VIRY.CZ

Logfile of random's system information tool 1.14 (written by random/random)
Run by Adélka at 2017-09-23 18:01:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 5 GB (5%) free of 100 GB
Total RAM: 3997 MB (25% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:16, on 23.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18763)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files\trend micro\Adélka_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Toshiba Places Icon Utility.lnk = ?
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Users\Adélka\Desktop\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do aplikace TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\system32\irstrtsv.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15362 bytes

======Enumerating Processes======

C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe"
C:\windows\system32\WLANExt.exe 27107472
\??\C:\windows\system32\conhost.exe "1358711692-163961387816391066531684281959-97248970218098185061420293808-2085417320
C:\windows\system32\taskeng.exe
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\windows\system32\DbxSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
C:\windows\SysWOW64\svchost.exe -k MbnExt
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
"C:\Windows\System32\StikyNot.exe"
"C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F4200 series#1365431079" -Startup
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe" W
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\windows\system32\wuauclt.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly /fmw.clear_cache
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Adélka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.79 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fed7d31960,0x7fed7d31978,0x7fed7d31930
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6276 --on-initialized-event-handle=320 --parent-handle=324 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1188,1274478286234786101,6941764017902327562,131072 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,19,20,22,23,24,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2509 --gpu-driver-date=8-31-2011 --gpu-secondary-vendor-ids=0x0000 --gpu-secondary-device-ids=0x0000 --service-request-channel-token=6ED7730E384C3A4A210DCF18E7D29459 --mojo-platform-channel-handle=1200 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,1274478286234786101,6941764017902327562,131072 --service-pipe-token=70F928FBB0D4D943CB2DBCB334F9FBC8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=70F928FBB0D4D943CB2DBCB334F9FBC8 --renderer-client-id=4 --mojo-platform-channel-handle=2540 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,1274478286234786101,6941764017902327562,131072 --service-pipe-token=297EF9F897A38128435E5D6DDA69A33C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=297EF9F897A38128435E5D6DDA69A33C --renderer-client-id=9 --mojo-platform-channel-handle=5196 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,1274478286234786101,6941764017902327562,131072 --service-pipe-token=687274D0227472959F7CA7678C9F2198 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=687274D0227472959F7CA7678C9F2198 --renderer-client-id=18 --mojo-platform-channel-handle=1932 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1188,1274478286234786101,6941764017902327562,131072 --service-pipe-token=7CFFC85A967DA1C59A09124611CC3848 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=7CFFC85A967DA1C59A09124611CC3848 --renderer-client-id=21 --mojo-platform-channel-handle=3864 /prefetch:1
"C:\Program Files (x86)\AVG\Antivirus\setup\instup.exe" /instop:update_vps
"C:\Users\Adélka\Desktop\RSITx64.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532

======Scheduled tasks folder======

C:\windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\Adobe Reader and Acrobat Manager - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Antivirus Emergency Update - C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
C:\windows\system32\tasks\AVG EUpdate Task - avgsetupx.exe /eu
C:\windows\system32\tasks\AVGPCTuneUp_Task_BkGndMaintenance - C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0)
C:\windows\system32\tasks\ConfigFree Startup Programs - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1030080332-3517363701-2615270606-1000Core - C:\Users\Adélka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1030080332-3517363701-2615270606-1000UA - C:\Users\Adélka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\Online aktualizační program HP - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
C:\windows\system32\tasks\{2A5405D9-A94D-4FE9-985E-DBC252164F65} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.8.73.102.456 ... rogressBar
C:\windows\system32\tasks\{3641FDC0-94B2-4C63-B98B-46BB2718F262} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.8.73.102.456 ... rogressBar
C:\windows\system32\tasks\{58CAF700-73B0-417A-BCBE-9BD4D43E1E9D} - C:\windows\system32\pcalua.exe -a C:\Users\Adélka\Downloads\BitZipper2013TrialSetupEn.exe -d C:\Users\Adélka\Downloads -c "C:\Users\Adélka\Downloads\Psani-vsemi-deseti.rar"
C:\windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1030080332-3517363701-2615270606-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\windows\System32\lpksetup.exe -v
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload

=========Mozilla firefox=========

ProfilePath - C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=25756"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cdisys.com/SafeView]
"Description"=
"Path"=C:\Program Files (x86)\SafeView\npsfvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\searchplugins\
seznam-avast.xml

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\addons.json

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\features\{c831f9cc-f3f8-4a0d-8dc1-617924032c70}\shield-recipe-client@mozilla.org.xpi

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\pluginreg.dat

=========Google Chrome=========

C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.6
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.15.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype 10.2.0.9900
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6117.717.0.4
Homepage:
default_search_provider.search_url:
C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={01A6D3AD-6A00-4F80-A011-F210AC8BE029}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01A6D3AD-6A00-4F80-A011-F210AC8BE029}]
"URL"=http://www.google.com/search?sourceid=i ... lz=1I7TEUA;


