Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Neskutečně pomalý notebook

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
dodo677
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 08 úno 2013 21:54

Neskutečně pomalý notebook

#1 Příspěvek od dodo677 »

Prosím o kontrolu logu.
Je to služební notebook s celkem ucházejícími parametry ale bohužel i tak je už od počátku neskutečně pomalý (ano SSD by pomohlo....ale problém až tak pomalý by neměl být i s HDD)
Trošku mám podezření na nějaké soft od bývalého IT správce, ten ale situaci nehodlal řešit. Reinstalaci bych chtěl až jako poslední možnost....:/

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by Petr (02-05-2019 13:19:21)
Running from D:\Ripac-Film\Desktop
Windows 10 Pro Version 1803 17134.648 (X64) (2018-05-29 14:33:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1998309980-3871841466-2905450685-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1998309980-3871841466-2905450685-503 - Limited - Disabled)
Guest (S-1-5-21-1998309980-3871841466-2905450685-501 - Limited - Disabled)
Petr (S-1-5-21-1998309980-3871841466-2905450685-1002 - Administrator - Enabled) => C:\Users\Petr
Petr.Dolezel (S-1-5-21-1998309980-3871841466-2905450685-1001 - Limited - Enabled) => C:\Users\Petr.Dolezel
WDAGUtilityAccount (S-1-5-21-1998309980-3871841466-2905450685-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Trend Micro Security Agent (Enabled - Up to date) {90387C74-1C56-9484-893C-8ADCB2906C3D}
AS: Trend Micro Security Agent Anti-spyware (Enabled - Up to date) {2B599D90-3A6C-9B0A-B38C-B1AEC9172680}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{9F7041CB-8398-4691-B8CB-0D52273BB3D9}) (Version: 7.4 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{6E7DF4EE-1976-4215-9D81-755AFC95687D}) (Version: 7.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BA2A6DBB-B09A-43D8-84F3-21C1537B47D9}) (Version: 12.2.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Backup and Sync from Google (HKLM\...\{F9EEDE46-6409-4ECC-8AB6-7062464987A4}) (Version: 3.43.4275.9540 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-J105 (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3223.0 - CyberLink Corp.)
DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.16.0031.0 - Fujitsu Technology Solutions)
Dropbox (HKLM-x32\...\Dropbox) (Version: 71.4.108 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
ELAN Touchpad 15.12.2.5_X64_WHQL (HKLM\...\Elantech) (Version: 15.12.2.5 - ELAN Microelectronic Corp.)
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1223.1_WHQL - Sonix)
Fujitsu BIOS Driver (HKLM\...\{7292FFCF-FA9A-4585-AB80-A71961F931AF}) (Version: 1.0.0.2 - FUJITSU LIMITED) Hidden
Fujitsu BIOS Driver (HKLM-x32\...\InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}) (Version: 1.0.0.2 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (HKLM-x32\...\{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.80.0.0 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.80.0.0 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (HKLM\...\{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED)
Fujitsu System Extension Utility (HKLM\...\{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.6.1.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.6.1.0 - FUJITSU LIMITED)
Function Manager (HKLM\...\{FFAA234C-E621-4787-A02D-5CD0852000D4}) (Version: 1.0.5.1 - FUJITSU LIMITED) Hidden
Function Manager (HKLM-x32\...\InstallShield_{FFAA234C-E621-4787-A02D-5CD0852000D4}) (Version: 1.0.5.1 - FUJITSU LIMITED)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GoToMeeting 8.10.0.7495 (HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\GoToMeeting) (Version: 8.10.0.7495 - LogMeIn, Inc.)
iCloud (HKLM\...\{03742818-3BC2-45BA-B6BB-4C2D453FD033}) (Version: 7.11.0.19 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4424 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1412.3) (HKLM\...\{302600C1-6BDF-4FD1-1401-148929CC1385}) (Version: 17.0.1401.0428 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{828af006-cb5e-4d60-957a-523098a1b0f8}) (Version: 16.1.3 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{CAA61CDB-0E1E-4E7F-89E1-36FBCC3C0EFB}) (Version: 12.9.4.102 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
LIFEBOOK Application Panel (HKLM\...\{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.3.0 - FUJITSU LIMITED) Hidden
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.3.0 - FUJITSU LIMITED)
Microsoft Office 365 Business - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.11425.20244 - Microsoft Corporation)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.11425.20244 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\Teams) (Version: 1.2.00.8864 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 50.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11425.20244 - Microsoft Corporation) Hidden
pcvisit RemoteHost 15.0 (HKLM-x32\...\pcvisit RemoteHost 15.0) (Version: 15.0.29.2234 - pcvisit Software AG)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
Plugfree NETWORK (HKLM\...\{35007EF6-5255-49C9-B0E7-C08052EE6663}) (Version: 7.1.001 - FUJITSU LIMITED) Hidden
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 7.1.0.1 - FUJITSU LIMITED)
Pointing Device Utility (HKLM\...\{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Pointing Device Utility (HKLM-x32\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Power Saving Utility (HKLM\...\{CB0EA768-62F2-450E-88BC-74182237F564}) (Version: 143.0.2.0 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\InstallShield_{CB0EA768-62F2-450E-88BC-74182237F564}) (Version: 143.0.2.0 (00.004) - FUJITSU LIMITED)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21238 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7581 - Realtek Semiconductor Corp.)
Skype version 8.32 (HKLM-x32\...\Skype_is1) (Version: 8.32 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.1.0.29068 - Microsoft Corporation)
Trend Micro Security Agent (HKLM-x32\...\{BED0B8A2-2986-49F8-90D6-FA008D37A3D2}) (Version: 6.6.2357 - Trend Micro Inc.) Hidden
Trend Micro Security Agent (HKLM-x32\...\HostedAgent) (Version: 6.6.2357 - Trend Micro Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Validity WBF Driver (HKLM\...\{02D59CF0-9A4C-470C-B9EC-0F0DCE8FA93E}) (Version: 4.5.237.0 - Validity Sensors, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireless Radio Switch Driver (HKLM\...\{13031CDF-00D2-4FCE-AB13-8430D8733574}) (Version: 1.1.0.0 - FUJITSU LIMITED) Hidden
Wireless Radio Switch Driver (HKLM-x32\...\InstallShield_{13031CDF-00D2-4FCE-AB13-8430D8733574}) (Version: 1.1.0.0 - FUJITSU LIMITED)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1998309980-3871841466-2905450685-1001_Classes\CLSID\{04271989-C4D2-8804-9D09-F4467232F441} -> [OneDrive - Ripac GmbH] => C:\Users\Petr.Dolezel\OneDrive - Ripac GmbH [2015-06-30 18:09]
