Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Beli33
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 23 lis 2015 13:56

Preventivní kontrola

#1 Příspěvek od Beli33 »

Zdravím, mohl bych poprosit o preventivní kontrolu? PC je nějaký zpomalený. děkuji


Logfile of random's system information tool 1.10 (written by random/random)
Run by Beli at 2020-03-11 17:31:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 9 GB (8%) free of 123 GB
Total RAM: 4078 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:31:24, on 11.3.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\CNT\Navitel Navigator update center\NavitelUpdaterService.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
C:\Program Files\trend micro\Beli.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Service for Navitel Navigator Update Center] C:\Program Files (x86)\CNT\Navitel Navigator update center\NavitelUpdaterService.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: SOLIDWORKS 2016 Rychlé spuštění.lnk = ?
O4 - Global Startup: SOLIDWORKS Nástroj pro stahování na pozadí.lnk = ?
O4 - Global Startup: SPDriverInstall.lnk = ?
O4 - Global Startup: Toshiba Places Icon Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do aplikace TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {14711E5F-189F-4D07-9D41-9EB57F547DD8} (Media Control) - http://prikopy.alesovka.net/Option/Media.CAB
O16 - DPF: {23EBBA97-9B3C-4FCA-872B-78DA21068373} (SStreamVideo Control) - http://192.168.1.230/SStreamVideo.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: SOLIDWORKS Electrical Collaborative Server (ewserver) - Unknown owner - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\elevation_service.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Motorola Device Manager Service (Motorola Device Manager) - Motorola Mobility LLC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PST Service - Motorola - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
O23 - Service: Remote Solver for Flow Simulation 2016 (RemoteSolverDispatcher) - Mentor Graphics Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15981 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\WLANExt.exe 2996864
\??\C:\windows\system32\conhost.exe "-2087894181-1323084449848951494-1170454123-1443590450-1654683762-382237987-327497427
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe"
"C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe"
"C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sTEW_SQLEXPRESS
"C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe"
"C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe" "SOFTWARE\SRAC\COSMOS_FloWorks 2016"
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe"
\??\C:\windows\system32\conhost.exe "14783949171070232926-22332487812255431761933168305-1105928659140580986-2144020192
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR
WLIDSvcM.exe 3312
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" Run
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files (x86)\CNT\Navitel Navigator update center\NavitelUpdaterService.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe" /launch_from 0
"C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Beli\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 6.1.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.7.0.271" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --disable-gpu-compositing --channel="3972.0.1345392911\858370797" /prefetch:673131151
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --disable-3d-apis --disable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-file="C:\Users\Beli\AppData\Local\Temp\CreativeCloud\ACC\CEF.log" --log-severity=warning --user-agent="Mozilla/5.0 (Windows NT 6.1.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/3.7.0.271" --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --disable-gpu-compositing --channel="3972.1.1984667179\296788358" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\main.js"
\??\C:\windows\system32\conhost.exe "-12742129442135869235-10767615651006034024865595625-1820193777746016951-627158582
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files\Prusa3D\PrusaSlicer\prusa-slicer.exe"
"C:\Program Files (x86)\OpenOffice 4\program\\scalc.exe" -o "C:\Users\Beli\Desktop\3D tisk\3D Tisk kalkulátor Ender.xlsx"
"C:\Program Files (x86)\OpenOffice 4\program\\scalc.exe" -o "C:\Users\Beli\Desktop\3D tisk\3D Tisk kalkulátor Ender.xlsx" -calc
"C:\Program Files (x86)\OpenOffice 4\program\\scalc.exe" "-o" "C:\Users\Beli\Desktop\3D tisk\3D Tisk kalkulátor Ender.xlsx" "-calc" "-env:OOO_CWD=2C:\\Users\\Beli\\Desktop\\3D tisk"
C:\windows\splwow64.exe 8192
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Beli\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Beli\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Beli\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=80.0.3987.132 --initial-client-data=0x3c,0x40,0x44,0x38,0x48,0x7fed070ed18,0x7fed070ed28,0x7fed070ed38
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2968 --on-initialized-event-handle=240 --parent-handle=244 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --mojo-platform-channel-handle=1104 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1244 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2252 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4648 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=362 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4252 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=427 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4332 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=506 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=507 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=519 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=627 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6288 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=630 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --ppapi-flash-args --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=4976 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=640 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=576 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --ppapi-flash-args --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=1788 --ignored=" --type=renderer " /prefetch:3

taskeng.exe {84F56C89-1A46-439C-B0D1-62C85A26C119}
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=6148 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=653 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c29fc234-304a-4169-b6a7-3496ccca4f88 -SystemEventPortName:HostProcess-9dbb5557-aaf1-4e4e-9088-0da0d59176af -IoCancelEventPortName:HostProcess-d23362c0-d893-48e6-aef2-aba27c4a5a97 -NonStateChangingEventPortName:HostProcess-f13196ed-ed4f-4f23-8a40-9a91205947b5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c18eec87-0b83-4884-bd0c-d093bb262fe4 -DeviceGroupId:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1040,9160403259217665402,13702467627550005865,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=655 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2176 /prefetch:1
"C:\Users\Beli\Desktop\Odvirování\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\simplitec Power Suite (Tray).job - C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\windows\tasks\simplitec Power Suite.job - C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe -task

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-03 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-12-14 38304]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-03-02 566696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2010-09-25 296824]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-12-15 973176]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-03 2679592]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2011-03-02 1520552]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-12-08 710040]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2011-07-01 712096]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"Toshiba Registration"=C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-08-03 150992]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2019-10-08 2872400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-05-16 846936]
"AdobeBridge"= []
"KiesPDLR.exe"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2016-11-16 1023664]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-03-11 8686296]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2019-02-15 735336]
"Service for Navitel Navigator Update Center"=C:\Program Files (x86)\CNT\Navitel Navigator update center\NavitelUpdaterService.exe [2019-04-12 1284608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-03-11 8686296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2011-03-03 597928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-06-04 252792]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-06-08 2380480]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-07-25 1985824]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-11-16 318128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
SOLIDWORKS 2016 Rychlé spuštění.lnk - C:\windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SOLIDWORKS Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
SPDriverInstall.lnk - C:\Program Files\MediaTek\SP Driver\SPDriverInstall
Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======


======List of files/folders modified in the last 1 month======

2020-03-11 17:31:24 ----D---- C:\windows\Prefetch
2020-03-11 17:31:23 ----D---- C:\windows\Temp
2020-03-11 17:31:20 ----D---- C:\Program Files\trend micro
2020-03-11 10:47:46 ----D---- C:\windows\SysWOW64
2020-03-11 10:47:45 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2020-03-11 10:47:29 ----D---- C:\windows\system32\Macromed
2020-03-11 10:47:06 ----D---- C:\windows\SYSWOW64\Macromed
2020-03-08 20:58:52 ----D---- C:\Users\Beli\AppData\Roaming\vlc
2020-03-08 09:19:13 ----D---- C:\Windows
2020-03-08 09:18:46 ----D---- C:\windows\inf
2020-03-07 22:00:30 ----SHD---- C:\System Volume Information
2020-03-07 19:48:18 ----D---- C:\windows\Minidump
2020-03-05 21:45:35 ----D---- C:\Users\Beli\AppData\Roaming\PrusaSlicer
2020-03-05 19:33:32 ----D---- C:\windows\System32
2020-03-05 19:33:32 ----A---- C:\windows\system32\PerfStringBackup.INI
2020-03-05 09:39:15 ----D---- C:\windows\system32\config
2020-03-03 21:18:41 ----A---- C:\windows\SYSWOW64\log.txt
2020-03-03 21:15:17 ----D---- C:\ProgramData\NVIDIA
2020-03-03 21:15:15 ----D---- C:\Temp
2020-02-15 11:49:04 ----D---- C:\Users\Beli\AppData\Roaming\Slic3rPE-beta

