063F}) (Version: 7.0.1921 - Atmel) Hidden
SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
SeCon (HKLM-x32\...\{CCC70FDD-3A54-11D6-92A8-00A0245B3AC6}) (Version: 02.04.0002 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Hardware Support Base Package 0  V14.0 (HKLM\...\{CFBAA2AE-8FBF-49C5-854A-618BCC66C437}) (Version: 14.00.0000 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Hardware Support Base Package 02  V14.0 (HKLM\...\{13F2D50C-436E-43DB-83DD-7AB8CDEB3801}) (Version: 14.00.0000 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Hardware Support Base Package 03  V14.0 (HKLM\...\{98DB88E0-03DA-4516-B67E-143869A61B4B}) (Version: 14.00.0000 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Hardware Support Base Package 04  V14.0 + SP1 (HKLM\...\{F1D86C5A-1E5A-4FFF-AA93-FD64A07110C7}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Hardware Support Base Package WCF-01  V14.0 (HKLM\...\{ADCDE9ED-AD98-4A86-A41E-0C1CFBDBA5EC}) (Version: 14.00.0000 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - HM All Editions Single SetupPackage  V14.0 + SP1 (HKLM\...\{9E5EE973-6FF2-488B-B6D9-C1AA9AA1B690}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - HM NoBasic Single SetupPackage  V14.0 + SP1 (HKLM\...\{D5D1F235-440E-4F2B-81BE-FCA6C3F2E883}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Multiuser Client Single SetupPackage  V14.0 + SP1 (HKLM\...\{1C9345DD-E28D-4ED0-9F64-FF313257D6CD}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Openness SetupPackage  V14.0 + SP1 (HKLM\...\{46271E20-10E6-48B0-9519-3D9792008105}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - SIMATIC S7-PLCSIM  V14.0 + SP1 (HKLM\...\{31F3A140-96DA-453E-B376-07EE247C6687}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Simatic Single SetupPackage  V14.0 + SP1 (HKLM\...\{6AE76789-42CF-4337-992C-D1C03C4CD75D}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Simatic Single SetupPackage 32 Bit  V14.0 + SP1 (HKLM-x32\...\{9B29250C-6262-4974-AACC-B516FBA3144E}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - STEP 7 Safety Single SetupPackage  V14.0 + SP1 (HKLM\...\{C0169D6B-E4A4-40BC-8127-55FC3C5EFB1E}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - STEP 7 Single SetupPackage  V14.0 + SP1 (HKLM\...\{61CB03D6-7126-47A5-9876-9B66D3CF58D4}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Support Base Package TO-01  V14.0 (HKLM\...\{933E935C-C991-4E0A-BFC8-200A40DF8905}) (Version: 14.00.0000 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - Support Base Package TO-02  V14.0 (HKLM\...\{BE6C943D-BF0E-48EC-8A04-C798A706730A}) (Version: 14.00.0000 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - TIACOMPCHECK Single SetupPackage  V14.0 + SP1 (HKLM\...\{506EF692-8AB0-4BD7-90EF-1B02BD57C5E6}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - WinCC Single SetupPackage  V14.0 + SP1 (HKLM\...\{21C3C866-368F-446A-A93C-C8B1838EABAC}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - WinCC Single SetupPackage 32 Bit  V14.0 + SP1 (HKLM-x32\...\{F56F9150-97C8-4EA1-BAF7-5B3E819B7F61}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - WinCC Transfer Current All Single SetupPackage  V14.0 + SP1 (HKLM\...\{72CC9B35-38D5-433F-9482-DAACC5EB2E41}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens  Totally Integrated Automation Portal V14 - WinCC Transfer Legacy All Single SetupPackage  V14.0 + SP1 (HKLM\...\{244AC073-BFDB-4B2F-A7EB-9B8079F956FE}) (Version: 14.00.0100 - Siemens AG) Hidden
Siemens Automation License Manager (HKLM\...\{EE9EEDC7-A63B-47A7-BA69-ADA112D2B972}) (Version: 05.03.0303 - Siemens AG) Hidden
Siemens Automation License Manager V5.3 + SP3 + Upd3 (HKLM\...\{EE9EEDC7-A63B-47A7-BA69-ADA112D2B972}LicenseManager) (Version: 05.03.0303 - Siemens AG)