CustomCLSID: HKU\S-1-5-21-1998309980-3871841466-2905450685-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Petr.Dolezel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19071.2\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1998309980-3871841466-2905450685-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Petr.Dolezel\AppData\Local\Citrix\GoToMeeting\5174\G2MOutlookAddin64.dll (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1998309980-3871841466-2905450685-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Petr.Dolezel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19071.2\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1998309980-3871841466-2905450685-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Petr.Dolezel\Dropbox [2015-08-25 00:26]
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-04-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-03-13] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-04-09] (Google LLC -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2017-03-23 14:18 - 2012-10-19 14:02 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2017-03-23 14:18 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2013-09-23 06:46 - 2013-09-23 06:46 - 000035328 _____ (Validity Sensors, Inc.) [File not signed] C:\Windows\system32\valWBFPolicyService.exe
2013-08-27 23:32 - 2013-08-27 23:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2017-03-23 14:19 - 2013-05-14 20:39 - 000505856 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
2017-03-23 14:19 - 2012-12-27 15:26 - 004522496 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
2017-03-23 14:19 - 2013-01-18 12:01 - 002009088 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
2017-03-23 14:19 - 2012-10-26 11:40 - 000282112 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
2017-03-23 14:19 - 2013-05-14 20:37 - 001448960 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
2010-11-18 22:08 - 2010-11-18 22:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\PETR~1.DOL\AppData\Local\Temp\_MEI171122\python27.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 000113664 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\_ctypes.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000080896 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\bz2.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 001792512 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\_hashlib.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000128512 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32api.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000137728 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\pywintypes27.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 000548864 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\pythoncom27.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 000689664 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\unicodedata.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000438784 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32com.shell.shell.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 001489408 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wx._core_.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wxbase30u_vc90_x64.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wxbase30u_net_vc90_x64.dll
2019-04-26 08:14 - 2019-04-26 08:15 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wxmsw30u_core_vc90_x64.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wxmsw30u_adv_vc90_x64.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 001007104 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wx._gdi_.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 001039872 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wx._windows_.pyd
2019-04-26 08:15 - 2019-04-26 08:15 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wxmsw30u_html_vc90_x64.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 001325056 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wx._controls_.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000916992 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wx._misc_.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 001084416 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\pysqlite2._sqlite.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000149504 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32file.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000136192 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32security.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000007680 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\hashobjs_ext.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000020992 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\thumbnails_ext.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000118784 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\usb_ext.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000047616 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\_socket.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 002224640 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\_ssl.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000014848 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\common.time34.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000023040 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32event.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000034304 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\windows.conditional.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000020480 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\windows.winwrap.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000110080 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\windows.volumes.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000223232 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32gui.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000173568 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\_elementtree.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000169472 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\pyexpat.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000048128 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32inet.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000103424 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wx._html2.pyd
2019-04-26 08:15 - 2019-04-26 08:15 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\wxmsw30u_webview_vc90_x64.dll
2019-04-26 08:14 - 2019-04-26 08:14 - 000046080 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\_psutil_windows.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000011776 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32crypt.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000301568 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\PIL._imaging.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000032256 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\_multiprocessing.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 005752320 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\cello.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000026112 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\_yappi.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000044032 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32process.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000027648 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32pipe.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000010752 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\select.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000029696 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32pdh.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000038400 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\windows.connectivity.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000073216 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\windows.device_monitor.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000020480 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32profile.pyd