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2019-12-09 267304]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2019-12-09 200360]
R1 RegHiveRecovery;Registry Hive Recovery Driver; \??\C:\windows\system32\drivers\RegHiveRecovery.sys [2018-09-14 38936]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 VBoxDrv;VirtualBox Service; C:\windows\system32\DRIVERS\VBoxDrv.sys [2017-03-15 959720]
R1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service; C:\windows\system32\DRIVERS\VBoxNetAdp6.sys [2017-03-15 131144]
R1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetLwf.sys [2017-03-15 205440]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\windows\system32\DRIVERS\VBoxUSBMon.sys [2017-03-15 149304]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2019-12-09 184184]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-12-17 2675712]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\windows\system32\DRIVERS\dtlitescsibus.sys [2019-02-15 42256]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\windows\system32\DRIVERS\dtliteusbbus.sys [2019-02-15 59360]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-11-08 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2011-05-10 174184]
R3 QIOMem;Generic IO & Memory Access; C:\windows\system32\drivers\QIOMem.sys [2009-06-15 12800]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-02-03 1413680]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2011-01-20 291120]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2010-06-18 18872]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S3 BTCFilterService;USB Networking Driver Filter Service; C:\windows\system32\DRIVERS\motfilt.sys [2013-07-23 6144]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2016-07-22 130688]
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2017-09-20 129448]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2016-03-16 95168]
S3 CH341SER_A64;CH341SER_A64; C:\windows\System32\Drivers\CH341S64.SYS [2018-12-08 59904]
S3 motandroidusb;Mot ADB Interface Driver; C:\windows\System32\Drivers\motoandroid.sys [2013-07-23 32768]
S3 motccgp;Motorola USB Composite Device Driver; C:\windows\system32\DRIVERS\motccgp.sys [2013-07-23 23552]
S3 MotoSwitchService;MotoSwitch Service; C:\windows\system32\DRIVERS\motswch.sys [2013-07-23 8832]
S3 Motousbnet;Motorola USB Networking Driver Service; C:\windows\system32\DRIVERS\Motousbnet.sys [2013-07-23 27648]
S3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RTSUVSTOR.sys [2011-07-08 307304]
S3 Ser2pl;Prolific Serial port WDF driver; C:\windows\system32\DRIVERS\ser2pl64.sys [2013-10-17 167936]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2016-07-22 164992]
S3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB RS-232 Emulation Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 VBoxUSB;VirtualBox USB; C:\windows\System32\Drivers\VBoxUSB.sys [2017-03-15 137920]
S3 wdm_usb;wdm_usb; C:\windows\system32\DRIVERS\usb2ser.sys [2016-07-16 151184]
S4 RsFx0310;RsFx0310 Driver; C:\windows\system32\DRIVERS\RsFx0310.sys [2015-04-20 249024]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-10-08 3147344]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-10-08 2914896]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2011-03-01 27648]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2019-12-09 2794224]
R2 ewserver;SOLIDWORKS Electrical Collaborative Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [2016-04-05 179248]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 Motorola Device Manager;Motorola Device Manager Service; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2014-04-08 137528]
R2 MSSQL$TEW_SQLEXPRESS;SQL Server (TEW_SQLEXPRESS); C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2015-04-20 372416]
R2 NAUpdate;@c:\Program Files (x86)\Nero\Update\NASvc.exe,-200; c:\Program Files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-05-11 993896]
R2 PST Service;PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2011-09-02 65657]
R2 RemoteSolverDispatcher;Remote Solver for Flow Simulation 2016; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [2016-04-05 239536]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2014-02-21 270016]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2015-04-20 134336]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-11 378472]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2010-10-20 138656]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-12-09 489384]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-03-02 266680]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2019-02-15 4132456]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2010-04-12 196976]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-08 137632]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-24 154440]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-03-11 335416]
S3 CoordinatorServiceHost;DTSInterops; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [2016-04-06 80792]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2019-02-15 1484080]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2019-02-15 1074480]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\elevation_service.exe [2020-02-29 1113072]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-24 154440]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2019-02-15 79360]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2016-03-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 SQLAgent$TEW_SQLEXPRESS;SQL Server Agent (TEW_SQLEXPRESS); C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2015-04-20 613056]

-----------------EOF-----------------
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Beli33
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 23 lis 2015 13:56

Re: Preventivní kontrola

#3 Příspěvek od Beli33 »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-14-2020
# Duration: 00:01:47
# OS: Windows 7 Home Premium
# Cleaned: 76
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\Tencent
Deleted C:\Program Files (x86)\DriverToolkit
Deleted C:\Users\Beli\AppData\Local\DriverToolkit
Deleted C:\Users\Beli\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\DriverToolkit
Deleted HKCU\Software\VIS
Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{BD9EEC15-78F2-4471-B78E-4900CEF473AE}C:\program files (x86)\common files\tencent\qqdownload\125\tencentdl.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{3EB3E6AB-5A55-49C1-82D3-FCEC0F3206D5}C:\program files (x86)\common files\tencent\qqdownload\125\tencentdl.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7F78DE12-D532-4D4F-B990-B436E02E51F6}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A846389B-DF72-48E0-B247-D503E0DD0372}
Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B9E49847-9822-4139-BC55-7173ED1ADA11}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{B9E49847-9822-4139-BC55-7173ED1ADA11}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|AndroidServer.exe
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

Not Deleted ainbkicbloikcngphmjfpjdemblcojdd

***** [ Chromium URLs ] *****

Deleted Softonic EN
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\Beli\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.TOSHIBABatteryManager Folder C:\Program Files\TOSHIBA\POWER SAVER
Deleted Preinstalled.TOSHIBABatteryManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TPwrMain
Deleted Preinstalled.TOSHIBABulletinBoard Folder C:\Program Files\TOSHIBA\BULLETINBOARD
Deleted Preinstalled.TOSHIBABulletinBoard Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\TosNC
Deleted Preinstalled.TOSHIBABulletinBoard Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{43DBC64B-3DD1-47E2-8788-D3C3B110C574}
Deleted Preinstalled.TOSHIBABulletinBoard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}
Deleted Preinstalled.TOSHIBABulletinBoard Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{43DBC64B-3DD1-47E2-8788-D3C3B110C574}
Deleted Preinstalled.TOSHIBAConfigFree Folder C:\Program Files (x86)\TOSHIBA\CONFIGFREE
Deleted Preinstalled.TOSHIBAConfigFree Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\CONFIGFREE
Deleted Preinstalled.TOSHIBAConfigFree Folder C:\ProgramData\TOSHIBA\CONFIGFREE
Deleted Preinstalled.TOSHIBAConfigFree Folder C:\Users\Beli\AppData\Local\TOSHIBA\CONFIGFREE
Deleted Preinstalled.TOSHIBAConfigFree Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10A5FB3A-27AA-4B92-8CBA-411B33573252}
Deleted Preinstalled.TOSHIBAConfigFree Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConfigFree Startup Programs
Deleted Preinstalled.TOSHIBAConfigFree Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D5AEEAA2-184E-4A2A-BAA3-6225EA4B9516}
Deleted Preinstalled.TOSHIBAConfigFree Task C:\Windows\System32\Tasks\CONFIGFREE STARTUP PROGRAMS
Deleted Preinstalled.TOSHIBAOnlineProductInformation Folder C:\Program Files (x86)\TOSHIBA\TOSHIBA ONLINE PRODUCT INFORMATION
Deleted Preinstalled.TOSHIBAOnlineProductInformation Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run|TOPI.EXE
Deleted Preinstalled.TOSHIBAOnlineProductInformation Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2290A680-4083-410A-ADCC-7092C67FC052}
Deleted Preinstalled.TOSHIBAOnlineProductInformation Registry HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run|TOPI.EXE
Deleted Preinstalled.TOSHIBAOnlineProductInformation Registry HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run|TOPI.EXE
Deleted Preinstalled.TOSHIBAOnlineProductInformation Registry HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run|TOPI.EXE
Deleted Preinstalled.TOSHIBAOnlineProductInformation Registry HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run|TOPI.EXE
Deleted Preinstalled.TOSHIBAPCHealthMonitor Folder C:\Program Files\TOSHIBA\TPHM
Deleted Preinstalled.TOSHIBAPCHealthMonitor Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TosWaitSrv
Deleted Preinstalled.TOSHIBAPCHealthMonitor Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
Deleted Preinstalled.TOSHIBAReelTime Folder C:\Program Files\TOSHIBA\REELTIME
Deleted Preinstalled.TOSHIBAReelTime Folder C:\Users\Beli\AppData\Roaming\TOSHIBA\REELTIME
Deleted Preinstalled.TOSHIBAReelTime Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TosReelTimeMonitor
Deleted Preinstalled.TOSHIBAReelTime Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
Deleted Preinstalled.TOSHIBAReelTime Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
Deleted Preinstalled.TOSHIBAReelTime Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
Deleted Preinstalled.TOSHIBARegistration Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Toshiba Registration
Deleted Preinstalled.TOSHIBASleepUtility Folder C:\Program Files (x86)\TOSHIBA\TOSHIBA SLEEP UTILITY
Deleted Preinstalled.TOSHIBASleepUtility Registry HKLM\Software\Classes\CLSID\{ACF2AFDF-0EC4-4D09-B3C3-C472C69B011E}
Deleted Preinstalled.TOSHIBASleepUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{654F7484-88C5-46DC-AB32-C66BCB0E2102}
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|TSleepSrv
Deleted Preinstalled.TOSHIBATEMPRO Folder C:\Program Files (x86)\TOSHIBA TEMPRO
Deleted Preinstalled.TOSHIBATEMPRO Registry HKLM\Software\Classes\CLSID\{F1999956-6CC2-4912-990F-F3E26C88D250}
Deleted Preinstalled.TOSHIBATEMPRO Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Toshiba TEMPRO
Deleted Preinstalled.TOSHIBAUtilities Folder C:\Program Files\TOSHIBA\UTILITIES
Deleted Preinstalled.TOSHIBAUtilities Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
Deleted Preinstalled.TOSHIBAUtilities Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}
Deleted Preinstalled.TOSHIBAUtilities Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}
Deleted Preinstalled.TOSHIBAUtilities Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}
Deleted Preinstalled.TOSHIBAWebCameraApplication Folder C:\Program Files (x86)\TOSHIBA\TOSHIBA WEB CAMERA APPLICATION
Deleted Preinstalled.TOSHIBAWebCameraApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
Deleted Preinstalled.TOSHIBAWebCameraApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10285 octets] - [14/03/2020 22:20:01]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Beli33
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 23 lis 2015 13:56