Siemens TIA Updater Corporate Configuration Tool V2.2 (HKLM-x32\...\Siemens Installer Assistant - TIAUCCT) (Version: V2.2 - Siemens AG)
Siemens Totally Integrated Automation Portal V14 (HKLM-x32\...\Siemens Installer Assistant - TIAP14) (Version: V14 - Siemens AG)
SIMATIC Device Drivers (HKLM\...\{CCC01ADD-3A54-15D6-92A8-00A0245B3AC6}) (Version: 09.01.0200 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (HKLM-x32\...\{CCC01ADD-3A54-11D6-92A8-00A0245B3AC6}) (Version: 29.01.0200 - Siemens AG) Hidden
SIMATIC Event Database (HKLM-x32\...\{CCC12ADD-3A54-11D6-92A8-00A0245B3AC6}) (Version: 05.05.0502 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (HKLM\...\{CCC230DD-3A54-11D6-92A8-00A0245B3AC6}) (Version: 14.00.0100 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (HKLM-x32\...\{CCC02FDD-3A54-11D6-92A8-00A0245B3AC6}) (Version: 14.00.0100 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (HKLM\...\{CCC31FDD-3A54-11D6-92A8-00A0245B3AC6}) (Version: 05.06.0000 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (HKLM\...\{CCC57ADD-3A54-11D6-92A8-00A0245B3AC6}) (Version: 14.00.0100 - Siemens AG) Hidden
SIMATIC Prosave (HKLM-x32\...\{B3BA3EBF-D625-4C4C-A910-2D51E19CD93C}) (Version: 14.00.0100 - Siemens AG) Hidden
SIMATIC Prosave V14.0 SP1 (HKLM-x32\...\{B3BA3EBF-D625-4C4C-A910-2D51E19CD93C}Prosave) (Version: 14.00.0100 - Siemens AG)
SIMATIC S7-PLCSIM (HKLM\...\{8B9890DE-9663-497B-A7D6-5A6FC5566433}) (Version: 14.00.0100 - Siemens AG) Hidden
SIMATIC S7-PLCSIM (HKLM-x32\...\{CA520FE0-C928-44AF-A007-AFC35A2A40F8}) (Version: 05.04.0800 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V14 SP1 (HKLM-x32\...\Siemens Installer Assistant - S7_PLCSIM_V14) (Version: V14 SP1 - Siemens AG)
SIMATIC S7-PLCSIM V5.4 + SP8     (HKLM-x32\...\{CA520FE0-C928-44AF-A007-AFC35A2A40F8}PLCSim) (Version: 05.04.0800 - Siemens AG)
SolarWinds Response Time Viewer (HKLM-x32\...\{5B415E10-D1C1-4E54-9061-AE0FB3D7F2B2}) (Version: 1.0.0.162 - SolarWinds)
SYSM Monitor (HKLM-x32\...\SYSM Monitor_is1) (Version:  - SYSM Monitor)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
TIA Portal Multiuser Server V14 -  TIA Portal Multiuser Server Single SetupPackage  V14.0 SP1 (HKLM\...\{C1521AD2-B1E0-493A-953A-96DAA7879873}) (Version: 14.00.0100 - Siemens AG) Hidden
TIA Portal Multiuser Server V14 (HKLM-x32\...\Siemens Installer Assistant - MUSERVERV14) (Version: V14.0 SP1 - Siemens AG)
TIA Updater Corporate Configuration Tool V2.2 -  TIA Updater Corporate Configuration Tool SetupPackage  V02.2 (HKLM-x32\...\{1B2CCC33-2E6D-46B5-B63B-F53C1DF77238}) (Version: 02.02.0000 - Siemens AG) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Totally Integrated Automation Portal V14 -  TIA Portal Single SetupPackage  V14.0 SP1 (HKLM\...\{58BA9F8F-E367-45E2-B93D-235F61F5B44B}) (Version: 14.00.0100 - Siemens AG) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VC User 71 RTL X86 --- (HKLM-x32\...\{A4A4567C-5C29-4756-992D-F84D8250C435}) (Version: 1.0 - redistributed from Microsoft Corporation merge modules) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{16E08161-F78C-4FFC-8E12-F9BEA280795F}) (Version: 14.16.27012 - Microsoft Corporation) Hidden
Viber (HKLM-x32\...\{6CB3CA37-2A07-43D8-96F6-9E512E4E82C6}) (Version: 9.8.5.7 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2180884660-450883477-2478548842-1000\...\{9571e578-1020-4bf7-af69-115ab1bd32ab}) (Version: 9.8.5.7 - Viber Media Inc.)
Viber (HKU\S-1-5-21-2180884660-450883477-2478548842-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202019072738198\...\{9571e578-1020-4bf7-af69-115ab1bd32ab}) (Version: 9.8.5.7 - Viber Media Inc.)
VideoProc (HKLM-x32\...\VideoProc) (Version: 3.0 - Digiarty, Inc.)