2019-04-26 08:14 - 2019-04-26 08:14 - 000026624 _____ () [File not signed] C:\Users\Petr.Dolezel\AppData\Local\Temp\_MEI171122\win32ts.pyd
2018-05-29 15:59 - 2018-05-29 15:59 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2018-05-29 15:59 - 2018-05-29 15:59 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-03-23 14:16 - 2009-02-27 17:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-03-23 14:18 - 2013-05-14 20:24 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-03-23 14:19 - 2012-11-29 20:04 - 002040832 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-03-23 14:19 - 2012-07-13 14:09 - 000385024 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2017-03-23 14:19 - 2010-09-29 18:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2017-03-23 14:19 - 2013-05-14 20:40 - 000076288 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2017-03-23 14:18 - 2012-12-21 13:31 - 000078848 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-03-23 14:19 - 2012-12-21 13:31 - 017666560 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 001260544 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\LIBEAY32.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 004462080 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\Qt5Widgets.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 003222016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\Qt5Gui.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 000820224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\Qt5Network.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 004674048 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\Qt5Core.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 000295936 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\SSLEAY32.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 000943616 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\platforms\qwindows.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\imageformats\qico.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\imageformats\qgif.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 000243200 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\imageformats\qjpeg.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 000018944 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\imageformats\qsvg.dll
2019-02-20 09:05 - 2019-01-23 03:22 - 000251392 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\Qt5Svg.dll
2016-05-09 20:04 - 2016-05-09 20:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2016-05-09 20:04 - 2016-05-09 20:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\sharepoint.com -> hxxps://riracfilm.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\AuthenTec TrueSuite\;C:\Program Files\AuthenTec TrueSuite\x86;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\QuickTime\QTSystem\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\FujitsuBackGround.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{58130575-3D40-4753-8D05-DFDE05992DFB}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{5BD55073-1F48-4651-A591-A49A8106578A}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{E058B8F2-00CA-448D-8C38-EB7AB6B7AA48}C:\users\petr.dolezel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr.dolezel\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [TCP Query User{6BD7F821-FCF3-4B64-BF67-FBD96BC2793B}C:\users\petr.dolezel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr.dolezel\appdata\roaming\spotify\spotify.exe No File
FirewallRules: [{B71DFFA9-6952-41C5-943E-999CEFD3DBFA}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{0F34DF84-318D-4FA1-8F04-40664C0E42A9}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{B1708967-CBB8-4521-8A94-CEFFA1E21447}] => (Allow) C:\Users\Evi.Brughmans\AppData\Local\Microsoft\OneDrive\OneDrive.exe No File
FirewallRules: [{F320D81B-B7D2-4AE5-895D-2CBE226E6EC1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D682EC33-1AFB-47C8-9406-458609CCB24C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F5CC231D-9E41-49A1-8E29-F8C6113E0AFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B02B4CF9-D5EF-45F6-BDDF-56179AB25FC1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EDD27CE3-A78F-4CBD-92F5-7CDD96990F3D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A8DCB263-3BA5-418B-B41A-284BCBEDC985}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{5C4AAC89-BCAE-4FC3-8B7F-2B7B14C00F60}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AB7CB00E-BCBB-4140-A9D3-90B59C9BD19A}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B0C7C3A-6047-4547-9044-3033FC152156}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F6BCA43B-860F-4C95-A64D-15881C1C15D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C33BF918-24FC-4D65-9E59-701692CC4D13}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{658B4380-D7E1-42FF-96BA-51A36DA57CD1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C303FF35-AB40-4433-8E62-65CC5680A1E6}] => (Allow) D:\Ripac-Film\Downloads\install\Data\Disk1\Setup.exe No File
FirewallRules: [{ABA57D31-5AD0-4FA9-A4DE-9328D62794FE}] => (Allow) D:\Ripac-Film\Downloads\install\Data\Disk1\Setup.exe No File
FirewallRules: [{5CA2F1E8-2F3D-49A4-AAB4-62249B5582E8}] => (Allow) LPort=54925
FirewallRules: [{E213F086-0C08-4020-BC15-B72C2E5AC853}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{720B48A3-860B-499E-AC5F-7C8049F5FF05}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02E946A3-878B-4412-96B4-D41496005329}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6C19252-74D4-44B0-A684-8ED4AE0E76A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF2416ED-8515-4308-A01B-38FB7E852140}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{071B49C3-4F21-4105-A9DC-C3E5A4752C19}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43C8F7CE-D5CD-4DDF-A7F6-7A6CC86CD173}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{26E3BE30-B767-424B-8CF2-2311001ECC3B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{AF564095-13F6-47AC-AF5F-95C4B838CCB6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4952222-CB71-491A-A1EB-9C81376976FD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8242FEC-2669-4D66-842B-88D818CBCA1A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{0158EFFF-82C5-4551-8F62-DC4CC07E3D88}] => (Allow) LPort=61117
FirewallRules: [{BD52AEB2-7C18-4855-82EB-69D9C54DADC1}] => (Allow) LPort=61116
FirewallRules: [{1F796AAE-9882-43BD-9939-C77021AAB560}] => (Allow) LPort=21112