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={01A6D3AD-6A00-4F80-A011-F210AC8BE029}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{01A6D3AD-6A00-4F80-A011-F210AC8BE029}]
"URL"=http://www.google.com/search?sourceid=i ... lz=1I7TEUA;

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-09 210112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-07-09 755912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19 3131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12 700800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20 149704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-07-09 457416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19 2106048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12 534400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-09-09 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-09-09 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-09-09 416024]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-09-10 12856936]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-17 2277480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-04 2679592]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-09-23 590256]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2011-08-03 981888]
"BatteryManager"=C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [2011-09-23 285608]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2011-08-23 1544624]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2011-08-11 712096]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2011-06-10 710560]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2011-06-28 598448]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2011-06-28 38824]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-09-14 239592]
"AVGUI.exe"=C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2017-05-22 263232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-05-16 846936]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2013-10-15 2148120]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-07-28 27815896]
"Spotify Web Helper"=C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-09-07 777840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-10-19 150992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-06-01 506712]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TOSDCR"=C:\Program Files\TOSHIBA\PasswordUtility\TOSDCR.exe []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-12 1298816]
"TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-06-05 252792]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
""= []
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-09-14 239592]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe

C:\Users\Adélka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.91\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======


======List of files/folders modified in the last 1 month======

2017-09-23 18:01:14 ----DC---- C:\Program Files\trend micro
2017-09-23 18:00:39 ----D---- C:\windows\Temp
2017-09-23 17:50:01 ----D---- C:\windows\inf
2017-09-23 17:50:01 ----AD---- C:\windows\System32
2017-09-23 17:50:01 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-09-23 17:46:01 ----D---- C:\Users\Adélka\AppData\Roaming\Skype
2017-09-21 15:58:44 ----SHD---- C:\windows\Installer
2017-09-21 15:57:05 ----A---- C:\windows\SYSWOW64\log.txt
2017-09-21 15:55:16 ----D---- C:\windows\SysWOW64
2017-09-21 15:55:12 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2017-09-21 15:55:01 ----D---- C:\windows\system32\Macromed
2017-09-21 15:54:57 ----D---- C:\windows\SYSWOW64\Macromed
2017-09-21 15:54:32 ----D---- C:\windows\winsxs
2017-09-17 12:35:46 ----D---- C:\windows\system32\config
2017-09-08 20:32:15 ----D---- C:\windows\system32\NDF
2017-09-08 18:35:50 ----AD---- C:\Windows
2017-09-08 18:26:25 ----D---- C:\found.000
2017-09-08 11:47:44 ----D---- C:\Users\Adélka\AppData\Roaming\Spotify
2017-09-06 09:21:02 ----HD---- C:\ProgramData
2017-09-03 09:54:48 ----D---- C:\Users\Adélka\AppData\Roaming\vlc
2017-08-30 10:03:44 ----D---- C:\ProgramData\Skype