VirtViewer 5.0-256 (64-bit) (HKLM\...\{6E998B6D-DDD5-4BB9-BC83-C86F76D9E0CE}) (Version: 5.0.256 - Virt Manager Project)
Visual Studio Community 2017 (HKLM-x32\...\46d50781) (Version: 15.9.28307.145 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{54FBC9A9-CCA1-417E-ACA6-203A32A39F37}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{4B816AD0-D12B-498A-8148-7CBE3ED328DE}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{8B657335-3813-4CF4-A6FE-2AA44BE23F94}) (Version: 16.0.95.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{71797C29-380A-492C-B35A-F5E4A7B57BDC}) (Version: 15.9.28307 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{40040E64-50EB-4FCF-B209-DA0B20821759}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{B6BAC9A6-A70D-4E4D-B90A-7EE2B336E090}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{3161DA68-DD37-4798-82DB-B3A0BD6BA233}) (Version: 15.8.27729 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{3A78DA3D-C8D4-429D-B536-6E59A0088451}) (Version: 15.8.27825 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
WAV MP3 Converter 4.2 Build 1259 (HKLM-x32\...\WAV MP3 Converter 4.2 Build 1259) (Version:  - )
WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinCC Runtime Advanced Simulator (HKLM-x32\...\{CCC710DD-3A54-11D6-92A8-00A0245B3AC6}) (Version: 14.00.0100 - Siemens AG) Hidden
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28) (HKLM\...\9E24492CE9279512BD465F61DB8523641BB7BBFC) (Version: 01/18/2013 2.08.28 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28) (HKLM\...\E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD) (Version: 01/18/2013 2.08.28 - FTDI)
Windows Driver Package - SICK AG (WinUSB) SOPASDevice  (10/14/2011 2.0.0.0) (HKLM\...\69313F456F51318C8533C461CFDD3626AF212D4F) (Version: 10/14/2011 2.0.0.0 - SICK AG)
Windows Driver Package - SICK AG (WinUSB) SOPASDevice  (10/14/2011 2.0.0.0) (HKLM\...\788C2FE46C30E219905850C5E7D8B0F404064BD7) (Version: 10/14/2011 2.0.0.0 - SICK AG)
Windows Driver Package - TMG Technologie und Engineering GmbH (usbser) Ports  (05/28/2013 1.80.0015.0) (HKLM\...\7A243A9E0ECECA4A3608B8491A8856602C3B03AF) (Version: 05/28/2013 1.80.0015.0 - TMG Technologie und Engineering GmbH)
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden
Wireshark 2.4.3 64-bit (HKLM-x32\...\Wireshark) (Version: 2.4.3 - The Wireshark developer community, hxxps://www.wireshark.org)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 5.5.30-6 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2180884660-450883477-2478548842-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202019072738198_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Michal\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2180884660-450883477-2478548842-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202019072738198_Classes\CLSID\{23066764-9BDD-4FBD-8B1F-F4547CF2684F}\InprocServer32 -> C:\Users\Michal\AppData\Local\Microsoft\OneDrive\18.070.0405.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2180884660-450883477-2478548842-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Michal\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2180884660-450883477-2478548842-1000_Classes\CLSID\{23066764-9BDD-4FBD-8B1F-F4547CF2684F}\InprocServer32 -> C:\Users\Michal\AppData\Local\Microsoft\OneDrive\18.070.0405.0002\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {21DD45ED-374F-4302-8419-07AA962B7424} - System32\Tasks\{E8E26F00-F565-4AFD-A6BD-2D88B78EB8B1} => C:\Windows\system32\pcalua.exe -a C:\Users\Michal\Downloads\VirtualBox-6.0.4-128413-Win.exe -d C:\Users\Michal\Downloads
Task: {2FC3AEA7-BDBC-463C-BBA5-4D21C23218E1} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {3524F657-BEC3-4BA6-80B7-863B849AC412} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {40A76F23-F052-4A2A-9242-6CC1C358E39D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {46926B98-89F4-4527-8305-0E0BD9B8206C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe (Adobe Inc. -> Adobe)
Task: {47008645-700E-4218-8D5E-05B31EBBB82B} - System32\Tasks\Opera scheduled Autoupdate 1509791618 => C:\Users\Michal\AppData\Local\Programs\Opera\launcher.exe
Task: {472ADADC-3570-471F-B4DF-D70C67A1ACAC} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {541754C4-03A8-490C-9DE9-A41435E43EA3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {5D4DB554-40FF-48A4-9C2C-74632D05B1CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {66990B9D-D477-41AF-A9BE-C08A1CBEE2F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6E890349-D6FB-48DE-B625-83C85A8E8CFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {8B2EEC35-3855-4167-B850-E4457E550FF3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {8D24E370-76DE-4D1F-94A7-ACB533DE503C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe)