==================== Restore Points =========================

23-04-2019 10:42:57 Scheduled Checkpoint
02-05-2019 11:35:12 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2019 12:22:04 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: PDolezel-NB)
Description: httphttp-2147467263

Error: (05/02/2019 08:56:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/02/2019 08:53:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3620

Start Time: 01d500b3bd19c991

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: c1a5b96d-1b5f-4a2c-9032-99b1f5877abe

Faulting package full name: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Error: (04/30/2019 09:20:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1875

Error: (04/30/2019 09:20:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1875

Error: (04/30/2019 09:20:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/30/2019 08:16:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 5528

Start Time: 01d4ff1c2eaea969

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: 5869dbf0-0ca4-48e9-9ddf-db9c84304606

Faulting package full name: Microsoft.LockApp_10.0.17134.1_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Error: (04/30/2019 08:15:47 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PDolezel-NB)
Description: Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy-2147024864


System errors:
=============
Error: (05/02/2019 09:58:57 AM) (Source: DCOM) (EventID: 10016) (User: PDolezel-NB)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user PDolezel-NB\Petr.Dolezel SID (S-1-5-21-1998309980-3871841466-2905450685-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/02/2019 09:45:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/02/2019 09:23:17 AM) (Source: DCOM) (EventID: 10001) (User: PDolezel-NB)
Description: Unable to start a DCOM Server: microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca as Unavailable/Unavailable. The error:
"0"
Happened while starting this command:
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server

Error: (04/29/2019 10:59:58 AM) (Source: DCOM) (EventID: 10016) (User: PDolezel-NB)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user PDolezel-NB\Petr.Dolezel SID (S-1-5-21-1998309980-3871841466-2905450685-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/29/2019 10:13:22 AM) (Source: DCOM) (EventID: 10016) (User: PDolezel-NB)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
and APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
to the user PDolezel-NB\Petr.Dolezel SID (S-1-5-21-1998309980-3871841466-2905450685-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/26/2019 08:07:02 AM) (Source: DCOM) (EventID: 10016) (User: PDolezel-NB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user PDolezel-NB\Petr.Dolezel SID (S-1-5-21-1998309980-3871841466-2905450685-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/25/2019 09:24:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/23/2019 11:23:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-11-29 09:27:02.231
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {07459917-BBC6-4847-91A3-63C2A91898DA}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-10-11 09:04:26.351
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B35CDDC3-5EB2-4DB9-91BD-9B85CCE11114}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-10-11 09:04:25.743
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {874A7890-791D-40E2-9D45-EDECDE3BE48D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2019-04-29 09:42:35.056
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-29 09:42:34.862
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-29 09:42:34.663
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-29 09:42:34.256
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-29 09:42:34.078
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-29 09:42:33.853
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-29 09:42:26.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-29 09:42:25.113
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: FUJITSU // Phoenix Technologies Ltd. Version 1.06 03/12/2015
Motherboard: FUJITSU FJNB281
Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 68%
Total physical RAM: 8089.84 MB
Available physical RAM: 2525.9 MB
Total Virtual: 16281.84 MB
Available Virtual: 7701.26 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:149.92 GB) (Free:82.83 GB) NTFS
Drive d: (Data) (Fixed) (Total:298.96 GB) (Free:194.42 GB) NTFS

\\?\Volume{fb0366ed-4bf7-4384-9323-3022bf14d98e}\ (HDBR_DRIVER) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{6396851d-e8b7-4b3d-9bd1-36c82d1a3288}\ (HDBR_OS) (Fixed) (Total:15.68 GB) (Free:6.33 GB) NTFS
\\?\Volume{831d2aea-73ba-4483-9544-f744255b4668}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 573692F2)

Partition: GPT.