Re: Preventivní kontrola

#5 Příspěvek od Beli33 »

FRST.txt


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by Beli (administrator) on BELI-NTB (TOSHIBA SATELLITE L750) (15-03-2020 18:44:22)
Running from C:\Users\Beli\Desktop\Odvirování
Loaded Profiles: Beli (Available Profiles: Beli)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\CNT\Navitel Navigator update center\NavitelUpdaterService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> ) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe
(Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(simplitec GmbH -> simplitec GmbH) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION -> Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe
(Wondershare Software Co., Ltd. -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1520552 2011-03-02] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare Software Co., Ltd. -> Wondershare)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1023664 2016-11-16] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [735336 2019-02-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\Run: [Service for Navitel Navigator Update Center] => C:\Program Files (x86)\CNT\Navitel Navigator update center\NavitelUpdaterService.exe [1284608 2019-04-12] () [File not signed]
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {109ad7da-3fc0-11e6-9735-047d7b7393a4} - F:\HPLauncher.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {1a7e6255-bfff-11e8-8056-047d7b7393a4} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {1f81bc97-d83a-11e7-ac5d-bc166eb16a2b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {2ae2a984-fe34-11e5-9af3-047d7b7393a4} - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {3b2028a3-4752-11e6-9864-047d7b7393a4} - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {59bbfae6-5cde-11e7-9183-aac090acc53d} - F:\MotoCastSetup.exe -a
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {966f76b5-6954-11e8-9be4-f6c39d17fc7d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {9d4085bc-a839-11e6-a50c-047d7b7393a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {a6ceb66c-144c-11ea-bdba-fd1ba08b6963} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {b3626df2-bb79-11e6-8cea-047d7b7393a4} - F:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{AC95EC36-10E5-4e80-9A47-3A413963594C}] -> C:\windows\system32\tosWirelessLANIndicatorCP.dll [2011-02-17] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2011-01-17] (TOSHIBA Corporation) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2019-12-14]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION -> TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Rychlé spuštění.lnk [2019-02-15]
ShortcutTarget: SOLIDWORKS 2016 Rychlé spuštění.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Nástroj pro stahování na pozadí.lnk [2019-02-15]
ShortcutTarget: SOLIDWORKS Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2017-12-30]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2011-08-03]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (TOSHIBA CORPORATION -> Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-08-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA CORPORATION -> TOSHIBA Europe)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02604A0B-9BE9-4C71-9234-31F24234CCEE} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {281A4892-5FE7-4341-959A-5003CB09D75C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {281A4892-5FE7-4341-959A-5003CB09D75C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {305D0450-C484-463E-AC5C-DA96659E6B5D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {305D0450-C484-463E-AC5C-DA96659E6B5D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {4B47D8ED-EAF3-45EC-A0C1-DF60ACBBC518} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-24] (Google Inc -> Google Inc.)
Task: {612C63FF-2214-4FF1-B6A8-571AFACD256E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-24] (Google Inc -> Google Inc.)
Task: {68E400B9-87C2-4DCA-BB27-DC33FBCEE105} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-11] (Adobe Inc. -> Adobe)
Task: {71B0412B-36FF-4B12-A294-C1C81D6A7874} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {71B0412B-36FF-4B12-A294-C1C81D6A7874} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {7FE27F79-8ED1-4580-A5DF-54D9F097A44F} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {94CFC550-DAB4-45C1-8489-7CB39D554BCA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {98B53000-3BFC-45D6-8A3D-5E04086060AF} - System32\Tasks\GoogleUpdateTaskMachineUA1d185fa4ac90e05 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-24] (Google Inc -> Google Inc.)
Task: {AB24DCCC-916F-4859-982C-27898EBC0049} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe [911648 2015-10-23] (simplitec GmbH -> simplitec GmbH) <==== ATTENTION
Task: {B77B9907-380D-41F6-8797-38161D3639F6} - System32\Tasks\GoogleUpdateTaskMachineUA1d1aafbaf5d42f5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-24] (Google Inc -> Google Inc.)
Task: {C0D8878C-20B5-423A-B7C8-92F560205030} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-11] (Adobe Inc. -> Adobe)
Task: {C6730F30-37F9-4520-A1DB-F89A0C3CFB1B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd -> Piriform Ltd)
Task: {CD6B6163-958F-4C7A-B492-39705BD1A2DF} - System32\Tasks\AdobeAAMUpdater-1.0-Beli-NTB-Beli => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DA5161D7-DE15-4EFB-8EDB-EC86A79FA71C} - System32\Tasks\GoogleUpdateTaskMachineCore1d1aafbaec23b62 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-24] (Google Inc -> Google Inc.)
Task: {DD4A28AD-06C4-408D-846D-1C94CC062226} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe [1105696 2015-10-23] (simplitec GmbH -> simplitec GmbH) <==== ATTENTION
Task: {E1067FFF-53F9-41B8-ACEA-6DCDBB7E66AC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\simplitec Power Suite (Tray).job => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\windows\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.0.1.1
Tcpip\..\Interfaces\{8210DC18-E820-43E1-9722-005398C6AAF3}: [DhcpNameServer] 192.168.1.1 10.0.1.1

Internet Explorer:
==================
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
SearchScopes: HKU\S-1-5-21-879514104-3121079894-3175494132-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-879514104-3121079894-3175494132-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-03] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
DPF: HKLM-x32 {14711E5F-189F-4D07-9D41-9EB57F547DD8} hxxp://prikopy.alesovka.net/Option/Media.CAB
DPF: HKLM-x32 {23EBBA97-9B3C-4FCA-872B-78DA21068373} hxxp://192.168.1.230/SStreamVideo.cab
Handler-x32: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll [2005-09-23] (Microsoft Corporation) [File not signed]

FireFox:
========
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\NPCOMP~1.DLL [2016-04-05] (DASSAULT SYSTEMES SA -> Dassault Systemes)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~4\Bin\x86\NPCOMP~1.DLL [2016-04-05] (DASSAULT SYSTEMES SA -> Dassault Systemes)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2011-05-11] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2011-05-11] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-07-16] (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )

Chrome:
=======
CHR Profile: C:\Users\Beli\AppData\Local\Google\Chrome\User Data\Default [2020-03-15]
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Beli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2017-06-10] [UpdateUrl:hxxps://dl.dropbox.com/u/9278456/Chrome_YouTube_Downloader/update.xml] <==== ATTENTION
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Beli\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-03-05]
CHR Extension: (Search by Image (by Google)) - C:\Users\Beli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2018-07-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Beli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Chrome Media Router) - C:\Users\Beli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-02-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2794224 2019-12-09] (ESET, spol. s r.o. -> ESET)
R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [179248 2016-04-05] (Trace Software International -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [239536 2016-04-05] (Mentor Graphics Corporation -> Mentor Graphics Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2019-02-15] (SolidWorks) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
S2 cfWiMAXService; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" [X]
S2 ConfigFree Service; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" [X]
S3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X]
S2 TosCoSrv; "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" [X]
S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\windows\System32\DRIVERS\athrx.sys [2675712 2010-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 BTCFilterService; C:\windows\System32\DRIVERS\motfilt.sys [6144 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc)
S3 CH341SER_A64; C:\windows\System32\Drivers\CH341S64.SYS [59904 2018-12-08] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-02-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-02-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [267304 2019-12-09] (ESET, spol. s r.o. -> ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [200360 2019-12-09] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [184184 2019-12-09] (ESET, spol. s r.o. -> ESET)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [129448 2017-09-20] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\windows\System32\drivers\ftser2k.sys [95168 2016-03-16] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 motandroidusb; C:\windows\System32\Drivers\motoandroid.sys [32768 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 motccgp; C:\windows\System32\DRIVERS\motccgp.sys [23552 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 MotoSwitchService; C:\windows\System32\DRIVERS\motswch.sys [8832 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 Motousbnet; C:\windows\System32\DRIVERS\Motousbnet.sys [27648 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
R3 nusb3hub; C:\windows\System32\DRIVERS\nusb3hub.sys [80384 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\windows\System32\DRIVERS\nusb3xhc.sys [181248 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 QIOMem; C:\windows\system32\drivers\QIOMem.sys [12800 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> TOSHIBA)
R1 RegHiveRecovery; C:\windows\system32\drivers\RegHiveRecovery.sys [38936 2018-09-14] (Microsoft Corporation -> Microsoft Corporation)
S4 RsFx0310; C:\windows\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
S3 Ser2pl; C:\windows\System32\DRIVERS\ser2pl64.sys [167936 2013-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 TosRfSnd; C:\windows\System32\drivers\tosrfsnd.sys [63488 2010-04-26] (Microsoft Windows Hardware Compatibility Publisher -> TOSHIBA Corporation)
R1 VBoxNetAdp; C:\windows\System32\DRIVERS\VBoxNetAdp6.sys [131144 2017-03-15] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\windows\System32\DRIVERS\VBoxNetLwf.sys [205440 2017-03-15] (Oracle Corporation -> Oracle Corporation)
S3 VBoxUSB; C:\windows\System32\Drivers\VBoxUSB.sys [137920 2017-03-15] (Oracle Corporation -> Oracle Corporation)
S3 wdm_usb; C:\windows\System32\DRIVERS\usb2ser.sys [151184 2016-07-16] (NGO -> MBB)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [36864 2018-09-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-15 18:44 - 2020-03-15 18:46 - 000000000 ____D C:\FRST
2020-03-14 22:17 - 2020-03-14 22:22 - 000000000 ____D C:\AdwCleaner
2020-03-14 22:15 - 2020-03-14 22:16 - 008199856 _____ (Malwarebytes) C:\Users\Beli\Desktop\adwcleaner_8.0.3.exe
2020-03-13 09:22 - 2020-03-13 09:22 - 000132821 _____ C:\Users\Beli\Downloads\cz_L715_ProductsTandCs.pdf
2020-03-13 09:21 - 2020-03-13 09:21 - 001069090 _____ C:\Users\Beli\Downloads\Equabank___Ramcova_smlouva_03_05_2019_10_59_54.pdf
2020-03-13 09:21 - 2020-03-13 09:21 - 000085498 _____ C:\Users\Beli\Downloads\Predsmluvni_informace_03_05_2019_10_59_54.pdf
2020-03-13 09:20 - 2020-03-13 09:20 - 002155652 _____ C:\Users\Beli\Downloads\Navrh_smlouvy_o_Konsolidaci_03_05_2019_10_59_54.pdf
2020-03-10 20:00 - 2020-03-10 20:00 - 000423919 _____ C:\Users\Beli\Desktop\CHIBI-CECHU_ZAPISKY-K-ONLINE-KURZU.pdf
2020-03-10 10:48 - 2020-03-10 10:48 - 000178582 _____ C:\Users\Beli\Downloads\faktura_19FVH29937.pdf
2020-03-10 10:48 - 2020-03-10 10:48 - 000178582 _____ C:\Users\Beli\Downloads\faktura_19FVH29937 (1).pdf
2020-03-10 10:47 - 2020-03-10 10:47 - 000177974 _____ C:\Users\Beli\Downloads\faktura_19FVH30904.pdf
2020-03-08 20:57 - 2020-03-08 20:58 - 000000000 ____D C:\Users\Beli\Desktop\Kluci bazen
2020-03-05 21:52 - 2020-03-14 22:16 - 000118736 _____ C:\Users\Beli\Desktop\milan auto.ods
2020-03-05 21:48 - 2020-03-05 21:47 - 001139204 _____ C:\Users\Beli\Desktop\milan auto_0.2mm_PLA_PT slicer config.gcode
2020-03-02 19:34 - 2020-03-02 19:34 - 017556594 _____ C:\Users\Beli\Downloads\42846721.zip
2020-03-02 11:36 - 2020-03-02 11:37 - 010059464 _____ C:\Users\Beli\Downloads\Adjustable_joint_with_ball_and_nut..zip
2020-02-25 20:28 - 2020-03-02 20:02 - 000000000 ____D C:\Users\Beli\Desktop\Drřák
2020-02-25 20:24 - 2020-02-25 20:24 - 053052898 _____ C:\Users\Beli\Downloads\Tablet_holder_with_4_tension_claws.zip
2020-02-25 20:11 - 2020-02-25 20:12 - 000594420 _____ C:\Users\Beli\Downloads\VESA_Monitor_Arm_.zip
2020-02-25 19:44 - 2020-02-25 19:44 - 000000000 ____D C:\Users\Beli\Desktop\Rameno
2020-02-25 19:15 - 2020-02-25 19:15 - 004774126 _____ C:\Users\Beli\Downloads\43070582.zip
2020-02-25 18:01 - 2020-02-25 18:02 - 000000000 ____D C:\Users\Beli\AppData\Local\{30920E3F-1179-4F98-BE88-0453DB7018BB}
2020-02-25 17:24 - 2020-02-25 17:24 - 002787364 _____ C:\Users\Beli\Downloads\Ender+3+Pro+Double+Drawer.zip
2020-02-25 17:20 - 2020-02-25 17:20 - 001389003 _____ C:\Users\Beli\Downloads\Ender_3_tool_holder_with_card_reader_and_scraper.zip
2020-02-25 17:17 - 2020-02-25 17:17 - 001545811 _____ C:\Users\Beli\Downloads\Ender_3_Cable_Chain_.zip
2020-02-25 17:16 - 2020-02-25 17:17 - 000629727 _____ C:\Users\Beli\Downloads\Drawer_for_Ender3_Ender_3.zip
2020-02-21 20:08 - 2020-03-11 10:55 - 000000000 ____D C:\Users\Public\Tisk
2020-02-21 19:57 - 2020-02-21 19:58 - 000000000 ____D C:\Users\Beli\Desktop\ZJ
2020-02-20 22:29 - 2020-02-20 22:29 - 000380897 _____ C:\Users\Beli\Downloads\GPSmap+60Cx+Molle+Clip.zip
2020-02-20 22:25 - 2020-02-20 22:25 - 000101878 _____ C:\Users\Beli\Downloads\MOLLE_Vest_GoPro_Mount_V2.zip
2020-02-20 22:06 - 2020-02-20 22:06 - 000242917 _____ C:\Users\Beli\Downloads\Ender_3_Level_Test.zip
2020-02-16 11:52 - 2020-02-16 11:52 - 000000000 ____D C:\Users\Beli\Desktop\JVC Lt 32V450 firmware
2020-02-16 11:48 - 2020-02-16 11:48 - 078070707 _____ C:\Users\Beli\Downloads\JVC_MB9798_CORE_SW_V0.45.23.65 (1).ZIP
2020-02-15 11:53 - 2020-02-15 11:53 - 000301886 _____ C:\Users\Beli\Downloads\Battery+dispenser+dual+_+AAA+&+AA.zip
2020-02-15 11:45 - 2020-02-15 11:46 - 000780053 _____ C:\Users\Beli\Downloads\Magpul_AR15_Magazine_Speedloader_for_GECO_.223_REM_clips.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-15 18:44 - 2019-04-17 08:23 - 000000000 ____D C:\Users\Beli\Desktop\Odvirování
2020-03-15 08:53 - 2016-03-26 10:27 - 000000000 ____D C:\Users\Beli\AppData\Local\Adobe
2020-03-14 22:35 - 2009-07-14 05:45 - 000025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-14 22:35 - 2009-07-14 05:45 - 000025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-14 22:26 - 2017-06-30 15:34 - 000000000 ____D C:\Temp
2020-03-14 22:26 - 2016-03-24 17:26 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-14 22:25 - 2016-03-25 18:28 - 000000424 _____ C:\windows\Tasks\simplitec Power Suite (Tray).job
2020-03-14 22:25 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-03-14 22:23 - 2016-03-24 19:08 - 000000000 ____D C:\Users\Beli\AppData\Roaming\Toshiba
2020-03-14 22:23 - 2016-03-24 17:43 - 000000000 ____D C:\ProgramData\TOSHIBA
2020-03-14 22:23 - 2011-08-03 12:41 - 000000000 ____D C:\Program Files\TOSHIBA
2020-03-14 22:23 - 2011-08-03 12:38 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2020-03-14 22:23 - 2011-08-03 12:37 - 000000000 ____D C:\Program Files (x86)\TOSHIBA
2020-03-14 22:22 - 2016-03-24 19:08 - 000000000 ____D C:\Users\Beli\AppData\Local\TOSHIBA
2020-03-14 22:15 - 2019-12-29 19:45 - 000000000 ____D C:\Users\Beli\AppData\Roaming\PrusaSlicer
2020-03-11 17:31 - 2017-12-02 10:13 - 000000000 ____D C:\Program Files\trend micro
2020-03-11 10:47 - 2017-12-29 18:09 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2020-03-11 10:47 - 2017-12-29 18:09 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-03-11 10:47 - 2017-12-29 18:09 - 000004538 _____ C:\windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-03-11 10:47 - 2017-12-29 18:09 - 000004408 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-03-11 10:47 - 2017-12-29 18:09 - 000000000 ____D C:\windows\system32\Macromed
2020-03-11 10:47 - 2016-03-24 17:54 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-03-08 20:58 - 2019-06-21 21:53 - 000000000 ____D C:\Users\Beli\AppData\Roaming\vlc
2020-03-08 09:18 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2020-03-07 19:48 - 2016-08-25 10:30 - 000000000 ____D C:\windows\Minidump
2020-03-06 08:19 - 2011-08-03 13:01 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-05 21:52 - 2019-09-13 10:50 - 000000000 ____D C:\Users\Beli\Desktop\3D tisk
2020-03-05 21:46 - 2019-02-22 10:25 - 000000000 ____D C:\Users\Beli\Documents\Solidworks projekty
2020-03-05 19:33 - 2011-02-14 09:37 - 000767718 _____ C:\windows\system32\perfh005.dat
2020-03-05 19:33 - 2011-02-14 09:37 - 000181634 _____ C:\windows\system32\perfc005.dat
2020-03-05 19:33 - 2009-07-14 06:13 - 001867200 _____ C:\windows\system32\PerfStringBackup.INI
2020-02-24 11:55 - 2020-01-13 07:39 - 000024584 _____ C:\Users\Beli\Desktop\Battery_Holder_AAAandAA.stl
2020-02-21 19:57 - 2019-05-07 11:13 - 000000000 ____D C:\Users\Beli\Desktop\Ovladani FSX
2020-02-15 11:49 - 2019-05-06 14:54 - 000000000 ____D C:\Users\Beli\AppData\Roaming\Slic3rPE-beta