Task: {95E2C329-1DE4-41A1-B75C-3F8D27247902} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {98DF57E7-847F-4B8A-B1B9-B6F79719FFAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {9F08D73D-215A-4FD3-A77C-860C6C516E81} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {C3FB1760-0BAB-443C-A1E4-7467F1474C1F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C5867171-573B-4E07-B395-17BCCE1A5873} - System32\Tasks\Adobe Update Task => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Update\armsvc.exe () [File not signed]
Task: {C74AD1A5-83F1-496A-8683-518C1DF6E427} - System32\Tasks\Opera scheduled suite Autoupdate 1509791620 => C:\Users\Michal\AppData\Local\Programs\Opera\launcher.exe
Task: {CD24275C-3973-4CC2-BD49-12EA96261E90} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2180884660-450883477-2478548842-1000 => C:\Users\Michal\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {D48ED53B-ACDD-4E57-A6E3-5843B92D9FB8} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D6AC24AB-806A-4B8C-BFEF-5A2C66F5A28E} - System32\Tasks\Opera scheduled assistant Autoupdate 1547141610 => C:\Users\Michal\AppData\Local\Programs\Opera\launcher.exe
Task: {D93729A7-598C-4267-B4F4-F7AFBB37456B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F13EB071-91BA-4C2E-9BD8-FE0C56EE195E} - System32\Tasks\WiperSoft Startup => C:\Program Files\WiperSoft\wipersoft.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\Michal\Desktop\programi\DАЕМОN Тoоls Litе.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnualtd.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\Desktop\programi\Моzillа Firеfох.lnk -> C:\Program Files (x86)\HPTurtle\TurtleStarter.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\Desktop\programi\Рrehliadač Орera.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files (x86)\HPTurtle\TurtleStarter.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Рrehliadač Оpеrа.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Program Files (x86)\HPTurtle\TurtleStarter.exe (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Internеt Eхplorеr Вrowser.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Рrehliadаč Оpеrа.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\fасeboоk.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехрlorеr.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozilla Firefох.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Рrehliаdаč Оperа.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.rehcnual.bat (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Мozilla Firefох.lnk -> C:\Users\Michal\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2019-02-01 12:26 - 2019-03-15 12:59 - 000093184 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Update\armsvc.exe
2017-02-02 15:06 - 2017-02-02 15:06 - 000780288 _____ () [File not signed] C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-03-26 23:50 - 2019-03-26 23:50 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-01-24 15:38 - 2019-01-24 15:38 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-01-24 15:37 - 2019-01-24 15:37 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-24 15:38 - 2019-01-24 15:38 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-01-31 16:50 - 2017-03-23 10:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-01-31 16:50 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-01-31 16:50 - 2017-03-23 10:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2018-10-28 12:09 - 2019-04-08 17:49 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-10-28 12:09 - 2019-04-08 17:49 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-10-28 12:09 - 2019-04-08 17:49 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-10-28 12:09 - 2019-04-08 17:49 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-10-28 12:09 - 2019-04-08 17:49 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-10-28 12:09 - 2019-04-08 17:49 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-10-28 12:09 - 2019-04-08 17:49 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-08 17:44 - 2019-04-08 17:49 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-08 17:44 - 2019-04-08 17:49 