==================== End of Addition.txt ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05.2019
Ran by Petr (administrator) on PDOLEZEL-NB (FUJITSU LIFEBOOK E544) (02-05-2019 13:08:58)
Running from D:\Ripac-Film\Desktop
Loaded Profiles: Petr.Dolezel & Petr (Available Profiles: Petr.Dolezel & Petr & Administrator)
Platform: Windows 10 Pro Version 1803 17134.648 (X64) Language: English (United Kingdom)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\71.4.108\QtWebEngineProcess.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\IndicatorUty\IndicatorUty.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED -> FUJITSU LIMITED) C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitchDaemon.exe
(Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Petr.Dolezel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Petr.Dolezel\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Petr.Dolezel\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Petr.Dolezel\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Petr.Dolezel\AppData\Local\Microsoft\Teams\current\Teams.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(pcvisit software ag -> pcvisit Software ag) C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\pcvisit_client.exe
(pcvisit software ag -> pcvisit Software ag) C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\pcvisit_client.exe
(pcvisit software ag -> pcvisit Software ag) C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\pcvisit_client.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\CCSF\TmCCSF.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\CPM\TMCPMAdapter.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\HostedAgent.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\logWriter.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\PccNtMon.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmListen.exe
(Validity Sensors, Inc.) [File not signed] C:\Windows\System32\valWBFPolicyService.exe
(VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412408 2015-12-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411832 2015-12-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS_SWVOL] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411832 2015-12-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3404512 2016-09-08] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158416 2018-05-29] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23248 2013-07-09] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-14] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [376128 2018-09-06] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU CLIENT COMPUTING LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\IndicatorUty\IndicatorUty.exe [51920 2014-02-26] (FUJITSU LIMITED -> FUJITSU LIMITED)
HKLM-x32\...\Run: [DeskUpdateNotifier] => C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [100464 2018-07-11] (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-23] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5537088 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe [5812304 2019-04-19] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [FUJ02E3_BatteryChargingControlUpdate] => C:\Program Files (x86)\Fujitsu\FUJ02E3_BatteryChargingControlUpdate\CheckBatteryFW.exe [427360 2018-12-25] (FUJITSU CLIENT COMPUTING LIMITED -> FUJITSU LIMITED)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [77627480 2018-10-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46506040 2019-04-09] (Google LLC -> )
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-03-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-03-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Petr.Dolezel\AppData\Local\Microsoft\Teams\Update.exe [1801832 2019-04-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Petr.Dolezel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Petr.Dolezel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\RunOnce: [Uninstall 19.033.0218.0011\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Petr.Dolezel\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64"
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\...\RunOnce: [Uninstall 19.033.0218.0011] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Petr.Dolezel\AppData\Local\Microsoft\OneDrive\19.033.0218.0011"
HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\...\Run: [Spotify Web Helper] => C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-06-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\...\Run: [Spotify] => C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe [6859888 2016-06-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-03-13] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2019-03-13] (Apple Inc. -> Apple Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-05] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2013-08-23] (CyberLink Corp. -> CyberLink)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2014-05-02]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions) [File not signed]
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2014-05-02]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions) [File not signed]
Startup: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2014-05-02]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions) [File not signed]
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk [2014-05-02]
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\lcStarter.exe (Fujitsu Technology Solutions) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0197B1C6-E162-4D12-8CB0-808A58C5D672} - System32\Tasks\{AC625A2A-EE3D-4CD4-B96F-492232CAF19C} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=ins ... stError=-9
Task: {057C91C3-9791-41C2-AD5D-73749BD91D89} - System32\Tasks\Fujitsu\StatusPanelSwitch\NotifyOfCradleStatusChange => C:\Program Files\Fujitsu\StatusPanelSwitch\ExecuteAdjustCradleMode.exe [17744 2014-04-17] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {0713C974-20A4-4B68-9843-D72082F1CCCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-27] (Google Inc -> Google Inc.)
Task: {0AAEF823-A64E-44E0-A81F-3BA8417E2E94} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {123C9ADD-7ED2-46CB-8625-173B90B3B2AA} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetDriverIfFuj02b1DisableOnLogon => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [149200 2014-03-18] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {169A106C-43D8-4F44-80E7-398AF9ECB62B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1716EDC8-0E48-4CC5-A414-C09BA2ADAFB9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906688 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {24F2B129-997B-4606-9044-10FAA2F675D3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {25A188C8-9DBA-46B5-A3D4-47B2A13F2A58} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28738E2E-6C73-4A5F-AAC5-007EC4E60EEB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {357777BB-6188-432B-9917-4E966F37A86D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35A956B4-8158-4CB3-8D4E-B93870CDBD82} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3B9D1B9C-1B77-4914-AD16-D6C82CBA0CDD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4200C886-3453-4624-BE3E-A853CC6B27E6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-02-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {472DB513-6334-4FE8-AFDE-15A909D897E2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {48222908-1207-4962-9FF0-ED857CDC4792} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {49ADEFD5-0454-4750-BA61-2A0ED3B9F0FB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A4092CB-530E-4563-8821-09699D663FC9} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AAAC508-2AC3-47C0-86B9-01CAE3C01799} - System32\Tasks\G2MUpdateTask-S-1-5-21-1998309980-3871841466-2905450685-1001 => C:\Users\Petr.Dolezel\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe [41536 2016-10-10] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {4C7E1CFE-FD99-4CB4-968A-F10A6441A6AD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4E1F2D6C-A3DC-4D39-A2AB-AB721A82CB03} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5803B2EC-525E-45F0-8BEF-F060C419B4BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {5C684D9A-7DF7-48C1-BC49-2622023EC6D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {5CEBFE75-E3AB-4F0E-A883-8991096312EE} - System32\Tasks\Fujitsu\StatusPanelSwitch\StopPopupPrevention => C:\Program Files\Fujitsu\StatusPanelSwitch\DeviceEngine\StopPopupPrevention.exe [45576 