==================== Files in the root of some directories ========

2018-02-24 21:01 - 2018-02-24 21:01 - 000000001 _____ () C:\Users\Beli\AppData\Local\llftool.4.40.agreement
2018-10-03 08:22 - 2018-10-03 08:22 - 000000000 _____ () C:\Users\Beli\AppData\Local\oobelibMkey.log
2016-03-25 21:47 - 2017-07-03 08:48 - 000007598 _____ () C:\Users\Beli\AppData\Local\Resmon.ResmonCfg
2017-12-04 18:40 - 2017-12-04 18:41 - 000000000 _____ () C:\Users\Beli\AppData\Local\{31D8CA80-453F-4B35-8E8F-EB22433E2E19}
2017-12-04 18:40 - 2017-12-04 18:41 - 000000000 _____ () C:\Users\Beli\AppData\Local\{99D490F6-97AA-4BE6-8C78-D3E3054C97E9}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-03-08 17:55
==================== End of FRST.txt ========================






ADDITION.txt




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by Beli (15-03-2020 18:50:12)
Running from C:\Users\Beli\Desktop\Odvirování
Windows 7 Home Premium Service Pack 1 (X64) (2016-03-24 18:05:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-879514104-3121079894-3175494132-500 - Administrator - Disabled)
Beli (S-1-5-21-879514104-3121079894-3175494132-1000 - Administrator - Enabled) => C:\Users\Beli
Guest (S-1-5-21-879514104-3121079894-3175494132-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-879514104-3121079894-3175494132-1007 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.344 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.8.8 - Arduino LLC)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa CW1 (02/13/2013 1.0.0.0) (HKLM\...\B10CCB939D59F72AA817B257D84328FC4A1DC752) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.04(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0770 - Disc Soft Ltd)
Digilent Software (HKLM-x32\...\Digilent Software) (Version: 1.5.8 - Digilent, Inc.)
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
ESET NOD32 Antivirus (HKLM\...\{A14277DC-AB21-499B-832B-A3AF51D5DBF6}) (Version: 9.0.376.1 - ESET, spol. s r.o.)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.57 - Google Inc.) Hidden
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HHD Software Free Serial Port Monitor 3.31 (HKLM-x32\...\{3472693C-6EC5-41FA-B5B9-A22B11AEFE72}) (Version: 3.31.0.0000 - HHD Software)
High-Definition Video Playback (HKLM-x32\...\{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}) (Version: 7.3.10900.8.0 - Nero AG) Hidden
HyperTerminal Private Edition v7.0 (HKLM-x32\...\HTPE3) (Version: - )
ICY Hexplorer (remove only) (HKLM-x32\...\Hexplorer) (Version: - )
Imaging And Configuration Designer (HKLM-x32\...\{4E1BAC0C-0BF2-4A6B-E837-A368AC6BF20D}) (Version: 10.1.17763.1 - Microsoft) Hidden
Imaging Designer (HKLM-x32\...\{949093A4-14B4-E19A-CCE8-1FE1D3527EFD}) (Version: 10.1.17763.1 - Microsoft) Hidden
Imaging Tools Support (HKLM-x32\...\{A8D1FB0D-D923-75CE-F7CF-5C6C498C2038}) (Version: 10.1.17763.1 - Microsoft) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KiCad 5.1.2_2 (HKLM-x32\...\KiCad) (Version: 5.1.2_2 - KiCad)
Kits Configuration Installer (HKLM-x32\...\{B0D8CD97-2DD5-E313-D77D-C737FEC323F3}) (Version: 10.1.17763.1 - Microsoft) Hidden
KMPFaster (HKLM-x32\...\simplitec POWER SUITE_is1) (Version: 2.3.2.902 - simplitec GmbH) <==== ATTENTION
Kodi (HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\Kodi) (Version: - XBMC Foundation)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.06.20130913 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logic (HKLM\...\{1FC4DF07-5E68-45C4-931A-034E629E1365}) (Version: 1.2.17 - Saleae Inc)
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
MediaTek SP Driver version 5.16.32.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.16.32.04 - MediaTek.Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{BF5ABBDB-D3AA-4BCB-8D10-FCD4A4BB7F93}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{6292D514-17A4-403F-98F9-E150F10C043D}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version: - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{C7E2483C-10A4-41E3-A2F6-240186FE3E41}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{FF7DDA05-6EA7-4C01-B44A-3E57F8B9B97B}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2014 (HKLM\...\{366CD715-2FF4-40B4-A8B4-A05E5D21A945}) (Version: 12.1.4100.1 - Microsoft Corporation)
MIT App Inventor Tools 2.3.0 (HKLM-x32\...\MIT App Inventor Tools) (Version: 2.3.0 - Massachusetts Institute of Technology)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MTK Usb All 1.0.8 (HKLM-x32\...\MTK Usb All 1.0.8) (Version: 1.0.8 - MTK 2000)
Multi VirAnalyzer (HKLM\...\{B47E4300-6DDB-4D3B-A7E4-A44C3DCAEF7C}) (Version: 3.10.6.1 - InstruStar Electronic)
Navitel Navigator update center (HKLM-x32\...\Navitel Navigator update center) (Version: 2.2.0.290 - Center of Navigation Technologies)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.10900.8.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10400.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.4.10300.1.100 - Nero AG)
Nero Kwik Media (HKLM-x32\...\{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}) (Version: 1.6.15100.59.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{2063D199-D79F-471A-9019-9E647296394D}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NVIDIA 3D Vision Driver 268.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.57 - NVIDIA Corporation)
NVIDIA Graphics Driver 268.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.57 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Oracle VM VirtualBox 5.1.18 (HKLM\...\{833806DB-0F3D-466E-8353-07283FFBC957}) (Version: 5.1.18 - Oracle Corporation)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
PL2303 Code 10 Fix version 1.82 (HKLM\...\PL2303 Code 10 Fix_is1) (Version: 1.82 - Microsoft)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
PL2303G USB-to-Serial (HKLM-x32\...\{ED7E0E1C-A8EB-4BCA-8A21-CE6BC8DB3BC9}) (Version: 1.3.0 - Prolific Technology INC)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Prusa3D verze 2.2.6 (HKLM\...\Prusa3D_is1) (Version: 2.2.6 - Prusa Research s.r.o.)
PrusaSlicer verze 2.00.0 (HKLM\...\PrusaSlicer_is1) (Version: 2.00.0 - Prusa Research s.r.o.)
PulseView (HKLM-x32\...\PulseView) (Version: 0.4.1 - sigrok)
QPST 2.7 (HKLM-x32\...\{B3305241-A2F4-4625-A3ED-45CF5E905A7A}) (Version: 2.7.460 - Qualcomm Technologies, Inc.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.15 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
RSDLite (HKLM-x32\...\{494CAE58-BBC3-4782-B59F-02F163E4A32B}) (Version: 6.2.4 - Motorola)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Service Pack 1 for SQL Server 2014 (KB3058865) (64-bit) (HKLM\...\KB3058865) (Version: 12.1.4100.1 - Microsoft Corporation)
sigrok-cli 0.7.1 (HKLM-x32\...\sigrok-cli) (Version: 0.7.1 - sigrok)
SOLIDWORKS 2016 x64 Czech Resources (HKLM\...\{BD37B53B-592C-41B4-BECA-D156E3D0B058}) (Version: 24.130.57 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP03 (HKLM\...\{768F3B65-1695-47B7-9002-B11400CB111D}) (Version: 24.130.57 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP03 (HKLM-x32\...\SolidWorks Installation Manager 20160-40300-1100-100) (Version: 24.3.0.57 - SolidWorks Corporation)
SOLIDWORKS Composer 2016 SP03 x64 Edition (HKLM\...\{36CE77E6-4DB3-48C0-91E8-0F4AA3721597}) (Version: 24.30.57 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2016 x64 Edition SP03 (HKLM\...\{2756FC75-4B21-4BE5-A138-0066C8C99C5F}) (Version: 16.3.0030 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Electrical 2016 SP03 x64 Edition (HKLM\...\{064914EF-A0D8-447D-8E5C-E888CA8FD467}) (Version: 24.30.57 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2016 SP03 x64 Edition (HKLM\...\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}) (Version: 24.30.57 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Flow Simulation 2016 SP03 x64 Edition (HKLM\...\{0B7C2320-1D2F-42F1-9941-C88C6B7AB0D5}) (Version: 24.30.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Inspection 2016 SP03 x64 Edition (HKLM\...\{EAE4694D-8E6E-4BEB-BD29-E9572717BA6E}) (Version: 24.30.57 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Plastics 2016 SP03 x64 Edition (HKLM\...\{DF6A3557-CE70-4357-81CF-E33CCB5E750D}) (Version: 24.30.57 - Dassault Systemes SolidWorks Corp) Hidden
SQL Server 2014 Common Files (HKLM\...\{BD1CD96B-FE4B-4EAE-83D4-6EF55AB5779C}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{5082A9F3-AEE5-4639-9BA7-C19661BA7331}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{D1B847A9-B06B-4264-9EF0-78E6E1571E65}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2014 (HKLM-x32\...\{3204DE95-97D2-4261-A286-98A262E171D4}) (Version: 12.1.4100.1 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.1.4100.1 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Toolkit Documentation (HKLM-x32\...\{2610C547-A3EC-2F50-41CB-6A509C16AAE5}) (Version: 10.1.17763.1 - Microsoft) Hidden