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-10-28 12:09 - 2019-04-08 17:49 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-08 17:49 - 2019-04-08 17:49 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-08 17:44 - 2019-04-08 17:49 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2013-01-31 15:20 - 2013-01-31 15:20 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-01-31 15:20 - 2013-01-31 15:20 - 000503296 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2017-10-05 18:56 - 2017-10-05 18:56 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [139]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-11-02 19:02 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\MATLAB\R2017b\bin;C:\Program Files (x86)\Brackets\command;C:\Program Files\PuTTY\;C:\Python27
HKU\S-1-5-21-2180884660-450883477-2478548842-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2180884660-450883477-2478548842-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04202019072738198\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{9A96FEDC-F998-484D-ABFB-C44773722AA1}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> )
FirewallRules: [UDP Query User{13AD8AA4-511E-45C4-8F89-26D8D1ECA499}C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe] => (Allow) C:\program files\cisco packet tracer 7.0\bin\packettracer7.exe (CISCO SYSTEMS, INC. -> )
FirewallRules: [{16137AC3-979F-41AE-8F4C-815DAA0AF4FF}] => (Allow) C:\Users\Michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{06885066-EAD1-4E28-9D0F-97443AF7424D}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe (Siemens AG -> SIEMENS AG)
FirewallRules: [{DBFB37C4-8084-4B5B-9506-FFC4D6E80914}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{11524A14-D0D9-4E08-A44C-E08CABFEC03A}] => (Allow) C:\Users\Michal\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [TCP Query User{803128CC-2EED-4344-B4D0-6FDD71DF1AD9}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{E758312D-69AC-4BD0-86B0-DFD15700853F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{F036B1F4-EBA9-4969-9AD2-912A43EEB882}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{6F28EF06-3AFA-43CB-BB7F-601E688B45E0}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{F00D3850-8F24-444C-B1EB-2DFD79ED4412}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{69E682D5-DB08-475A-AE82-700D5BC916C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{08251909-5F2F-472F-97D7-5EAC5B299071}C:\program files (x86)\ps3.proxyserver\ps3.proxyserver.gui.exe] => (Allow) C:\program files (x86)\ps3.proxyserver\ps3.proxyserver.gui.exe No File
FirewallRules: [UDP Query User{2F5C8D4D-CFCB-4A5E-8EFC-4A58F3981ACB}C:\program files (x86)\ps3.proxyserver\ps3.proxyserver.gui.exe] => (Allow) C:\program files (x86)\ps3.proxyserver\ps3.proxyserver.gui.exe No File
FirewallRules: [TCP Query User{AC55E468-3591-4C51-8178-E4C1B8F71B48}C:\users\michal\desktop\miniweb\miniweb.exe] => (Allow) C:\users\michal\desktop\miniweb\miniweb.exe No File
FirewallRules: [UDP Query User{B405C0A7-B054-40DE-B9C5-8BDAC644B818}C:\users\michal\desktop\miniweb\miniweb.exe] => (Allow) C:\users\michal\desktop\miniweb\miniweb.exe No File
FirewallRules: [TCP Query User{A3CA938F-DAF7-464D-A2DC-DA17035FDF98}C:\users\michal\desktop\miniweb\miniweb.exe] => (Allow) C:\users\michal\desktop\miniweb\miniweb.exe No File
FirewallRules: [UDP Query User{CCAA8F0C-DA27-4539-852A-5B2A791ADAFF}C:\users\michal\desktop\miniweb\miniweb.exe] => (Allow) C:\users\michal\desktop\miniweb\miniweb.exe No File
FirewallRules: [{FA2D92B7-6A10-4429-AB46-5DCD2D37CE86}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{24CDE195-283E-4318-A621-1BF04C767A06}] => (Allow) C:\Program Files\GNS3\gns3server.exe () [File not signed]
FirewallRules: [{9012649C-6825-4FC2-ACC4-95D64ACEA092}] => (Allow) C:\Program Files\GNS3\gns3server.exe () [File not signed]
FirewallRules: [{71819DF6-0CFA-45ED-A80D-2F867B3BB2D9}] => (Allow) C:\Program Files\GNS3\ubridge.exe () [File not signed]
FirewallRules: [{FB05FC84-2F7E-4182-8035-FB942643F695}] => (Allow) C:\Program Files\GNS3\ubridge.exe () [File not signed]
FirewallRules: [{A119C0DA-55C6-4852-B836-86D65833D20F}] => (Allow) C:\Program Files\GNS3\dynamips\dynamips.exe () [File not signed]
FirewallRules: [{58F456B6-F9F3-416F-B63D-8A439DDA68DA}] => (Allow) C:\Program Files\GNS3\dynamips\dynamips.exe () [File not signed]
FirewallRules: [{70C337D7-11E5-4284-A7C3-5D83DA871B71}] => (Allow) C:\Program Files\GNS3\vpcs\vpcs.exe () [File not signed]