File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\windows\system32\drivers\avgbidsha.sys [2017-05-22 192584]
R0 avgblog;avgblog; C:\windows\system32\drivers\avgbloga.sys [2017-05-22 336896]
R0 avgbuniv;avgbuniv; C:\windows\system32\drivers\avgbuniva.sys [2017-05-22 51336]
R0 avgRvrt;avgRvrt; C:\windows\system32\drivers\avgRvrt.sys [2017-05-22 76832]
R0 avgVmm;avgVmm; C:\windows\system32\drivers\avgVmm.sys [2017-05-22 340824]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-25 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R1 avgbdisk;avgbdisk; C:\windows\system32\drivers\avgbdiska.sys [2017-05-22 166624]
R1 avgbidsdriver;avgbidsdriver; C:\windows\system32\drivers\avgbidsdrivera.sys [2017-05-22 314128]
R1 avgRdr;avgRdr; C:\windows\system32\drivers\avgRdr2.sys [2017-05-22 102280]
R1 avgSnx;avgSnx; C:\windows\system32\drivers\avgSnx.sys [2017-05-22 1008288]
R1 avgSP;avgSP; C:\windows\system32\drivers\avgSP.sys [2017-05-22 570320]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgMonFlt;avgMonFlt; C:\windows\system32\drivers\avgMonFlt.sys [2017-05-22 129776]
R2 avgStm;avgStm; C:\windows\system32\drivers\avgStm.sys [2017-05-22 160008]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 47632]
R2 risdxc;risdxc; C:\windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-12-18 2675712]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\windows\system32\DRIVERS\btfilter.sys [2011-08-09 45168]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2011-08-23 342704]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 86016]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-08-31 12306848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-09-14 3076456]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2012-11-09 57376]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
R3 RDPDISPM;RDPDISPM; C:\windows\system32\DRIVERS\rdpdispm.sys [2010-08-31 10752]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-02-04 1413680]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2011-08-30 286080]
R3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2011-07-13 19904]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2011-01-28 67384]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 avgHwid;avgHwid; C:\windows\system32\drivers\avgHwid.sys [2017-05-22 39424]
S3 dbx;dbx; C:\windows\system32\DRIVERS\dbx.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 13824]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-02-25 98816]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-01-30 28672]
S3 huawei_wwanecm;huawei_wwanecm; C:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-01-30 212992]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-31 27784]
S3 TPM;Čip TPM; C:\windows\system32\drivers\tpm.sys [2016-02-05 147904]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2017-05-22 264432]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2017-09-14 1428656]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2011-06-07 250296]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-07-18 4412104]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2011-06-07 47032]
R2 DbxSvc;DbxSvc; C:\windows\system32\DbxSvc.exe [2016-09-12 42792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; %SystemRoot%\system32\svchost.exe -k hpdevmgmt;"ServiceDll"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\syswow64\irstrtsv.exe [2011-07-07 184320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-07-22 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-07-02 327664]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-29 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2011-11-09 583088]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-08-23 294848]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-07-02 2595824]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2017-05-22 7396872]
R3 hpqcxs08;hpqcxs08; %SystemRoot%\system32\svchost.exe -k hpdevmgmt;"ServiceDll"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2015-12-09 55144]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-02 198064]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-08-11 833464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21 107848]
S2 Net Driver HPZ12;Net Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\system32\HPZinw12.dll
S2 Pml Driver HPZ12;Pml Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\system32\HPZipm12.dll
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-06-01 317400]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-21 272384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21 107848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-08 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2017-07-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-26 173512]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-07-18 213704]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-12-27 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-09-30 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.2.1 - Logfile created on Sat Sep 23 20:01:02 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{68AD96A1-2A28-4841-ABD0-F5AA45F008C9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [15027 B] - [2017/1/30 21:23:11]
C:/AdwCleaner/AdwCleaner[C2].txt - [1446 B] - [2017/2/2 11:55:58]
C:/AdwCleaner/AdwCleaner[C3].txt - [1920 B] - [2017/6/25 19:41:30]
C:/AdwCleaner/AdwCleaner[S0].txt - [14258 B] - [2017/1/30 21:20:58]
C:/AdwCleaner/AdwCleaner[S1].txt - [1722 B] - [2017/2/2 11:55:7]
C:/AdwCleaner/AdwCleaner[S2].txt - [2138 B] - [2017/6/25 17:32:2]
C:/AdwCleaner/AdwCleaner[S3].txt - [1524 B] - [2017/9/23 19:58:26]


########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.14 (written by random/random)
Run by Adélka at 2017-09-24 13:28:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 6 GB (6%) free of 100 GB
Total RAM: 3997 MB (27% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:09, on 24.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18763)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\trend micro\Adélka_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Toshiba Places Icon Utility.lnk = ?
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Users\Adélka\Desktop\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do aplikace TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\system32\irstrtsv.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15362 bytes

======Enumerating Processes======

C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe"
C:\windows\system32\WLANExt.exe 24302544
\??\C:\windows\system32\conhost.exe "1942356067-383759508-2145519767-1714411456-1771580527-102406003-16636221451942947509
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\windows\system32\DbxSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
C:\windows\SysWOW64\svchost.exe -k MbnExt
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
"C:\Windows\System32\StikyNot.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
"C:\windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C3].txt
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F4200 series#1365431079" -Startup
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe" W
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Adélka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.91 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fed73c1978,0x7fed73c1938,0x7fed73c1948
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7940 --on-initialized-event-handle=320 --parent-handle=324 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1196,16191258747841048909,11324183811844123471,131072 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,19,20,22,23,24,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2509 --gpu-driver-date=8-31-2011 --gpu-secondary-vendor-ids=0x0000 --gpu-secondary-device-ids=0x0000 --service-request-channel-token=B49E35ED2DC067791EE23B7D722760B5 --mojo-platform-channel-handle=1220 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,16191258747841048909,11324183811844123471,131072 --service-pipe-token=D53C956B2A961564053FB7BD3BD02E66 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=D53C956B2A961564053FB7BD3BD02E66 --renderer-client-id=4 --mojo-platform-channel-handle=2428 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,16191258747841048909,11324183811844123471,131072 --service-pipe-token=F2372539E209E6AE64A14E2C2FA5D827 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=F2372539E209E6AE64A14E2C2FA5D827 --renderer-client-id=9 --mojo-platform-channel-handle=4716 /prefetch:1
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,16191258747841048909,11324183811844123471,131072 --service-pipe-token=516E3D73085AD7EC14EA0D801C4FF133 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=516E3D73085AD7EC14EA0D801C4FF133 --renderer-client-id=26 --mojo-platform-channel-handle=3536 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,16191258747841048909,11324183811844123471,131072 --service-pipe-token=A7D4FF377BAC3F3C3DDE29E5F6728145 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=A7D4FF377BAC3F3C3DDE29E5F6728145 --renderer-client-id=33 --mojo-platform-channel-handle=3912 /prefetch:1
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,16191258747841048909,11324183811844123471,131072 --service-pipe-token=6264E9C12F31FEDFDC7FC478708F4119 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=6264E9C12F31FEDFDC7FC478708F4119 --renderer-client-id=40 --mojo-platform-channel-handle=3852 /prefetch:1
"C:\Program Files (x86)\AVG\Antivirus\setup\instup.exe" /instop:update_vps
C:\windows\system32\taskhost.exe
"C:\Users\Adélka\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\Adobe Reader and Acrobat Manager - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Antivirus Emergency Update - C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
C:\windows\system32\tasks\AVG EUpdate Task - avgsetupx.exe /eu
C:\windows\system32\tasks\AVGPCTuneUp_Task_BkGndMaintenance - C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0)
C:\windows\system32\tasks\ConfigFree Startup Programs - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1030080332-3517363701-2615270606-1000Core - C:\Users\Adélka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1030080332-3517363701-2615270606-1000UA - C:\Users\Adélka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\Online aktualizační program HP - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
C:\windows\system32\tasks\{2A5405D9-A94D-4FE9-985E-DBC252164F65} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.8.73.102.456 ... rogressBar
C:\windows\system32\tasks\{3641FDC0-94B2-4C63-B98B-46BB2718F262} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.8.73.102.456 ... rogressBar
C:\windows\system32\tasks\{58CAF700-73B0-417A-BCBE-9BD4D43E1E9D} - C:\windows\system32\pcalua.exe -a C:\Users\Adélka\Downloads\BitZipper2013TrialSetupEn.exe -d C:\Users\Adélka\Downloads -c "C:\Users\Adélka\Downloads\Psani-vsemi-deseti.rar"
C:\windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1030080332-3517363701-2615270606-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\windows\System32\lpksetup.exe -v
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload

=========Mozilla firefox=========

ProfilePath - C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=25756"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cdisys.com/SafeView]
"Description"=
"Path"=C:\Program Files (x86)\SafeView\npsfvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\searchplugins\
seznam-avast.xml

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\addons.json

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\features\{c831f9cc-f3f8-4a0d-8dc1-617924032c70}\shield-recipe-client@mozilla.org.xpi

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\pluginreg.dat

=========Google Chrome=========

C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.6
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.15.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype 10.2.0.9900
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6117.717.0.4
Homepage:
default_search_provider.search_url:
C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={01A6D3AD-6A00-4F80-A011-F210AC8BE029}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01A6D3AD-6A00-4F80-A011-F210AC8BE029}]
"URL"=http://www.google.com/search?sourceid=i ... lz=1I7TEUA;


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={01A6D3AD-6A00-4F80-A011-F210AC8BE029}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{01A6D3AD-6A00-4F80-A011-F210AC8BE029}]
"URL"=http://www.google.com/search?sourceid=i ... lz=1I7TEUA;

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-09 210112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-07-09 755912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19 3131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12 700800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20 149704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-07-09 457416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19 2106048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12 534400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-09-09 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-09-09 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-09-09 416024]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-09-10 12856936]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-17 2277480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-04 2679592]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-09-23 590256]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2011-08-03 981888]
"BatteryManager"=C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [2011-09-23 285608]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2011-08-23 1544624]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2011-08-11 712096]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2011-06-10 710560]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2011-06-28 598448]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2011-06-28 38824]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-09-14 239592]
"AVGUI.exe"=C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2017-05-22 263232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-05-16 846936]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2013-10-15 2148120]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-07-28 27815896]
"Spotify Web Helper"=C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-09-07 777840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-10-19 150992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-06-01 506712]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TOSDCR"=C:\Program Files\TOSHIBA\PasswordUtility\TOSDCR.exe []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-12 1298816]
"TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-06-05 252792]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
""= []
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-09-14 239592]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe

C:\Users\Adélka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======


======List of files/folders modified in the last 1 month======

2017-09-24 13:28:08 ----DC---- C:\Program Files\trend micro
2017-09-24 13:24:45 ----D---- C:\windows\Temp
2017-09-24 13:24:40 ----D---- C:\Users\Adélka\AppData\Roaming\Spotify
2017-09-24 11:17:56 ----SHD---- C:\System Volume Information
2017-09-24 11:15:47 ----D---- C:\windows\rescache
2017-09-24 10:09:59 ----D---- C:\windows\system32\config
2017-09-24 10:09:48 ----D---- C:\windows\winsxs
2017-09-23 22:07:50 ----D---- C:\Users\Adélka\AppData\Roaming\Skype
2017-09-23 22:07:11 ----A---- C:\windows\SYSWOW64\log.txt
2017-09-23 21:58:26 ----DC---- C:\AdwCleaner
2017-09-23 18:13:53 ----HD---- C:\ProgramData
2017-09-23 18:10:24 ----D---- C:\windows\system32\catroot2
2017-09-23 17:50:01 ----D---- C:\windows\inf
2017-09-23 17:50:01 ----AD---- C:\windows\System32
2017-09-23 17:50:01 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-09-21 15:58:44 ----SHD---- C:\windows\Installer
2017-09-21 15:55:16 ----D---- C:\windows\SysWOW64
2017-09-21 15:55:12 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2017-09-21 15:55:01 ----D---- C:\windows\system32\Macromed
2017-09-21 15:54:57 ----D---- C:\windows\SYSWOW64\Macromed
2017-09-08 20:32:15 ----D---- C:\windows\system32\NDF
2017-09-08 18:35:50 ----AD---- C:\Windows
2017-09-08 18:26:25 ----D---- C:\found.000
2017-09-03 09:54:48 ----D---- C:\Users\Adélka\AppData\Roaming\vlc
2017-08-30 10:03:44 ----D---- C:\ProgramData\Skype