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.25.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.0.2.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}) (Version: 1.0.3 - TOSHIBA CORPORATION)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
User State Migration Tool (HKLM-x32\...\{F5044029-8613-6685-8CE1-6D401324614E}) (Version: 10.1.17763.1 - Microsoft) Hidden
VirtualDJ 2018 (HKLM-x32\...\{EE3F98E9-05AB-400A-B271-975B3E630884}) (Version: 8.3.4459.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{3dec9467-d9ad-42df-8e84-888057bac8f1}) (Version: 10.1.17763.1 - Microsoft Corporation)
Windows Device Recovery Tool 3.12.24302 (HKLM-x32\...\{d4bcfd3c-d535-406b-ae50-9cb33686933e}) (Version: 3.12.24302 - Microsoft)
Windows Driver Package - Saleae LLC (WinUSB) USB (08/20/2013 6.0.6000.16388) (HKLM\...\BD9EADEC31DCD1E266A1735E4DC87B51EA97A9D6) (Version: 08/20/2013 6.0.6000.16388 - Saleae LLC)
Windows Driver Package - YiXingDianZi (WinUSB) USB (07/14/2009 6.1.7600.16385) (HKLM\...\04D37383BDAEDE986D08747223F1CE8D1EEB0C15) (Version: 07/14/2009 6.1.7600.16385 - YiXingDianZi)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA CORPORATION -> TOSHIBA)
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2010-07-30] (TOSHIBA CORPORATION -> TOSHIBA)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2010-07-30] (TOSHIBA CORPORATION -> TOSHIBA)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2011-05-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2016-06-07 23:10 - 2016-06-07 23:10 - 000125440 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000118272 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000166400 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000205824 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-06-07 23:10 - 2016-06-07 23:10 - 000117248 _____ () [File not signed] \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-07-05 15:57 - 2013-07-24 08:24 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-04-07 15:31 - 2014-04-07 15:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2016-03-11 21:31 - 2016-03-11 21:31 - 000057344 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2016-03-24 17:23 - 2010-12-20 17:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2016-03-24 17:38 - 2010-12-20 19:20 - 000443040 _____ (Atheros Communications Inc. -> Atheros) [File not signed] C:\windows\system32\athihvs.dll
2016-03-24 17:23 - 2010-12-20 17:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2019-02-15 13:24 - 2019-02-15 13:24 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2019-02-15 13:23 - 2019-02-15 13:23 - 000548864 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCP80.dll
2019-02-15 13:23 - 2019-02-15 13:23 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCR80.dll
2019-02-15 13:23 - 2019-02-15 13:23 - 001105920 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6229_none_cbee8c4a4710d003\MFC80.DLL
2016-04-04 07:53 - 2016-04-04 07:53 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2019-04-08 09:42 - 2019-04-08 09:42 - 001260544 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\CNT\Navitel Navigator update center\LIBEAY32.dll
2019-04-08 09:42 - 2019-04-08 09:42 - 000295936 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\CNT\Navitel Navigator update center\ssleay32.dll
2016-06-10 08:30 - 2016-06-10 08:30 - 000039424 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\CNT\Navitel Navigator update center\bearer\qgenericbearer.dll
2016-06-10 08:30 - 2016-06-10 08:30 - 000041984 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\CNT\Navitel Navigator update center\bearer\qnativewifibearer.dll
2019-04-12 09:33 - 2019-04-12 09:33 - 004626432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\CNT\Navitel Navigator update center\Qt5Core.dll
2016-06-10 08:17 - 2016-06-10 08:17 - 000847872 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\CNT\Navitel Navigator update center\Qt5Network.dll
2016-06-09 12:40 - 2016-06-09 12:40 - 000197120 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BaseUI.dll
2016-11-16 14:58 - 2016-11-16 14:58 - 000250368 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2016-07-05 15:57 - 2013-07-25 16:46 - 000708096 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\110\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\120\DTS\Binn\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Beli\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 10.0.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: wuauserv => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{41FF29C1-69BF-4589-B38E-047FE7C3321D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{29D2C523-7FE0-4AC0-B0BA-397928FF799E}] => (Allow) LPort=2869
FirewallRules: [{2A3C49E0-46E3-4C02-A1A9-EF552C930452}] => (Allow) LPort=1900
FirewallRules: [{CB775C8D-B98A-4E57-910D-19D2EB056633}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{728652DB-75D1-4B21-97C4-0A2FBEC19726}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4A2A4DE-185B-4B59-BB24-E669EE9A969E}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe (simplitec GmbH -> simplitec GmbH)
FirewallRules: [{F2797E3F-6D05-49FA-B7B5-C25D6F044D00}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe (simplitec GmbH -> simplitec GmbH)
FirewallRules: [TCP Query User{4CE6F3EC-7DFF-4FC8-B5D2-E133DD3E51D8}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe No File
FirewallRules: [UDP Query User{20F8D02F-2DF4-4159-9D52-F6D2FCEDE786}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe No File
FirewallRules: [TCP Query User{DC0F8CC1-8B2A-43AA-BC83-EBCB6457E341}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{04E10652-64A9-4A12-AFF6-F55C33F685EB}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5BC1891D-6E80-4ABB-9026-93EE27DABE86}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{DB8397A2-2313-4DDF-AAFF-F0146AEBEDE5}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{D49B04AA-3082-4ED1-B57A-6999E5225B69}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{822A4699-C36B-4E15-8580-D4CD43871E50}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Block) C:\program files (x86)\arduino\java\bin\javaw.exe
FirewallRules: [{24671E12-E5A6-4932-86E1-84587B86A442}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{467759FB-A82F-4A85-9B11-67E9BF00EF74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{365B3BF9-944F-4FBB-977A-A59E1C67E180}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0BCF871A-87CA-44A2-A016-C8E6BF0B8B25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2BB82F03-9C21-4291-8044-8CBDC73C5A7C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B35C92E3-0EC9-4422-BD74-B2899AD60B98}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{FC4AAABC-0B5F-484B-9DF7-ECB2EDD2040C}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [TCP Query User{6B42B11A-290D-490E-B5D8-CD89BA9562E8}C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe] => (Allow) C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe (Trace Software International -> Trace Software International)
FirewallRules: [UDP Query User{87329B9E-4E2D-458A-9428-FA9DF627D39C}C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe] => (Allow) C:\program files\solidworks corp\solidworks electrical\bin\solidworkselectrical.exe (Trace Software International -> Trace Software International)
FirewallRules: [TCP Query User{19B34240-5419-46CF-B188-8196BBD03C20}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe No File
FirewallRules: [UDP Query User{2D60FA25-A5BA-433F-8807-9D77C4E01A98}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe No File
FirewallRules: [TCP Query User{440857C3-2585-4DF1-A88D-E1DC5AB7651E}C:\program files\ultimaker cura 4.0\cura.exe] => (Allow) C:\program files\ultimaker cura 4.0\cura.exe No File
FirewallRules: [UDP Query User{3BCF9E75-01FC-43FF-B72C-F3963A575511}C:\program files\ultimaker cura 4.0\cura.exe] => (Allow) C:\program files\ultimaker cura 4.0\cura.exe No File
FirewallRules: [TCP Query User{4D26A408-6C79-4A0F-9C5A-44DEB90FB28A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C59550CF-8B9A-422C-A5EB-FCD187B22DC8}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{309C1D60-1AB2-4A74-A299-884960B1475C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