FirewallRules: [{D516D2A6-69B8-412C-9D76-D6025C4907E4}] => (Allow) C:\Program Files\GNS3\vpcs\vpcs.exe () [File not signed]
FirewallRules: [{4F844E97-A294-4720-8FC2-AF7C43101F16}] => (Allow) C:\Program Files\GNS3\qemu-0.11.0\qemu.exe () [File not signed]
FirewallRules: [{5F9B7E6D-E553-4708-BB1F-7732A14B5990}] => (Allow) C:\Program Files\GNS3\qemu-0.11.0\qemu.exe () [File not signed]
FirewallRules: [{C284DEFA-E200-4760-AC21-CCEDA0EF9B25}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-i386w.exe (Stefan Weil -> hxxp://www.qemu.org/) [File not signed]
FirewallRules: [{96219185-9930-4B47-B68A-B21B1E7790DB}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-i386w.exe (Stefan Weil -> hxxp://www.qemu.org/) [File not signed]
FirewallRules: [{AC803BA4-E237-4C98-96AC-D25F0163C4F1}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-x86_64w.exe (Stefan Weil -> hxxp://www.qemu.org/) [File not signed]
FirewallRules: [{10ECAB87-6982-4B6A-A8B6-7A7C5BA643C6}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-x86_64w.exe (Stefan Weil -> hxxp://www.qemu.org/) [File not signed]
FirewallRules: [TCP Query User{10A151F2-B198-43E6-9954-36F364686F3B}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{7AEC042B-BE83-432E-A143-E92780507167}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{45368B94-BAE7-4CEA-92EA-B9EC9FBA07AC}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Systems Incorporated -> Node.js)
FirewallRules: [UDP Query User{1169C783-E543-4A6F-963D-D831E0B8C9CA}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Systems Incorporated -> Node.js)
FirewallRules: [TCP Query User{2631677B-F2D2-462A-90E1-453A9252F848}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{CAB0A9A9-B639-4E52-A778-B3CA8B4E0A3A}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{6E4D85F1-C8C6-4620-A870-18CA39BB88AC}C:\program files (x86)\sysm monitor\sysm-monitor.exe] => (Allow) C:\program files (x86)\sysm monitor\sysm-monitor.exe (Monitor) [File not signed]
FirewallRules: [UDP Query User{ED6C8155-B5B1-4A28-85DE-000BB926D403}C:\program files (x86)\sysm monitor\sysm-monitor.exe] => (Allow) C:\program files (x86)\sysm monitor\sysm-monitor.exe (Monitor) [File not signed]
FirewallRules: [TCP Query User{6E338FED-6124-415E-8145-1444DC89A189}C:\program files (x86)\sysm\sysm.exe] => (Block) C:\program files (x86)\sysm\sysm.exe () [File not signed]
FirewallRules: [UDP Query User{6326A225-085B-4575-82C5-E293662194FE}C:\program files (x86)\sysm\sysm.exe] => (Block) C:\program files (x86)\sysm\sysm.exe () [File not signed]
FirewallRules: [TCP Query User{97E747F7-018B-4AC6-BCCE-7ACEAF9328A3}C:\program files (x86)\sysm monitor\sysm-monitor.exe] => (Allow) C:\program files (x86)\sysm monitor\sysm-monitor.exe (Monitor) [File not signed]
FirewallRules: [UDP Query User{38FDB1EF-6DD6-4E54-92F5-8871D9D8FD15}C:\program files (x86)\sysm monitor\sysm-monitor.exe] => (Allow) C:\program files (x86)\sysm monitor\sysm-monitor.exe (Monitor) [File not signed]
FirewallRules: [TCP Query User{5B195053-516F-4345-8C19-CDADB7B14266}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{5F6C10AC-3CE5-4711-817E-24646B7322D2}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{71C4CB78-C2A0-4831-B3FD-DB1399D782B6}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{2EABA3D4-39E8-4FDC-9BEE-BE3C55325479}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{51C5D553-0840-47FF-A7F2-46461B60DAE8}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Systems Incorporated -> Node.js)
FirewallRules: [UDP Query User{2FF39851-BC69-411A-BED2-4BF207F95214}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Systems Incorporated -> Node.js)
FirewallRules: [TCP Query User{A0BF698D-46C8-4A89-8DBA-C173FD50234B}C:\program files (x86)\ibm\rational\rhapsody\8.2.1\rhapsody.exe] => (Allow) C:\program files (x86)\ibm\rational\rhapsody\8.2.1\rhapsody.exe () [File not signed]
FirewallRules: [UDP Query User{AEF4C4F1-B67E-41DC-8C3E-CD732B8A409F}C:\program files (x86)\ibm\rational\rhapsody\8.2.1\rhapsody.exe] => (Allow) C:\program files (x86)\ibm\rational\rhapsody\8.2.1\rhapsody.exe () [File not signed]
FirewallRules: [TCP Query User{0AA799B3-5882-46E8-8E8A-48A4D276D706}C:\program files (x86)\ibm\rational\rhapsody\8.2.1\rhapsody.exe] => (Allow) C:\program files (x86)\ibm\rational\rhapsody\8.2.1\rhapsody.exe () [File not signed]
FirewallRules: [UDP Query User{221A8A4D-52F4-4BE6-A342-BA3E2B07F82C}C:\program files (x86)\ibm\rational\rhapsody\8.2.1\rhapsody.exe] => (Allow) C:\program files (x86)\ibm\rational\rhapsody\8.2.1\rhapsody.exe () [File not signed]