2014-04-17] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {5F12C2A0-E1C5-42DD-8B9D-F818E6A469F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7523632A-062F-4DE0-BC86-16DCE6FE3C89} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112160 2019-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {752933F1-D43B-404A-8EFD-8D6FC18F453E} - System32\Tasks\Fujitsu\StatusPanelSwitch\AdjustEcoLED => C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitch.exe [542416 2014-04-17] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {7537A1AE-CBF5-48FF-9729-762F3A3D36AF} - System32\Tasks\G2MUploadTask-S-1-5-21-1998309980-3871841466-2905450685-1001 => C:\Users\Petr.Dolezel\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe [41536 2016-10-10] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {78C994EA-6D00-4147-BD18-A06F0FEEDD84} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7AB07BFA-AEAA-4D07-97D4-74ABC1710343} - System32\Tasks\Fujitsu\StatusPanelSwitch\PressHoldButton => C:\Program Files\Fujitsu\StatusPanelSwitch\PressHoldButton.exe [78672 2014-04-17] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {7AB865B7-05F6-41D0-8487-015FE5D2506A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7C351B1F-A94E-48E1-9DEF-0079D3968F95} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7D9A90DF-5840-4D6A-AC4C-3C22509A97F2} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {888FDDBB-8DE4-412A-8BA6-48FE92E9B7C7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8C8439FC-FD40-4C63-9C9A-69ECEE301BED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25906688 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {95E4D41D-D08C-4436-B50F-50E11F52C960} - System32\Tasks\Fujitsu\DeskUpdate => C:\Program Files (x86)\Fujitsu\DeskUpdate\ducmd.exe [386160 2018-07-11] (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions)
Task: {9673E501-E023-426B-AEC8-87443FE2CD7E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-03-13] (Apple Inc. -> Apple Inc.)
Task: {97367D36-1627-41CD-B4AE-BA6E13DA91FE} - System32\Tasks\Fujitsu\StatusPanelSwitch\StopSuspendPrevention => C:\Program Files\Fujitsu\StatusPanelSwitch\DeviceEngine\StopSuspendPrevention.exe [45576 2014-04-17] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {9F2671A4-AD41-4D99-9D69-1FDF56A0BA00} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9FE555B2-DDA7-4694-844A-3CCD2DB90751} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1998309980-3871841466-2905450685-1001 => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {A65B8E7A-4CEC-46BB-9849-7D2E3A5617CC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A678316A-9283-4E56-8BEC-97911CE4A636} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {A7B90FC7-6E9E-4508-AE52-02EBD62715C0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A88F9F2E-C176-460B-BAC4-2F3095754191} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {A95A9FB9-FF57-4B58-B10C-D433C97BB806} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [758600 2019-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAE29551-C981-4B61-9B44-FF453E99AE56} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE68CDF3-BCAA-4E8B-98C4-63893A31DD20} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B06F6310-5548-4EAE-9101-518C969FFFDA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B1DD8644-E724-41E3-AA21-1EDFF043C729} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B3B25EFC-CAC3-4E68-8FC1-D15BADC866B4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B46DCB02-1641-40E2-B1E9-8CA74D033D3D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6546981-7692-45FA-988B-F409BE5C555B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B748449A-7286-461C-9E76-9579BA14CB92} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-15] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C0596616-0821-48BC-B5AA-226A77EA2D00} - System32\Tasks\Trend Micro Worry-Free Business Security Services Recovery Pack Tool => C:\Program Files (x86)\Trend Micro\WFBSSUpdater\WFBSSUpdater.exe [380352 2017-05-22] (Trend Micro, Inc. -> Trend Micro Inc.)
Task: {C0661ED2-A1DC-4BE1-9183-3464A9664996} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C532F769-361A-45CE-9709-35DCA58A7D68} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7348440 2017-03-03] (Piriform Ltd -> Piriform Ltd)
Task: {C58F9BAF-196B-45E0-8CDB-3AA80A86754C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CD6710C8-D8AB-456F-A0D8-9522F8BC25E6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D478EC46-87B6-4B6C-B0C2-6FB843B36757} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetShowNotificationOff => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [149200 2014-03-18] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {D772C219-5DCF-4EE5-86F2-88C864572AEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-27] (Google Inc -> Google Inc.)
Task: {D87E840B-A2B7-4783-91A4-4F7B1DAB8B18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8E9344F-EF0E-4DEE-BA38-54924BE1775B} - System32\Tasks\Fujitsu\Power Saving Utility\Fujitsu Power Saving Utility => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [318288 2014-02-04] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {D99EB075-8E23-4751-815E-0282F82435C4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DDDE452B-1F52-425B-9A09-334D2D173EBF} - System32\Tasks\Fujitsu\StatusPanelSwitch\ShowDialogToRestartSuspendPrevention => C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitch.exe [542416 2014-04-17] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {DF1F7880-ABF6-407B-8F6A-1B68A596501C} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetShowNotificationOn => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [149200 2014-03-18] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {E26B2162-00DB-4BF5-A81A-F82DBA17C494} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E37A6436-AA7F-42AC-A75E-127EB07BE8E0} - System32\Tasks\Fujitsu\PointingDeviceUtility\ToggleIPD => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [149200 2014-03-18] (FUJITSU LIMITED -> FUJITSU LIMITED)
Task: {E63A1BE6-43A6-459C-B3B4-1AA594A7B968} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112160 2019-04-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E945F923-2681-422B-8F3D-DA82FB764D47} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2E5244B-A94A-4433-9236-804CF61FB7B6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F504194D-15F9-4DC7-8830-ED73643B5B13} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FE0EF540-ECD7-433D-82E8-69051F9FEFF0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe/cEvi.Bru
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe/ua /installsource schedulerEvi.Bru
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1998309980-3871841466-2905450685-1001.job => C:\Users\Petr.Dolezel\AppData\Local\GoToMeeting\7495\g2mupdate.exe C:\Users\Petr.Dolezel\AppData\Local\GoToMeeting\7495PDolezel-NB\Petr.Dol
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1998309980-3871841466-2905450685-1001.job => C:\Users\Petr.Dolezel\AppData\Local\GoToMeeting\7495\g2mupload.exe C:\Users\Petr.Dolezel\AppData\Local\GoToMeeting\7495PDolezel-NB\Petr.Dol
Task: C:\WINDOWS\Tasks\Trend Micro Worry-Free Business Security Services Recovery Pack Tool.job => C:\Program Files (x86)\Trend Micro\WFBSSUpdater\WFBSSUpdater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{385f8bf8-1588-4773-bb1c-75e9c7ece2cb}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{7c000f63-9b87-474a-886c-fd76a837c21c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{96165bdf-7aa8-44ee-8ce9-d6c64643a54e}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a3398486-7ade-449d-a4dd-f6b4a7559e22}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com/?pc=FSJB
HKU\S-1-5-21-1998309980-3871841466-2905450685-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com/?pc=FSJB
SearchScopes: HKU\S-1-5-21-1998309980-3871841466-2905450685-1001 -> DefaultScope {E085A6C9-4340-4F5C-88AE-27FA5D8E0F91} URL =
SearchScopes: HKU\S-1-5-21-1998309980-3871841466-2905450685-1001 -> {E085A6C9-4340-4F5C-88AE-27FA5D8E0F91} URL =
SearchScopes: HKU\S-1-5-21-1998309980-3871841466-2905450685-1002 -> DefaultScope {E085A6C9-4340-4F5C-88AE-27FA5D8E0F91} URL =
SearchScopes: HKU\S-1-5-21-1998309980-3871841466-2905450685-1002 -> {E085A6C9-4340-4F5C-88AE-27FA5D8E0F91} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg.dll [2019-01-23] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg32.dll [2019-01-23] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg.dll [2019-01-23] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmopIEPlg32.dll [2019-01-23] (Trend Micro, Inc. -> Trend Micro Inc.)