File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\windows\system32\drivers\avgbidsha.sys [2017-05-22 192584]
R0 avgblog;avgblog; C:\windows\system32\drivers\avgbloga.sys [2017-05-22 336896]
R0 avgbuniv;avgbuniv; C:\windows\system32\drivers\avgbuniva.sys [2017-05-22 51336]
R0 avgRvrt;avgRvrt; C:\windows\system32\drivers\avgRvrt.sys [2017-05-22 76832]
R0 avgVmm;avgVmm; C:\windows\system32\drivers\avgVmm.sys [2017-05-22 340824]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-25 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R1 avgbdisk;avgbdisk; C:\windows\system32\drivers\avgbdiska.sys [2017-05-22 166624]
R1 avgbidsdriver;avgbidsdriver; C:\windows\system32\drivers\avgbidsdrivera.sys [2017-05-22 314128]
R1 avgRdr;avgRdr; C:\windows\system32\drivers\avgRdr2.sys [2017-05-22 102280]
R1 avgSnx;avgSnx; C:\windows\system32\drivers\avgSnx.sys [2017-05-22 1008288]
R1 avgSP;avgSP; C:\windows\system32\drivers\avgSP.sys [2017-05-22 570320]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgMonFlt;avgMonFlt; C:\windows\system32\drivers\avgMonFlt.sys [2017-05-22 129776]
R2 avgStm;avgStm; C:\windows\system32\drivers\avgStm.sys [2017-05-22 160008]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 47632]
R2 risdxc;risdxc; C:\windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-12-18 2675712]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\windows\system32\DRIVERS\btfilter.sys [2011-08-09 45168]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2011-08-23 342704]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 86016]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-08-31 12306848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-09-14 3076456]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2012-11-09 57376]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
R3 RDPDISPM;RDPDISPM; C:\windows\system32\DRIVERS\rdpdispm.sys [2010-08-31 10752]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-02-04 1413680]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2011-08-30 286080]
R3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2011-07-13 19904]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2011-01-28 67384]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 avgHwid;avgHwid; C:\windows\system32\drivers\avgHwid.sys [2017-05-22 39424]
S3 dbx;dbx; C:\windows\system32\DRIVERS\dbx.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 13824]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-02-25 98816]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-01-30 28672]
S3 huawei_wwanecm;huawei_wwanecm; C:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-01-30 212992]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-31 27784]
S3 TPM;Čip TPM; C:\windows\system32\drivers\tpm.sys [2016-02-05 147904]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2017-05-22 264432]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2017-09-14 1428656]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2011-06-07 250296]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-07-18 4412104]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2011-06-07 47032]
R2 DbxSvc;DbxSvc; C:\windows\system32\DbxSvc.exe [2016-09-12 42792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; %SystemRoot%\system32\svchost.exe -k hpdevmgmt;"ServiceDll"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\syswow64\irstrtsv.exe [2011-07-07 184320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-07-22 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-07-02 327664]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-29 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2011-11-09 583088]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-08-23 294848]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-07-02 2595824]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2017-05-22 7396872]
R3 hpqcxs08;hpqcxs08; %SystemRoot%\system32\svchost.exe -k hpdevmgmt;"ServiceDll"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2015-12-09 55144]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-02 198064]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-08-11 833464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21 107848]
S2 Net Driver HPZ12;Net Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\system32\HPZinw12.dll
S2 Pml Driver HPZ12;Pml Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\system32\HPZipm12.dll
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-06-01 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-21 272384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21 107848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-08 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2017-07-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-26 173512]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-07-18 213704]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-12-27 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-09-30 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Logfile of random's system information tool 1.14 (written by random/random)
Run by Adélka at 2017-09-24 16:29:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 6 GB (6%) free of 100 GB
Total RAM: 3997 MB (41% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:30:12, on 24.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18763)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files\trend micro\Adélka_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [TOSDCR] %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Toshiba Places Icon Utility.lnk = ?
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Users\Adélka\Desktop\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do aplikace TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\system32\irstrtsv.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15362 bytes

======Enumerating Processes======

C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe"
C:\windows\system32\WLANExt.exe 4538592
\??\C:\windows\system32\conhost.exe "-834409113-1517999978176902757-11983736761454187250155124580538609180-1012811029
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\windows\system32\DbxSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
C:\windows\SysWOW64\svchost.exe -k MbnExt
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
C:\windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\Windows Live\Mesh\wlcrasvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\taskeng.exe
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\AVG\Antivirus\setup\instup.exe" /instop:update_vps
"C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
"C:\windows\system32\makecab.exe" C:\windows\Logs\CBS\CbsPersist_20150914223215.log C:\windows\Logs\CBS\CbsPersist_20150914223215.cab
\??\C:\windows\system32\conhost.exe "1223721034-21219480621988291263-40820621819559992932126322720-1507790269270885657
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayicon.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe"
"C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe"
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" /STAR
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
"C:\Windows\System32\StikyNot.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" /tsr
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F4200 series#1365431079" -Startup
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosSkypeApl.exe" W
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\setup.exe" --delete-old-versions --system-level --verbose-logging
"C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0xe0,0xe4,0xe8,0xdc,0xec,0x13fa74a08,0x13fa749c8,0x13fa749d8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Adélka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x88,0x8c,0x90,0x84,0x94,0x7fed3a91988,0x7fed3a91948,0x7fed3a91958
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7332 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1192,4546090897081078877,11594581920463850962,131072 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,19,20,22,23,24,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2509 --gpu-driver-date=8-31-2011 --gpu-secondary-vendor-ids=0x0000 --gpu-secondary-device-ids=0x0000 --service-request-channel-token=E888958D57186A8DA0D855E1413F8B72 --mojo-platform-channel-handle=1208 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,4546090897081078877,11594581920463850962,131072 --service-pipe-token=AE61313ECE68F55CDDF9CF11DE5DD2C8 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=AE61313ECE68F55CDDF9CF11DE5DD2C8 --renderer-client-id=6 --mojo-platform-channel-handle=2024 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,4546090897081078877,11594581920463850962,131072 --service-pipe-token=A34E2D04449870189C190FE578C6A48B --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=A34E2D04449870189C190FE578C6A48B --renderer-client-id=4 --mojo-platform-channel-handle=2888 /prefetch:1
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Users\Adélka\Desktop\RSITx64.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,4546090897081078877,11594581920463850962,131072 --service-pipe-token=FFA4BD8050336D0DC62736B11E9A9DA5 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=FFA4BD8050336D0DC62736B11E9A9DA5 --renderer-client-id=8 --mojo-platform-channel-handle=2508 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1192,4546090897081078877,11594581920463850962,131072 --service-pipe-token=FFC8303B4F82A556F2EA84C01BD21161 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --disable-accelerated-video-decode --enable-gpu-async-worker-context --service-request-channel-token=FFC8303B4F82A556F2EA84C01BD21161 --renderer-client-id=11 --mojo-platform-channel-handle=4728 /prefetch:1

======Scheduled tasks folder======

C:\windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\system32\tasks\Adobe Reader and Acrobat Manager - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\windows\system32\tasks\Antivirus Emergency Update - C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
C:\windows\system32\tasks\AVG EUpdate Task - avgsetupx.exe /eu
C:\windows\system32\tasks\AVGPCTuneUp_Task_BkGndMaintenance - C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0)
C:\windows\system32\tasks\ConfigFree Startup Programs - C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1030080332-3517363701-2615270606-1000Core - C:\Users\Adélka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-1030080332-3517363701-2615270606-1000UA - C:\Users\Adélka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\system32\tasks\Online aktualizační program HP - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
C:\windows\system32\tasks\{2A5405D9-A94D-4FE9-985E-DBC252164F65} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.8.73.102.456 ... rogressBar
C:\windows\system32\tasks\{3641FDC0-94B2-4C63-B98B-46BB2718F262} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.8.73.102.456 ... rogressBar
C:\windows\system32\tasks\{58CAF700-73B0-417A-BCBE-9BD4D43E1E9D} - C:\windows\system32\pcalua.exe -a C:\Users\Adélka\Downloads\BitZipper2013TrialSetupEn.exe -d C:\Users\Adélka\Downloads -c "C:\Users\Adélka\Downloads\Psani-vsemi-deseti.rar"
C:\windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1030080332-3517363701-2615270606-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\windows\System32\lpksetup.exe -v
C:\windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\windows\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\windows\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
C:\windows\system32\tasks\Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe
C:\windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880
C:\windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe scan upload

=========Mozilla firefox=========

ProfilePath - C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=25756"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cdisys.com/SafeView]
"Description"=
"Path"=C:\Program Files (x86)\SafeView\npsfvw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\searchplugins\
seznam-avast.xml

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\addons.json

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\extensions.json
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\features\{c831f9cc-f3f8-4a0d-8dc1-617924032c70}\shield-recipe-client@mozilla.org.xpi

C:\Users\Adélka\AppData\Roaming\Mozilla\Firefox\Profiles\g0tc58dg.default\pluginreg.dat

=========Google Chrome=========

C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 2 Adobe Acrobat 15.1.0.6
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.15.0
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype 10.2.0.9900
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.3
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6117.717.0.4
Homepage:
default_search_provider.search_url:
C:\Users\Adélka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={01A6D3AD-6A00-4F80-A011-F210AC8BE029}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01A6D3AD-6A00-4F80-A011-F210AC8BE029}]
"URL"=http://www.google.com/search?sourceid=i ... lz=1I7TEUA;


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={01A6D3AD-6A00-4F80-A011-F210AC8BE029}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{01A6D3AD-6A00-4F80-A011-F210AC8BE029}]
"URL"=http://www.google.com/search?sourceid=i ... lz=1I7TEUA;

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-09 210112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-07-09 755912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19 3131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12 700800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20 149704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-07-09 457416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19 2106048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12 534400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-09-09 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-09-09 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-09-09 416024]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-09-10 12856936]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-17 2277480]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-02-04 2679592]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2011-09-23 590256]
"TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2011-08-03 981888]
"BatteryManager"=C:\Program Files\TOSHIBA\Power Saver\TBatmgrTrayIcon.EXE [2011-09-23 285608]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2011-08-23 1544624]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2011-08-11 712096]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2011-06-10 710560]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2011-06-28 598448]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2011-06-28 38824]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-09-14 239592]
"AVGUI.exe"=C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [2017-05-22 263232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2011-05-16 846936]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2013-10-15 2148120]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-07-28 27815896]
"Spotify Web Helper"=C:\Users\Adélka\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-09-07 777840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [2011-10-19 150992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2011-02-10 1546720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"=C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2011-06-01 506712]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"TOSDCR"=C:\Program Files\TOSHIBA\PasswordUtility\TOSDCR.exe []
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-12 1298816]
"TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-06-05 252792]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
""= []
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2017-09-14 239592]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Toshiba Places Icon Utility.lnk - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe

C:\Users\Adélka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======


======List of files/folders modified in the last 1 month======

2017-09-24 16:30:06 ----DC---- C:\Program Files\trend micro
2017-09-24 16:29:40 ----A---- C:\windows\SYSWOW64\log.txt
2017-09-24 16:29:06 ----D---- C:\windows\Temp
2017-09-24 16:28:38 ----D---- C:\Users\Adélka\AppData\Roaming\Skype
2017-09-24 16:27:34 ----D---- C:\windows\system32\config
2017-09-24 14:52:43 ----D---- C:\windows\system32\catroot2
2017-09-24 14:50:47 ----D---- C:\windows\winsxs
2017-09-24 13:24:40 ----D---- C:\Users\Adélka\AppData\Roaming\Spotify
2017-09-24 11:17:56 ----SHD---- C:\System Volume Information
2017-09-24 11:15:47 ----D---- C:\windows\rescache
2017-09-23 21:58:26 ----DC---- C:\AdwCleaner
2017-09-23 18:13:53 ----HD---- C:\ProgramData
2017-09-23 17:50:01 ----D---- C:\windows\inf
2017-09-23 17:50:01 ----AD---- C:\windows\System32
2017-09-23 17:50:01 ----A---- C:\windows\system32\PerfStringBackup.INI
2017-09-21 15:58:44 ----SHD---- C:\windows\Installer
2017-09-21 15:55:16 ----D---- C:\windows\SysWOW64
2017-09-21 15:55:12 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2017-09-21 15:55:01 ----D---- C:\windows\system32\Macromed
2017-09-21 15:54:57 ----D---- C:\windows\SYSWOW64\Macromed
2017-09-08 20:32:15 ----D---- C:\windows\system32\NDF
2017-09-08 18:35:50 ----AD---- C:\Windows
2017-09-08 18:26:25 ----D---- C:\found.000
2017-09-03 09:54:48 ----D---- C:\Users\Adélka\AppData\Roaming\vlc
2017-08-30 10:03:44 ----D---- C:\ProgramData\Skype

File C:\windows\system32\winlogon.exe is digitally signed
File C:\windows\system32\wininit.exe is digitally signed
File C:\windows\explorer.exe is digitally signed
File C:\windows\SysWOW64\explorer.exe is digitally signed
File C:\windows\system32\svchost.exe is digitally signed
File C:\windows\SysWOW64\svchost.exe is digitally signed
File C:\windows\system32\services.exe is digitally signed
File C:\windows\system32\User32.dll is digitally signed
File C:\windows\SysWOW64\User32.dll is digitally signed
File C:\windows\system32\userinit.exe is digitally signed
File C:\windows\SysWOW64\userinit.exe is digitally signed
File C:\windows\system32\rpcss.dll is digitally signed
File C:\windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\windows\system32\drivers\avgbidsha.sys [2017-05-22 192584]
R0 avgblog;avgblog; C:\windows\system32\drivers\avgbloga.sys [2017-05-22 336896]
R0 avgbuniv;avgbuniv; C:\windows\system32\drivers\avgbuniva.sys [2017-05-22 51336]
R0 avgRvrt;avgRvrt; C:\windows\system32\drivers\avgRvrt.sys [2017-05-22 76832]
R0 avgVmm;avgVmm; C:\windows\system32\drivers\avgVmm.sys [2017-05-22 340824]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2009-06-25 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ.SYS [2009-07-14 26840]
R1 avgbdisk;avgbdisk; C:\windows\system32\drivers\avgbdiska.sys [2017-05-22 166624]
R1 avgbidsdriver;avgbidsdriver; C:\windows\system32\drivers\avgbidsdrivera.sys [2017-05-22 314128]
R1 avgRdr;avgRdr; C:\windows\system32\drivers\avgRdr2.sys [2017-05-22 102280]
R1 avgSnx;avgSnx; C:\windows\system32\drivers\avgSnx.sys [2017-05-22 1008288]
R1 avgSP;avgSP; C:\windows\system32\drivers\avgSP.sys [2017-05-22 570320]
R1 Tosrfcom;Bluetooth RFCOMM; C:\windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgMonFlt;avgMonFlt; C:\windows\system32\drivers\avgMonFlt.sys [2017-05-22 129776]
R2 avgStm;avgStm; C:\windows\system32\drivers\avgStm.sys [2017-05-22 160008]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 47632]
R2 risdxc;risdxc; C:\windows\system32\DRIVERS\risdxc64.sys [2011-05-26 101888]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2010-12-18 2675712]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver; C:\windows\system32\DRIVERS\btfilter.sys [2011-08-09 45168]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2011-08-23 342704]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 86016]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-08-31 12306848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-09-14 3076456]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2012-11-09 57376]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2011-10-25 96768]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2011-10-25 213504]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
R3 RDPDISPM;RDPDISPM; C:\windows\system32\DRIVERS\rdpdispm.sys [2010-08-31 10752]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-02-04 1413680]
R3 tosporte;Bluetooth COM Port; C:\windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\windows\system32\DRIVERS\tosrfbd.sys [2011-08-30 286080]
R3 tosrfbnp;Bluetooth RFBNEP; C:\windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
R3 tosrfec;Bluetooth ACPI; C:\windows\system32\DRIVERS\tosrfec.sys [2011-07-13 19904]
R3 Tosrfhid;Bluetooth RFHID; C:\windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 tosrfnds;Bluetooth Personal Area Network; C:\windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
R3 TosRfSnd;Bluetooth Audio; C:\windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
R3 Tosrfusb;Bluetooth USB Controller; C:\windows\system32\DRIVERS\tosrfusb.sys [2011-01-28 67384]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 avgHwid;avgHwid; C:\windows\system32\drivers\avgHwid.sys [2017-05-22 39424]
S3 dbx;dbx; C:\windows\system32\DRIVERS\dbx.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\windows\system32\DRIVERS\Dot4Scan.sys [2009-07-14 13824]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-02-25 98816]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-01-30 28672]
S3 huawei_wwanecm;huawei_wwanecm; C:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-01-30 212992]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-31 27784]
S3 TPM;Čip TPM; C:\windows\system32\drivers\tpm.sys [2016-02-05 147904]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [2017-05-22 264432]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2017-09-14 1428656]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2011-06-07 250296]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2017-07-18 4412104]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2011-06-07 47032]
R2 DbxSvc;DbxSvc; C:\windows\system32\DbxSvc.exe [2016-09-12 42792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; %SystemRoot%\system32\svchost.exe -k hpdevmgmt;"ServiceDll"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\syswow64\irstrtsv.exe [2011-07-07 184320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-07-22 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-07-02 327664]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 Net Driver HPZ12;Net Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\system32\HPZinw12.dll
R2 Pml Driver HPZ12;Pml Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\system32\HPZipm12.dll
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-02-10 112080]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-29 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2011-11-09 583088]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-08-23 294848]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-07-02 2595824]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [2017-05-22 7396872]
R3 hpqcxs08;hpqcxs08; %SystemRoot%\system32\svchost.exe -k hpdevmgmt;"ServiceDll"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2015-12-09 55144]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-02 198064]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-08-11 833464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-06-01 317400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-21 272384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21 107848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-08 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2017-07-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-26 173512]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-07-18 213704]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-12-27 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-09-30 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Smazáno. Nastala nějaká změna? Velikost volného místa ne vašem systémovém disku se velmi blíží minimální možné hodnotě. Přesuňte některé svá data na jiné úložiště, nebo odinstalujte nepoužívané aplikace. Min. volné místo na systémovém disku by mělo být 5-8GB.

Dobrý den,
moc děkuji za pomoc, ale bohužel počítač se mi zdá ještě pomalejší než před čištěním. Souborů a aplikací na disku mám uloženo absolutní minimum, takže netuším, jak můžu mít zaplněno 97 GB. Nevěděl byste ještě o nějaké možnosti, co s tím? Před půl rokem čištění parádně zabralo, uvolnila se mi více než polovina disku, teď bohužel vůbec nic.
Adéla

Jedinou možností je buď přesunutí vlastních souborů (dokumentů, hudby, videa a fotek) na jiné úložiště anebo odinstalovat nepoužívané programy. Následně asi bude nutná defragmentace disku.