FirewallRules: [TCP Query User{BADAB2CB-98E0-49C1-9E92-A6FAE7D52FDE}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{ECFF1136-BB94-4778-9084-8665167A9664}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{10690A64-E727-4AB7-BA34-2FFE44D4B49B}] => (Allow) C:\Program Files (x86)\Atmel\Studio\7.0\atbackend\atbackend.exe (Atmel Norway -> Atmel Corporation)
FirewallRules: [{5F0AD1EC-367A-4BC7-8CAD-7F1E16EF375E}] => (Allow) C:\Program Files (x86)\Atmel\Studio\7.0\AtmelStudio.exe (Atmel Norway -> Atmel)
FirewallRules: [TCP Query User{707684BE-AB9A-4E37-B8DC-FE43B055ED99}C:\program files (x86)\arduino\java\bin\java.exe] => (Allow) C:\program files (x86)\arduino\java\bin\java.exe
FirewallRules: [UDP Query User{2C6C8446-451B-482C-B1B2-29E5043CB1E7}C:\program files (x86)\arduino\java\bin\java.exe] => (Allow) C:\program files (x86)\arduino\java\bin\java.exe
FirewallRules: [TCP Query User{CD90AFBB-5433-44D8-BCE5-0AF580F36C18}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{428C8757-B000-4449-9317-339261C040F0}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{F91A0F44-FF36-42AD-9DF1-02F6C80AB08E}C:\program files (x86)\sopas et\sopaset.exe] => (Allow) C:\program files (x86)\sopas et\sopaset.exe No File
FirewallRules: [UDP Query User{34D06BC0-15A4-40D8-A626-2CC59E6C539D}C:\program files (x86)\sopas et\sopaset.exe] => (Allow) C:\program files (x86)\sopas et\sopaset.exe No File
FirewallRules: [TCP Query User{B04622E6-355B-4A03-816D-12943F7EC95A}C:\programdata\sick\sopas\softsensors\inspectorpim60_v2.0.0_3778_softsensor\softsensor\device\inspectorpim60.exe] => (Allow) C:\programdata\sick\sopas\softsensors\inspectorpim60_v2.0.0_3778_softsensor\softsensor\device\inspectorpim60.exe No File
FirewallRules: [UDP Query User{1991B7C5-AB84-4F6B-B6FA-7AE86C27C3AD}C:\programdata\sick\sopas\softsensors\inspectorpim60_v2.0.0_3778_softsensor\softsensor\device\inspectorpim60.exe] => (Allow) C:\programdata\sick\sopas\softsensors\inspectorpim60_v2.0.0_3778_softsensor\softsensor\device\inspectorpim60.exe No File
FirewallRules: [TCP Query User{7990059F-CEC9-414E-A0F7-AD5A70689D9B}C:\programdata\sick\sopas\softsensors\inspectorpim60_v1.0.0_3778_softsensor\softsensor\device\inspectorpim60.exe] => (Allow) C:\programdata\sick\sopas\softsensors\inspectorpim60_v1.0.0_3778_softsensor\softsensor\device\inspectorpim60.exe No File
FirewallRules: [UDP Query User{AC03F8D6-9832-4404-AEC1-C46ACE6E8FD5}C:\programdata\sick\sopas\softsensors\inspectorpim60_v1.0.0_3778_softsensor\softsensor\device\inspectorpim60.exe] => (Allow) C:\programdata\sick\sopas\softsensors\inspectorpim60_v1.0.0_3778_softsensor\softsensor\device\inspectorpim60.exe No File
FirewallRules: [{27E7FABB-41FA-4AEF-AE84-E44AA0924AE1}] => (Allow) C:\Users\Michal\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe No File
FirewallRules: [{600A5088-72BE-4343-92A1-0CE5A3665D63}] => (Allow) C:\Users\Michal\AppData\Local\Programs\Opera\58.0.3135.127\opera.exe No File
FirewallRules: [TCP Query User{8137419E-E0EA-407A-9F2D-D189DE3DA6E5}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe (NagleCode, LLC -> NagleCode, LLC)
FirewallRules: [UDP Query User{EF6A3C1C-6B8F-4C58-902D-98B4762B33B6}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe (NagleCode, LLC -> NagleCode, LLC)
FirewallRules: [TCP Query User{396BA34B-89B7-408D-B831-7DD88A50D787}C:\program files\jetbrains\pycharm community edition 2018.2.7\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2018.2.7\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{E7752FDD-9C84-463F-A331-86B41BCE3EB8}C:\program files\jetbrains\pycharm community edition 2018.2.7\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm community edition 2018.2.7\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{E35825EC-697A-42D6-99FE-5B3C692E0946}C:\program files\jetbrains\pycharm community edition 2018.2.7\bin\pycharm64.exe] => (Block) C:\program files\jetbrains\pycharm community edition 2018.2.7\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{ACE52DEB-CE94-4E18-A995-3C0A12AC6D80}C:\program files\jetbrains\pycharm community edition 2018.2.7\bin\pycharm64.exe] => (Block) C:\program files\jetbrains\pycharm community edition 2018.2.7\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [{4BAD849C-068F-4B37-B9CD-58D2C94401DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{D6D9C9FA-9DD4-44AE-9542-7ECF607D352A}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe (NagleCode, LLC -> NagleCode, LLC)