FireFox:
========
FF DefaultProfile: ijylvfid.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ijylvfid.default [2017-03-24]
FF Homepage: Mozilla\Firefox\Profiles\ijylvfid.default -> www.seznam.cz
FF Extension: (Adblock Plus) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\ijylvfid.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-24] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Windows\system32\npdeployJava1.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-24] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1998309980-3871841466-2905450685-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Petr.Dolezel\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-01-28] (Citrix Online -> Citrix Online)

Chrome:
=======
CHR HKU\S-1-5-21-1998309980-3871841466-2905450685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 caloa agent service 1.5; C:\Program Files (x86)\pcvisit Software AG\pcvisit RemoteHost 15.0\pcvisit_client.exe [7341480 2019-01-23] (pcvisit software ag -> pcvisit Software ag)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11084584 2019-04-19] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-15] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-15] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2016-09-08] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 FJStatusPanelSwitchDaemon; C:\Program Files\Fujitsu\StatusPanelSwitch\StatusPanelSwitchDaemon.exe [406736 2014-04-17] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [74960 2014-02-27] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 ntrtscan; C:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe [8621840 2019-04-19] (Trend Micro, Inc. -> Trend Micro Inc.)
S2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2219520 2013-07-13] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [51608 2014-01-08] (FUJITSU LIMITED -> FUJITSU LIMITED)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737560 2019-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 svcGenericHost; C:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe [413168 2019-04-19] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [644512 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 TmCCSF; C:\Program Files (x86)\Trend Micro\Client Server Security Agent\CCSF\TmCCSF.exe [1810648 2019-04-19] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmlisten; C:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe [5661096 2019-04-19] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-09-23] (Validity Sensors, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FBIOSDRV; C:\WINDOWS\System32\Drivers\FBIOSDRV.sys [46200 2016-01-15] (FUJITSU LIMITED -> FUJITSU LIMITED)
S3 FscEfDmi; C:\WINDOWS\System32\DRIVERS\FscEfDmi.sys [25856 2014-04-16] (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions)
S3 FscGabi; C:\WINDOWS\System32\DRIVERS\FscGabi.sys [29952 2014-04-16] (Fujitsu Technology Solutions GmbH -> Fujitsu Technology Solutions)
R3 FUJ02B1; C:\WINDOWS\system32\DRIVERS\FUJ02B1.sys [68536 2018-09-06] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 FUJ02E3; C:\WINDOWS\System32\drivers\FUJ02E3.sys [117400 2018-12-25] (FUJITSU LIMITED -> FUJITSU LIMITED)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2018-04-12] (Microsoft Windows -> Intel Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [427736 2013-08-09] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [1877088 2016-01-06] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R2 tmactmon; C:\WINDOWS\System32\DRIVERS\tmactmon.sys [138288 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmcomm; C:\WINDOWS\System32\DRIVERS\tmcomm.sys [464160 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmeevw; C:\WINDOWS\system32\DRIVERS\tmeevw.sys [147672 2018-08-21] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\WINDOWS\System32\DRIVERS\tmel.sys [38408 2019-03-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R2 tmevtmgr; C:\WINDOWS\System32\DRIVERS\tmevtmgr.sys [100944 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 TmFilter; C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys [407240 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys [70344 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmumh; C:\WINDOWS\system32\DRIVERS\TMUMH.sys [153616 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmusa; C:\WINDOWS\system32\DRIVERS\tmusa.sys [137232 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R2 VSApiNt; C:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys [2906848 2019-03-22] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 13:08 - 2019-05-02 13:08 - 000000000 ____D C:\FRST
2019-04-29 08:28 - 2019-04-29 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Security Agent
2019-04-29 08:24 - 2019-04-29 08:24 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-04-29 08:24 - 2019-04-29 08:24 - 000002536 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-04-29 08:24 - 2019-04-29 08:24 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-04-29 08:24 - 2019-04-29 08:24 - 000002524 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-04-29 08:24 - 2019-04-29 08:24 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-04-29 08:24 - 2019-04-29 08:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-04-29 08:24 - 2019-04-29 08:24 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-04-29 08:24 - 2019-04-29 08:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-04-26 08:19 - 2019-04-26 08:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-23 14:13 - 2019-04-23 14:13 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-04-16 07:18 - 2019-04-16 07:18 - 000000000 ___HD C:\OneDriveTemp