14-03-2020 22:20:54 AdwCleaner_BeforeCleaning_14/03/2020_22:20:53

==================== Faulty Device Manager Devices ============

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/15/2020 09:08:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7223

Error: (03/15/2020 09:08:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7223

Error: (03/15/2020 09:08:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/15/2020 09:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6193

Error: (03/15/2020 09:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6193

Error: (03/15/2020 09:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/15/2020 09:08:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5179

Error: (03/15/2020 09:08:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5179


System errors:
=============
Error: (03/14/2020 10:29:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ConfigFree Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/14/2020 10:26:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba TOSHIBA Power Saver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/14/2020 10:24:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Instalační služba modulů systému Windows byla ukončena s následující chybou:
%%16405

Error: (03/14/2020 10:24:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (03/14/2020 10:24:21 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (03/14/2020 10:24:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\system32\athihvs.dll

Error: (03/14/2020 10:22:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Motorola Device Manager Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/14/2020 10:22:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ConfigFree WiMAX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2016-12-06 06:48:29.208
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{541D4059-F10F-405A-BB93-1626CB44E88B}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-08-29 06:56:59.984
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D1810ECF-5329-4079-9DB7-46C8CB7184BC}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

==================== Memory info ===========================

BIOS: INSYDE 3.00 12/30/2011
Motherboard: Intel Corp. Base Board Product Name
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 93%
Total physical RAM: 4077.86 MB
Available physical RAM: 263.25 MB
Total Virtual: 8153.9 MB
Available Virtual: 3625.3 MB

==================== Drives ================================

Drive c: (R16662EA001) (Fixed) (Total:120 GB) (Free:8.92 GB) NTFS
Drive d: (Data) (Fixed) (Total:352.56 GB) (Free:2.87 GB) NTFS

\\?\Volume{1e1d3d45-f1dc-11e5-86ea-806e6f6e6963}\ (System) (Fixed) (Total:1.46 GB) (Free:1.22 GB) NTFS
\\?\Volume{8c1ff3da-3105-11e9-812c-047d7b7393a4}\ () (CDROM) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: F4EE8D74)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=120 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=380.5 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=94.2 GB) - (Type=17)

==================== End of Addition.txt =======================
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
File: C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe

HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {109ad7da-3fc0-11e6-9735-047d7b7393a4} - F:\HPLauncher.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {1a7e6255-bfff-11e8-8056-047d7b7393a4} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {1f81bc97-d83a-11e7-ac5d-bc166eb16a2b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {2ae2a984-fe34-11e5-9af3-047d7b7393a4} - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {3b2028a3-4752-11e6-9864-047d7b7393a4} - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {59bbfae6-5cde-11e7-9183-aac090acc53d} - F:\MotoCastSetup.exe -a
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {966f76b5-6954-11e8-9be4-f6c39d17fc7d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {9d4085bc-a839-11e6-a50c-047d7b7393a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-31x75494132-1000\...\MountPoints2: {a6ceb66c-144c-11ea-bdba-fd1ba08b6963} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {b3626df2-bb79-11e6-8cea-047d7b7393a4} - F:\HiSuiteDownLoader.exe
GroupPolicy: Restriction ? <==== ATTENTION
Task: {281A4892-5FE7-4341-959A-5003CB09D75C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {281A4892-5FE7-4341-959A-5003CB09D75C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328  [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {305D0450-C484-463E-AC5C-DA96659E6B5D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {305D0450-C484-463E-AC5C-DA96659E6B5D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328  [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [355328  [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {71B0412B-36FF-4B12-A294-C1C81D6A7874} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {71B0412B-36FF-4B12-A294-C1C81D6A7874} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328  [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
SearchScopes: HKU\S-1-5-21-879514104-3121079894-3175494132-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-879514104-3121079894-3175494132-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 cfWiMAXService; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" [X]
S2 ConfigFree Service; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" [X]
S3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X]
S2 TosCoSrv; "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" [X]
S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X]
2020-03-11 17:31 - 2017-12-02 10:13 - 000000000 ____D C:\Program Files\trend micro
2017-12-04 18:40 - 2017-12-04 18:41 - 000000000 _____ () C:\Users\Beli\AppData\Local\{31D8CA80-453F-4B35-8E8F-EB22433E2E19}
2017-12-04 18:40 - 2017-12-04 18:41 - 000000000 _____ () C:\Users\Beli\AppData\Local\{99D490F6-97AA-4BE6-8C78-D3E3054C97E9}
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
FirewallRules: [TCP Query User{4CE6F3EC-7DFF-4FC8-B5D2-E133DD3E51D8}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe No File
FirewallRules: [UDP Query User{20F8D02F-2DF4-4159-9D52-F6D2FCEDE786}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe No File
FirewallRules: [TCP Query User{19B34240-5419-46CF-B188-8196BBD03C20}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe No File
FirewallRules: [UDP Query User{2D60FA25-A5BA-433F-8807-9D77C4E01A98}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe No File
FirewallRules: [TCP Query User{440857C3-2585-4DF1-A88D-E1DC5AB7651E}C:\program files\ultimaker cura 4.0\cura.exe] => (Allow) C:\program files\ultimaker cura 4.0\cura.exe No File
FirewallRules: [UDP Query User{3BCF9E75-01FC-43FF-B72C-F3963A575511}C:\program files\ultimaker cura 4.0\cura.exe] => (Allow) C:\program files\ultimaker cura 4.0\cura.exe No File

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Beli33
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 23 lis 2015 13:56

Re: Preventivní kontrola

#7 Příspěvek od Beli33 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by Beli (16-03-2020 21:35:09) Run:1
Running from C:\Users\Beli\Desktop\Odvirování
Loaded Profiles: Beli (Available Profiles: Beli)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
File: C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe

HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {109ad7da-3fc0-11e6-9735-047d7b7393a4} - F:\HPLauncher.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {1a7e6255-bfff-11e8-8056-047d7b7393a4} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {1f81bc97-d83a-11e7-ac5d-bc166eb16a2b} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {2ae2a984-fe34-11e5-9af3-047d7b7393a4} - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {3b2028a3-4752-11e6-9864-047d7b7393a4} - F:\AutoRun.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {59bbfae6-5cde-11e7-9183-aac090acc53d} - F:\MotoCastSetup.exe -a
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {966f76b5-6954-11e8-9be4-f6c39d17fc7d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {9d4085bc-a839-11e6-a50c-047d7b7393a4} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-31x75494132-1000\...\MountPoints2: {a6ceb66c-144c-11ea-bdba-fd1ba08b6963} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\...\MountPoints2: {b3626df2-bb79-11e6-8cea-047d7b7393a4} - F:\HiSuiteDownLoader.exe
GroupPolicy: Restriction ? <==== ATTENTION
Task: {281A4892-5FE7-4341-959A-5003CB09D75C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {281A4892-5FE7-4341-959A-5003CB09D75C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {305D0450-C484-463E-AC5C-DA96659E6B5D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {305D0450-C484-463E-AC5C-DA96659E6B5D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {356F065A-8CF4-4EF4-8645-21BB94861004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {71B0412B-36FF-4B12-A294-C1C81D6A7874} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {71B0412B-36FF-4B12-A294-C1C81D6A7874} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\windows\system32\GWX\GWXDetector.exe [355328 [355328 2016-03-20]] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
SearchScopes: HKU\S-1-5-21-879514104-3121079894-3175494132-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-879514104-3121079894-3175494132-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 cfWiMAXService; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" [X]
S2 ConfigFree Service; "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" [X]
S3 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X]
S2 TosCoSrv; "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" [X]
S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X]
2020-03-11 17:31 - 2017-12-02 10:13 - 000000000 ____D C:\Program Files\trend micro
2017-12-04 18:40 - 2017-12-04 18:41 - 000000000 _____ () C:\Users\Beli\AppData\Local\{31D8CA80-453F-4B35-8E8F-EB22433E2E19}
2017-12-04 18:40 - 2017-12-04 18:41 - 000000000 _____ () C:\Users\Beli\AppData\Local\{99D490F6-97AA-4BE6-8C78-D3E3054C97E9}
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Beli\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll => No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [TCP Query User{4CE6F3EC-7DFF-4FC8-B5D2-E133DD3E51D8}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe No File
FirewallRules: [UDP Query User{20F8D02F-2DF4-4159-9D52-F6D2FCEDE786}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe] => (Allow) C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe No File
FirewallRules: [TCP Query User{19B34240-5419-46CF-B188-8196BBD03C20}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe No File
FirewallRules: [UDP Query User{2D60FA25-A5BA-433F-8807-9D77C4E01A98}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe No File
FirewallRules: [TCP Query User{440857C3-2585-4DF1-A88D-E1DC5AB7651E}C:\program files\ultimaker cura 4.0\cura.exe] => (Allow) C:\program files\ultimaker cura 4.0\cura.exe No File
FirewallRules: [UDP Query User{3BCF9E75-01FC-43FF-B72C-F3963A575511}C:\program files\ultimaker cura 4.0\cura.exe] => (Allow) C:\program files\ultimaker cura 4.0\cura.exe No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 4363
Average :
Sum : 17727930284
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe ========================

C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
File is digitally signed
MD5: 46F53187745E0CA96E74F184D7375059
Creation and modification date: 2016-03-25 18:28 - 2015-10-23 13:59
Size: 000911648
Attributes: ----A
Company Name: simplitec GmbH -> simplitec GmbH
Internal Name: ServiceProvider
Original Name: ServiceProvider.exe
Product: simplitec Power Suite
Description: simplitec Power Suite Tray (Service Provider)
File Version: 2.3.2.902
Product Version: 2.3.2.902
Copyright: (c) simplitec GmbH. All rights reserved.
VirusTotal: https://www.virustotal.com/file/bed8638 ... 527426327/

====== End of File: ======


========================= File: C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe ========================

C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
File is digitally signed
MD5: 6CB3AB97D0F0B1166EDB7D6FCE6F3979
Creation and modification date: 2016-03-25 18:28 - 2015-10-23 13:59
Size: 001105696
Attributes: ----A
Company Name: simplitec GmbH -> simplitec GmbH
Internal Name: PowerSuite.exe
Original Name: PowerSuite.exe
Product: simplitec Power Suite
Description: Power Suite Starter
File Version: 2.3.2.902
Product Version: 2.3.2.902
Copyright: (c) Simplitec GmbH. All rights reserved.
VirusTotal: https://www.virustotal.com/file/f73a84e ... 518912555/

====== End of File: ======

"HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{109ad7da-3fc0-11e6-9735-047d7b7393a4} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a7e6255-bfff-11e8-8056-047d7b7393a4} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f81bc97-d83a-11e7-ac5d-bc166eb16a2b} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ae2a984-fe34-11e5-9af3-047d7b7393a4} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b2028a3-4752-11e6-9864-047d7b7393a4} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59bbfae6-5cde-11e7-9183-aac090acc53d} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{966f76b5-6954-11e8-9be4-f6c39d17fc7d} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d4085bc-a839-11e6-a50c-047d7b7393a4} => removed successfully
"HKU\S-1-5-21-879514104-3121079894-31x75494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6ceb66c-144c-11ea-bdba-fd1ba08b6963}" => not found
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b3626df2-bb79-11e6-8cea-047d7b7393a4} => removed successfully
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{281A4892-5FE7-4341-959A-5003CB09D75C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{281A4892-5FE7-4341-959A-5003CB09D75C}" => removed successfully
C:\windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{281A4892-5FE7-4341-959A-5003CB09D75C}" => not found
"C:\windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{305D0450-C484-463E-AC5C-DA96659E6B5D}" => not found
C:\windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{305D0450-C484-463E-AC5C-DA96659E6B5D}" => not found
"C:\windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{356F065A-8CF4-4EF4-8645-21BB94861004}" => not found
C:\windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{356F065A-8CF4-4EF4-8645-21BB94861004}" => not found
"C:\windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{356F065A-8CF4-4EF4-8645-21BB94861004}" => not found
"C:\windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71B0412B-36FF-4B12-A294-C1C81D6A7874}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71B0412B-36FF-4B12-A294-C1C81D6A7874}" => removed successfully
C:\windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71B0412B-36FF-4B12-A294-C1C81D6A7874}" => not found
"C:\windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\cfWiMAXService => removed successfully
cfWiMAXService => service removed successfully
HKLM\System\CurrentControlSet\Services\ConfigFree Service => removed successfully
ConfigFree Service => service removed successfully
HKLM\System\CurrentControlSet\Services\TemproMonitoringService => removed successfully
TemproMonitoringService => service removed successfully
HKLM\System\CurrentControlSet\Services\TosCoSrv => removed successfully
TosCoSrv => service removed successfully
HKLM\System\CurrentControlSet\Services\TPCHSrv => removed successfully
TPCHSrv => service removed successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Beli\AppData\Local\{31D8CA80-453F-4B35-8E8F-EB22433E2E19} => moved successfully
C:\Users\Beli\AppData\Local\{99D490F6-97AA-4BE6-8C78-D3E3054C97E9} => moved successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-879514104-3121079894-3175494132-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4CE6F3EC-7DFF-4FC8-B5D2-E133DD3E51D8}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{20F8D02F-2DF4-4159-9D52-F6D2FCEDE786}C:\program files (x86)\wondershare\mobilego for android\mobilegoservice.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{19B34240-5419-46CF-B188-8196BBD03C20}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2D60FA25-A5BA-433F-8807-9D77C4E01A98}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{440857C3-2585-4DF1-A88D-E1DC5AB7651E}C:\program files\ultimaker cura 4.0\cura.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3BCF9E75-01FC-43FF-B72C-F3963A575511}C:\program files\ultimaker cura 4.0\cura.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10498760 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 13492127 B
Edge => 0 B
Chrome => 345064364 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 66804 B
LocalService => 66804 B
NetworkService => 15951518 B
Beli => 171793232 B

RecycleBin => 0 B
EmptyTemp: => 539.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:38:58 ====
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#8 Příspěvek od Conder »

:arrow: Plocha ma cca 16 GB, co je vela. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Ako to vyzera s PC? Su nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Beli33
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 23 lis 2015 13:56

Re: Preventivní kontrola

#9 Příspěvek od Beli33 »

Děkuji moc vypadá to mnohem lépe. Plochu pročistím:)
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivní kontrola

#10 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“