FirewallRules: [UDP Query User{BAE804DF-5B1A-4BE6-8254-29765323FBD2}C:\program files\packetsender\packetsender.exe] => (Allow) C:\program files\packetsender\packetsender.exe (NagleCode, LLC -> NagleCode, LLC)
FirewallRules: [{48D23A8F-9908-416D-B259-43F7E87DC852}] => (Allow) C:\Users\Michal\AppData\Local\Java Runtime\transmission-daemon.exe (Mike Gelfand -> Transmission Project)
FirewallRules: [{DA715491-A8B2-4714-AB6F-D504523795BC}] => (Allow) C:\Users\Michal\AppData\Local\Java Runtime\transmission-remote.exe (Mike Gelfand -> Transmission Project)
FirewallRules: [{CE5C1F98-CDBC-4577-8B52-DF63D5BF25BE}] => (Allow) C:\Users\Michal\AppData\Local\Java Runtime\transmission-remote.exe (Mike Gelfand -> Transmission Project)
FirewallRules: [{3DA6FB8B-389B-426E-9757-F5F1FF054F93}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Update\AcroBroker.exe () [File not signed]
FirewallRules: [{720D9D6E-8B9C-4FCC-8AC8-D5D9B4C18807}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Update\AcroBroker.exe () [File not signed]
FirewallRules: [{E2AF49A2-342E-463F-BAFC-DAF3FFD66BFB}] => (Block) C:\Program Files\ESET\ESET Security\ekrn.exe No File
FirewallRules: [{5ADD482F-B84A-4B9F-B51A-00FEBA4AFDD5}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Update\firewall.exe () [File not signed]
FirewallRules: [{AADCA4AA-D4BF-41AE-A2E3-A96A9FD8F8FC}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Update\firewall.exe () [File not signed]

==================== Restore Points =========================

16-04-2019 04:36:42 Windows Update
16-04-2019 06:42:59 Removed SOPAS Engineering Tool
19-04-2019 09:15:56 Removed Microsoft Office Visio Professional 2007
19-04-2019 09:58:30 Removed Exsys Developer Manual
19-04-2019 10:08:27 Windows Update
19-04-2019 10:53:41 Removed IronPython 2.7.5
19-04-2019 10:55:37 Removed Remote Play with PlayStation®3
19-04-2019 10:57:09 Removed PS3.ProxyServer
19-04-2019 11:36:23 Removed J2SE Runtime Environment 5.0 Update 11

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2019 07:31:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/20/2019 07:31:51 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/20/2019 07:24:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/19/2019 05:15:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/19/2019 04:51:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/19/2019 04:51:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/19/2019 04:46:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/19/2019 12:02:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (04/20/2019 07:23:36 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (04/19/2019 07:08:09 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (04/19/2019 04:45:55 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Miestny adaptér Bluetooth zlyhal bližšie neurčeným spôsobom a nebude sa používať. Ovládač bol odstránený z pamäte.

Error: (04/19/2019 04:45:44 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (04/19/2019 04:45:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:33:28 on ‎19. ‎4. ‎2019 was unexpected.

Error: (04/19/2019 02:33:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (04/19/2019 02:23:50 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Miestny adaptér Bluetooth zlyhal bližšie neurčeným spôsobom a nebude sa používať. Ovládač bol odstránený z pamäte.

Error: (04/19/2019 11:54:32 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.


Windows Defender:
===================================
Date: 2017-10-16 07:03:27.789
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{E6743154-EB97-4008-ACB2-7E0E5656F2B7}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

CodeIntegrity:
===================================

Date: 2017-12-20 16:46:49.528
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-20 16:46:49.465
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FreshDevices\FreshDiagnose\FreshIO.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 93%
Total physical RAM: 3964.85 MB
Available physical RAM: 242.38 MB
Total Virtual: 7927.85 MB
Available Virtual: 1883.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:432.27 GB) (Free:158.45 GB) NTFS

\\?\Volume{fafa1996-93f3-11e7-91fe-806e6f6e6963}\ () (Fixed) (Total:0.97 GB) (Free:0.96 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=432.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=31.5 GB) - (Type=05)

==================== End of Addition.txt ============================