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 13:01 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-02 12:57 - 2016-07-19 10:52 - 000000000 ____D C:\Users\Petr.Dolezel\AppData\Roaming\vlc
2019-05-02 12:26 - 2017-06-19 09:05 - 000015349 _____ C:\WINDOWS\cfgall.ini
2019-05-02 12:07 - 2018-05-29 15:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-02 11:37 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-02 08:59 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-02 08:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-02 08:59 - 2018-01-04 16:21 - 000000000 ____D C:\Users\Petr.Dolezel\AppData\Local\Packages
2019-05-02 08:56 - 2018-05-29 16:31 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2019-05-02 08:54 - 2015-07-20 12:08 - 000000000 ____D C:\ProgramData\pcvisit Software AG
2019-04-29 08:28 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-04-29 08:23 - 2014-05-02 03:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-04-26 08:20 - 2015-06-14 12:24 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-26 08:16 - 2016-09-27 19:08 - 000000000 ___RD C:\Users\Petr.Dolezel\Google Drive
2019-04-26 08:12 - 2017-09-25 08:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-04-26 08:12 - 2016-09-27 19:07 - 000002079 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-04-26 08:12 - 2016-09-27 19:07 - 000002077 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-04-26 08:12 - 2016-09-27 19:07 - 000002067 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-04-23 11:15 - 2019-03-12 09:32 - 000000000 ____D C:\Users\Petr.Dolezel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2019-04-16 07:18 - 2018-05-29 16:31 - 000003386 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1998309980-3871841466-2905450685-1001
2019-04-16 07:18 - 2018-05-29 15:55 - 000002394 _____ C:\Users\Petr.Dolezel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-16 07:18 - 2015-06-30 18:09 - 000000000 ___RD C:\Users\Petr.Dolezel\OneDrive - Ripac GmbH
2019-04-10 14:39 - 2015-06-13 17:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 14:21 - 2015-06-13 17:32 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-05 13:26 - 2017-10-02 08:23 - 000000000 ____D C:\Program Files\rempl
2019-04-05 10:28 - 2017-03-23 14:22 - 000007992 _____ C:\WINDOWS\BRRBCOM.INI
2019-04-05 07:54 - 2016-11-24 18:25 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-05 07:54 - 2016-11-24 18:25 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-02 06:49 - 2016-06-21 09:55 - 000000000 ____D C:\Users\Petr.Dolezel\AppData\Local\CrashDumps

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Neskutečně pomalý notebook

#2 Příspěvek od Rudy »

Zdravím!
Lituji, ale fórum viry.cz je určeno jako podpora pouze home userům, takže firemní PC zde neřešíme. Viz: https://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 6).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět