VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Proces 25% CPU

https://forum.viry.cz:443/viewtopic.php?t=156964

Stránka 1 z 2

Proces 25% CPU

Napsal: 24 bře 2020 23:43
od MaClaud
Dobrý den,
problém: stále se mi spouští proces a alokuje si 25% CPU. Nejedná se o jeden a ten samý proces ale dle nějakého náhodného klíče se vždy zvolí, když jej odstřelím přímo tak se spustí jiný. Budu rád za každou radu a pomoc. Logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-03-2020
Ran by MaClaud (administrator) on CALIBRA (ASUSTeK Computer Inc. N73SV) (24-03-2020 23:35:40)
Running from C:\Users\MaClaud\Desktop
Loaded Profiles: MaClaud (Available Profiles: MaClaud & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Electronic Team, Inc. -> Electronic Team, Inc.) C:\Program Files\Electronic Team\Flexihub\flexihub64.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Finger Power Technology Co., Ltd. -> ) C:\Users\MaClaud\AppData\Local\Kingosoft\Kingo Root\update_58142\bin\KingoSoftService.exe
(Fresco Logic Inc -> Fresco Logic) C:\Windows\System32\FLxHCIm.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Turbo Boost Technology Monitor -> Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(QUALCOMM, Inc.) [File not signed] C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11485800 2010-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2168424 2010-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FLxHCIm] => C:\windows\system32\FLxHCIm.exe [76472 2018-05-31] (Fresco Logic Inc -> Fresco Logic)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation) [File not signed]
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [2325504 2019-04-24] () [File not signed]
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [Google Update] => C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: D - D:\CDViewer.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: G - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {0f17170e-b6c5-11e8-8193-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {1a89cdc2-432d-11e8-b336-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {1c5d57a2-053c-11e8-8c84-005056c00008} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {227c2eeb-254d-11e9-bbc4-005056c00008} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\autorun.exe /auto
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {2d40703c-d021-11e2-b51a-74f06dbe6f9f} - G:\AutoRun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {37d9f32a-ab70-11e6-bbfb-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3a6d569f-c9cf-11e9-bc8e-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3a8be94d-2881-11e8-9c32-005056c00008} - H:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3ff212c1-17e9-11e5-a4ed-74f06dbe6f9f} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {47a97c14-33cc-11ea-b501-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {4c0b7178-a6f6-11e8-bf7c-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {4db7e7c0-43d3-11e1-a774-806e6f6e6963} - D:\InstAll.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {61a19f70-f90b-11e1-aa36-74f06dbe6f9f} - G:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6587f016-2a60-11ea-b538-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {695c2ab7-6793-11e9-a67d-005056c00008} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6d41ebb7-d328-11e9-83ce-005056c00008} - G:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f33-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f3a-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f5b-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f5f-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f65-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {73f0ae9a-1190-11e5-8534-74f06dbe6f9f} - G:\Startme.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {7ee5cd87-1ff6-11e6-9293-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {80c5adfa-431c-11e5-b090-005056c00008} - G:\LG_PC_Programs.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {9a231299-b3cd-11e9-a0d2-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {9cf5aa47-58f9-11e7-8dff-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {a4981f3d-db68-11e4-b6b2-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {a7a27c55-c025-11e7-b60e-005056c00008} - G:\autorun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {b234878a-a630-11e5-a126-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {ba30b0fb-e427-11e7-ade8-74f06dbe6f9f} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {bb099951-af22-11e6-b898-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {bfb2463a-6ba6-11ea-9890-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {d1c40b1e-db99-11e3-be29-74f06dbe6f9f} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {d7196ef6-8071-11e5-ae7f-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {df642bf1-097c-11ea-9b5a-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {e4095ae0-fd85-11e8-8a42-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {e4219ba4-de5c-11e3-b174-74f06dbe6f9f} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {eb3eac3b-6a8c-11ea-a708-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {f1df38be-4e45-11e5-9743-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {f1df38c4-4e45-11e5-9743-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2015-04-17]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-08-02] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs: , C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2018-03-16]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
AlternateShell:

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F61C5C-F0FF-4A58-9D9B-09A2E5678443} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660792 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2795DBAF-3CFA-42FE-BDA5-BAC71C6DB545} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core => C:\Users\MaClaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {42BDA739-E704-4D4E-B58E-43974ED6DF41} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660792 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F12801E-2A67-447B-A5FB-2E58BFBD0245} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [525104 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {569FE0DD-E93D-4094-B77E-30FE39A93607} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746800 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A7AAB9F-0700-4DF8-899F-007AEA78DF4A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1931064 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71304849-8570-4C27-9109-3AAF7DD615EE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA => C:\Users\MaClaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {8C3571BE-00E8-42C6-BE2C-AF1BC4411B85} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {983A7EB2-FAC1-421D-BCF1-EA59FC243078} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [1454080 2018-09-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A1FD4554-033D-4DBA-AF91-C2EEE878C830} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746800 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF5F4DFE-64D6-4D85-B6FD-3D77557A236A} - System32\Tasks\{32AF0D40-A55F-43E7-9339-FD2BB1BF6A0C} => C:\Windows\system32\pcalua.exe -a "E:\WMmobile soft\GarminSymbian\Garmin\GarminMobileXTforSymbianS603rdEdition_50050.exe" -d "E:\WMmobile soft\GarminSymbian\Garmin"
Task: {BE3630D3-AE9E-40C3-922E-1A4701294773} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [969016 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8C36499-2C59-4710-AE75-7302BB6BD734} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1414726678-80063402-3466205120-1000 => C:\Users\MaClaud\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)
Task: {F3CC6BB3-B68A-4C46-A40C-A1B65EB5FBDF} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 12 C:\windows\SysWOW64\vsocklib.dll [63088 2011-08-08] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 13 C:\windows\SysWOW64\vsocklib.dll [63088 2011-08-08] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\vsocklib.dll [67184 2011-08-08] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 13 C:\Windows\system32\vsocklib.dll [67184 2011-08-08] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2A2F8EC6-537B-4B41-AD19-33E93A923D4E}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{D3C56AF9-7B29-4B4D-979F-CE1142B157B0}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-1414726678-80063402-3466205120-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)

FireFox:
========
FF DefaultProfile: x40heix7.default
FF ProfilePath: C:\Users\MaClaud\AppData\Roaming\TomTom\HOME\Profiles\bf16q830.default [2020-03-04]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default [2020-03-24]
FF Notifications: Mozilla\Firefox\Profiles\x40heix7.default -> hxxps://calendar.google.com; hxxps://androidhost.ru
FF Extension: (Česká kontrola pravopisu (bez diakritiky)) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\cs2@dictionaries.addons.mozilla.org.xpi [2019-01-04]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-04]
FF Extension: (SafeInCloud Password Manager) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\info@safe-in-cloud.com.xpi [2019-06-10]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-03-14]
FF Extension: (uBlock Origin) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-13]
FF Extension: (No Name) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-03-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-11] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-11] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\\1.8.101.2154\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default [2020-03-24]
CHR Extension: (Prezentace) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-04]
CHR Extension: (Dokumenty) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-04]
CHR Extension: (Disk Google) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-04]
CHR Extension: (YouTube) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-04]
CHR Extension: (Maximize Flash) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\chihjmmmhbapnhemoopibkekbojilhge [2020-03-04]
CHR Extension: (Tabulky) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]
CHR Extension: (Google Kalendář) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-04]
CHR Extension: (Fullscreen Anything) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2020-03-04]
CHR Extension: (Gmail) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
StartMenuInternet: Google Chrome - C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (To-Read sites) - C:\Users\MaClaud\AppData\Roaming\Opera Software\Opera Stable\Extensions\ocjdcfknlmpoicmjpklcofjlpnegobbb [2013-09-13]
OPR Extension: (Adblock Plus) - C:\Users\MaClaud\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2013-09-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 flexihub; C:\Program Files\Electronic Team\Flexihub\flexihub64.exe [6301216 2019-03-04] (Electronic Team, Inc. -> Electronic Team, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 KingoSoftService; C:\Users\MaClaud\AppData\Local\Kingosoft\Kingo Root\update_58142\bin\checkupdate.exe [367584 2016-09-17] (Finger Power Technology Co., Ltd. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-03] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-12-28] (Even Balance, Inc. -> )
R2 qcmtusvc; C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [83456 2015-07-09] (QUALCOMM, Inc.) [File not signed]
R2 RapiMgr; C:\windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S2 SbieSvc; E:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (SANDBOXIE L.T.D -> Sandboxie Holdings, LLC)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-08-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [780328 2019-08-16] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.)
R3 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2011-11-13] (VMware, Inc.) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2011-11-13] () [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 WcesComm; C:\windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2548224 2019-10-22] (Sony) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [X]
S3 WsDrvInst; "E:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\windows\System32\ambakdrv.sys [51120 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AmUStor; C:\windows\System32\drivers\AmUStor.SYS [44032 2010-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Alcor Micro, Corp.)
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AndnetBus; C:\windows\System32\DRIVERS\lgandnetbus64.sys [30208 2016-08-31] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AVEO; C:\windows\System32\DRIVERS\AVEOdcnt.sys [237056 2010-03-24] (Aveo Technology Corp. -> AVEO Corp)
S3 BTCFilterService; C:\windows\System32\DRIVERS\motfilt.sys [6144 2013-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc)
S3 Ctxusbr; C:\windows\System32\DRIVERS\ctxusbr.sys [77488 2016-09-05] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [135520 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 diagswitchdrv; C:\Windows\SysWOW64\DRIVERS\diagswitchdrv.sys [117888 2014-08-17] (Huawei Technologies Co., Ltd.) [File not signed]
S3 DIRECTIORM; E:\Program Files\RAMMon\DirectIo64.sys [30672 2016-08-26] (PassMark Software Pty Ltd -> )
R3 DroidCam; C:\windows\System32\DRIVERS\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\windows\System32\DRIVERS\droidcamvideo.sys [229432 2015-05-24] (DEV47 APPS -> Dev47Apps)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-21] (DT Soft Ltd -> DT Soft Ltd)
S3 easyjtag; C:\windows\System32\DRIVERS\easyjtag_x64.sys [65024 2011-05-06] (Z3X EasyJTAG -> )
S3 eGateUSB; C:\windows\System32\Drivers\eGateUSB.sys [98816 2007-05-09] (Gemalto) [File not signed]
S3 EloMTApr; C:\windows\System32\DRIVERS\EloMTApr.sys [232960 2017-05-18] (Elo Touch Solutions, Inc. -> )
S3 EloMTSer; C:\windows\System32\DRIVERS\EloMTSer.sys [122368 2017-05-18] (Elo Touch Solutions, Inc. -> )
S3 EloMTUsb; C:\windows\System32\DRIVERS\EloMTUsb.sys [183808 2017-05-18] (Elo Touch Solutions, Inc. -> )
R3 ELTIMA_USB_HUB_FILTER; C:\windows\System32\drivers\fusbhub.sys [130560 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [129024 2010-09-08] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
R3 eustub; C:\windows\System32\DRIVERS\eusbstub.sys [39424 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 evserial9; C:\windows\System32\DRIVERS\evserial9.sys [40448 2018-04-05] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbccgpfilter; C:\Windows\SysWOW64\DRIVERS\ew_usbccgpfilter.sys [19200 2016-03-29] (Huawei Technologies Co., Ltd.) [File not signed]
R1 Ext2Fsd; C:\windows\System32\DRIVERS\Ext2Fsd.sys [799744 2017-04-02] (Kasherlab Technology Inc. -> http://www.ext2fsd.com)
R3 FLxHCIh; C:\windows\System32\DRIVERS\FLxHCIh.sys [146336 2018-05-31] (Fresco Logic Inc -> Fresco Logic)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [File not signed]
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [129448 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\windows\System32\drivers\ftser2k.sys [89792 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 ggsomc; C:\windows\System32\DRIVERS\ggsomc.sys [32384 2018-02-05] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 HSPL_usbvcom; C:\windows\System32\DRIVERS\hw_usbvcom.sys [221824 2015-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HSPL_usbvcom; C:\Windows\SysWOW64\DRIVERS\hw_usbvcom.sys [221824 2015-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HTCAND64; C:\windows\System32\Drivers\ANDROIDUSB.sys [31744 2015-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
S3 htcnprot; C:\windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 htcusbnet; C:\windows\System32\DRIVERS\htcusbnet.sys [154624 2011-08-04] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 HtcVCom32; C:\windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\Windows\SysWOW64\DRIVERS\hw_quusbmdm.sys [226560 2016-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSetProLine; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSetProLine; C:\Windows\SysWOW64\DRIVERS\hw_quusbmdm.sys [226560 2016-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\windows\System32\DRIVERS\hw_cdcacm.sys [127360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_ctrlfakedev; C:\windows\System32\DRIVERS\hw_ctrlfakedev.sys [115712 2015-03-10] (Huawei Technologies Co., Ltd.) [File not signed]
S3 hw_ctrlfakedev; C:\Windows\SysWOW64\DRIVERS\hw_ctrlfakedev.sys [115712 2015-03-10] (Huawei Technologies Co., Ltd.) [File not signed]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [165504 2016-12-23] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-21] (ASUSTeK Computer Inc. -> )
S3 libusb0; C:\windows\System32\DRIVERS\libusb0.sys [62048 2014-06-19] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S0 malqoorz; C:\Windows\SysWOW64\drivers\yahcdwms.sys [61440 2017-04-25] () [File not signed]
S3 massfilter_hs; C:\windows\System32\drivers\massfilter_hs.sys [11776 2010-10-20] (Microsoft Windows Hardware Compatibility Publisher -> HandSet Incorporated)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [214496 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
S3 motandroidusb; C:\windows\System32\Drivers\motoandroid.sys [32768 2013-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 motccgp; C:\windows\System32\DRIVERS\motccgp.sys [23552 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motmodem; C:\windows\System32\DRIVERS\motmodem.sys [31744 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 MotoSwitchService; C:\windows\System32\DRIVERS\motswch.sys [8832 2012-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 Motousbnet; C:\windows\System32\DRIVERS\Motousbnet.sys [27648 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motport; C:\windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motusbdevice; C:\windows\System32\DRIVERS\motusbdevice.sys [12288 2013-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc)
S3 nmwcd; C:\windows\System32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsucx64; C:\windows\System32\drivers\nmwcdnsucx64.sys [12800 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsux64; C:\windows\System32\drivers\nmwcdnsux64.sys [171008 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\DRIVERS\nvvhci.sys [58680 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 qcfilter; C:\windows\System32\DRIVERS\qcusbfilter.sys [40448 2015-07-09] (QUALCOMM Incorporated -> QUALCOMM Incorporated)
S3 qcusbser; C:\windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\windows\System32\DRIVERS\qcusbwwan.sys [516608 2015-07-09] (QUALCOMM Incorporated -> QUALCOMM Incorporated)
S3 R5BaseSmc; C:\windows\System32\DRIVERS\smccard.sys [23592 2014-01-13] (Feitian Technologies Co., Ltd. -> OEM)
S3 riffbox; C:\windows\System32\DRIVERS\riffbox64.sys [32768 2012-04-24] (Microsoft Windows -> Microsoft Corporation)
R3 RtlWlanu; C:\windows\System32\DRIVERS\rtwlanu.sys [7947192 2018-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 s0016bus; C:\windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mdfl; C:\windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mdm; C:\windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mgmt; C:\windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016nd5; C:\windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016obex; C:\windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016unic; C:\windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017bus; C:\windows\System32\DRIVERS\s0017bus.sys [113704 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mdfl; C:\windows\System32\DRIVERS\s0017mdfl.sys [19496 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mdm; C:\windows\System32\DRIVERS\s0017mdm.sys [152616 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mgmt; C:\windows\System32\DRIVERS\s0017mgmt.sys [133160 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017nd5; C:\windows\System32\DRIVERS\s0017nd5.sys [34856 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017obex; C:\windows\System32\DRIVERS\s0017obex.sys [128552 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017unic; C:\windows\System32\DRIVERS\s0017unic.sys [145960 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018bus; C:\windows\System32\DRIVERS\s1018bus.sys [113704 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdfl; C:\windows\System32\DRIVERS\s1018mdfl.sys [19496 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdm; C:\windows\System32\DRIVERS\s1018mdm.sys [153128 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mgmt; C:\windows\System32\DRIVERS\s1018mgmt.sys [133160 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018nd5; C:\windows\System32\DRIVERS\s1018nd5.sys [34856 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018obex; C:\windows\System32\DRIVERS\s1018obex.sys [128552 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018unic; C:\windows\System32\DRIVERS\s1018unic.sys [146472 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039bus; C:\windows\System32\DRIVERS\s1039bus.sys [127600 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdfl; C:\windows\System32\DRIVERS\s1039mdfl.sys [19568 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdm; C:\windows\System32\DRIVERS\s1039mdm.sys [161904 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\windows\System32\DRIVERS\s1039mgmt.sys [141424 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039nd5; C:\windows\System32\DRIVERS\s1039nd5.sys [34416 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\windows\System32\DRIVERS\s1039obex.sys [137328 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\windows\System32\DRIVERS\s1039unic.sys [158320 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 SbieDrv; E:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (SANDBOXIE L.T.D -> Sandboxie Holdings, LLC)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2018-12-09] (Macrovision Europe Ltd) [File not signed]
R3 seehcri; C:\windows\System32\DRIVERS\seehcri.sys [34032 2012-07-24] (Sony Ericsson Mobile Communications AB -> Sony Ericsson Mobile Communications)
S3 Ser2pl; C:\windows\System32\DRIVERS\ser2pl64.sys [160256 2013-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 smhwdev; C:\windows\System32\DRIVERS\smhwdev.sys [114432 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 smhwser; C:\windows\System32\DRIVERS\smhwser.sys [122624 2012-07-24] (QUALCOMM Incorporated) [File not signed]
S0 soesbn; C:\Windows\SysWOW64\drivers\vevk.sys [61440 2017-04-25] () [File not signed]
S3 sprdvcom; C:\windows\System32\DRIVERS\sprdvcom.sys [28160 2015-03-04] (Microsoft Corporation -> SPRD Device)
S3 ssudmdm; C:\windows\System32\DRIVERS\ssudmdm.sys [166752 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\windows\System32\DRIVERS\ssudserd.sys [166752 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 token; C:\windows\System32\DRIVERS\eps2kt1.sys [43432 2014-01-13] (Feitian Technologies Co., Ltd. -> OEM)
R2 TurboB; C:\windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] (Intel(R) Turbo Boost Technology Monitor -> )
S3 UFS2XX; C:\windows\System32\drivers\UFS2XX.sys [82528 2013-08-19] (UAB ”DIGITEKA” -> FTDI Ltd.)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbbus; C:\windows\System32\DRIVERS\lgx64bus.sys [17920 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbDiag; C:\windows\System32\DRIVERS\lgx64diag.sys [28160 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 USBModem; C:\windows\System32\DRIVERS\lgx64modem.sys [34816 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 usbrndis6; C:\windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\usbser.sys [33280 2013-08-28] (Microsoft Windows -> Microsoft Corporation)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 VSBC9; C:\windows\System32\DRIVERS\evsbc9.sys [127488 2018-04-05] (Element 5 Limited Liability Company -> ELTIMA Software)
R3 vuhub; C:\windows\System32\DRIVERS\vuhub.sys [156160 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdf_usb; C:\windows\System32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
R3 wdkmd; C:\windows\System32\DRIVERS\WDKMD.sys [39832 2010-06-18] (Wireless Display -> Intel Corporation)
S3 wdm_usb; C:\windows\System32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
S3 zghsdiag; C:\windows\System32\DRIVERS\zghsdiag.sys [129432 2011-07-07] (ZTE CORPORATION -> ZTE Incorporated)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EloBus; system32\DRIVERS\EloBus.sys [X]
S3 EloSer; system32\DRIVERS\EloSerG2.sys [X]
U5 hw_usbdev; C:\Windows\SysWOW64\Drivers\hw_usbdev.sys [116864 2011-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
U4 npcap_wifi; no ImagePath
S3 qcusbnet; system32\DRIVERS\qcusbnet.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vzandnetadb; System32\Drivers\lgvzandnetadb.sys [X]
S1 xcbdplvu; \??\C:\windows\system32\drivers\xcbdplvu.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-24 23:35 - 2020-03-24 23:36 - 000051926 _____ C:\Users\MaClaud\Desktop\FRST.txt
2020-03-24 23:34 - 2020-03-24 23:36 - 000000000 ____D C:\FRST
2020-03-24 23:34 - 2020-03-24 23:34 - 002279936 _____ (Farbar) C:\Users\MaClaud\Desktop\FRST64.exe
2020-03-24 22:11 - 2020-03-24 22:11 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2020-03-24 22:11 - 2020-03-24 22:11 - 000214496 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2020-03-20 12:05 - 2020-03-20 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QPST
2020-03-18 18:45 - 2020-03-18 18:45 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-16 18:36 - 2020-03-16 18:36 - 000000000 ____D C:\Users\MaClaud\AppData\Local\GHISLER
2020-03-14 20:18 - 2020-03-14 20:18 - 000103140 __RSH C:\dnfl.exe
2020-03-13 19:42 - 2020-03-13 19:42 - 000000717 _____ C:\Users\Public\Desktop\Halabtech Tool_v0.9.lnk
2020-03-13 19:42 - 2020-03-13 19:42 - 000000717 _____ C:\ProgramData\Desktop\Halabtech Tool_v0.9.lnk
2020-03-13 19:42 - 2020-03-13 19:42 - 000000000 ____D C:\Users\MaClaud\AppData\Local\SkinSoft
2020-03-13 19:42 - 2020-03-13 19:42 - 000000000 ____D C:\Users\MaClaud\.android
2020-03-13 19:42 - 2020-03-13 19:42 - 000000000 ____D C:\Halabtech_Tool_V0.9
2020-03-13 19:39 - 2020-03-14 20:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-03-12 19:54 - 2020-03-13 19:06 - 000000000 ____D C:\ProgramData\Citrix
2020-03-05 20:16 - 2020-03-05 20:16 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\WinRAR
2020-03-03 23:40 - 2020-03-04 00:07 - 000000000 ____D C:\zoek_backup
2020-03-03 23:23 - 2020-03-03 23:31 - 000000000 ____D C:\Users\MaClaud\AppData\LocalLow\IGDump
2020-03-03 23:22 - 2020-03-03 23:22 - 002038755 _____ C:\Users\MaClaud\Desktop\zoek.exe
2020-03-03 23:22 - 2020-03-03 23:22 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-03 23:22 - 2020-03-03 23:22 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-03 23:22 - 2020-03-03 23:22 - 000000000 ____D C:\Users\MaClaud\AppData\Local\mbamtray
2020-03-03 23:22 - 2020-03-03 23:22 - 000000000 ____D C:\Users\MaClaud\AppData\Local\mbam
2020-03-03 23:22 - 2020-03-03 23:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-03 23:21 - 2020-03-03 23:21 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2020-03-03 23:20 - 2020-03-03 23:20 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-03 23:12 - 2020-03-03 23:13 - 000000000 ____D C:\Users\MaClaud\AppData\Local\Windows Performance Analyzer
2020-03-03 23:12 - 2020-03-03 23:12 - 000000000 ____D C:\Users\MaClaud\Documents\WPA Files
2020-03-03 23:12 - 2020-03-03 23:12 - 000000000 ____D C:\SymCache
2020-03-03 23:10 - 2020-03-03 23:10 - 265289728 _____ C:\HighCPUUsage.etl
2020-03-03 23:10 - 2020-03-03 23:10 - 264241152 _____ C:\kernel.etl
2020-03-03 23:09 - 2020-03-03 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-24 23:32 - 2016-11-19 17:27 - 000000000 ____D C:\Users\MaClaud\AppData\LocalLow\Mozilla
2020-03-24 22:22 - 2014-07-06 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-24 22:21 - 2009-07-14 05:45 - 000023824 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-24 22:21 - 2009-07-14 05:45 - 000023824 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-24 22:20 - 2009-07-14 16:18 - 000675130 _____ C:\windows\system32\perfh005.dat
2020-03-24 22:20 - 2009-07-14 16:18 - 000144220 _____ C:\windows\system32\perfc005.dat
2020-03-24 22:20 - 2009-07-14 06:13 - 001601644 _____ C:\windows\system32\PerfStringBackup.INI
2020-03-24 22:20 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2020-03-24 22:15 - 2019-05-24 21:47 - 000003974 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{622E5186-25DA-42B1-92A5-EC41038EB5D6}
2020-03-24 22:11 - 2015-02-19 21:31 - 000000091 _____ C:\HaxLogs.txt
2020-03-24 22:11 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-03-23 23:06 - 2016-02-09 09:30 - 000000000 ____D C:\Users\MaClaud\AppData\Local\SafeInCloud
2020-03-23 11:42 - 2012-01-21 10:17 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-03-20 20:44 - 2012-04-13 19:15 - 000003566 _____ C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA
2020-03-20 20:44 - 2012-04-13 19:15 - 000003294 _____ C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core
2020-03-20 12:05 - 2013-08-20 20:09 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2020-03-20 12:02 - 2018-03-19 18:51 - 000000000 ____D C:\Users\MaClaud\AppData\Local\QPST
2020-03-20 10:58 - 2013-01-05 11:51 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\TeamViewer
2020-03-20 10:57 - 2012-12-26 13:12 - 026985448 _____ (TeamViewer Germany GmbH) C:\Users\MaClaud\Desktop\TeamViewer_Setup.exe
2020-03-19 23:31 - 2019-08-27 21:12 - 000000122 _____ C:\windows\fdataGlobal
2020-03-19 22:59 - 2014-01-13 21:08 - 000000000 ____D C:\Program Files (x86)\Z3X
2020-03-19 22:29 - 2018-01-21 14:50 - 000000000 ____D C:\Users\MaClaud\AppData\Local\CrashDumps
2020-03-19 21:31 - 2012-04-13 19:16 - 000002426 _____ C:\Users\MaClaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 21:31 - 2012-04-13 19:16 - 000002389 _____ C:\Users\MaClaud\Desktop\Google Chrome.lnk
2020-03-18 18:47 - 2017-12-18 21:27 - 000000000 ____D C:\Users\MaClaud\AppData\Local\MOBILeditForensicExpress
2020-03-18 18:45 - 2017-12-18 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit Forensic Express
2020-03-17 20:34 - 2013-11-02 21:50 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\vlc
2020-03-14 20:16 - 2013-03-30 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-13 19:42 - 2012-01-21 03:53 - 000000000 ____D C:\Users\MaClaud
2020-03-12 19:54 - 2016-11-23 16:42 - 000000000 ____D C:\Users\MaClaud\AppData\Local\Citrix
2020-03-04 07:47 - 2015-12-25 19:12 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-03-04 00:04 - 2009-07-14 04:20 - 000000000 ___HD C:\windows\system32\GroupPolicy
2020-03-04 00:04 - 2009-07-14 04:20 - 000000000 ____D C:\windows\SysWOW64\GroupPolicy
2020-03-03 23:33 - 2020-02-21 23:08 - 000103140 _____ C:\wcrrds.pif
2020-03-03 23:33 - 2018-12-06 22:53 - 000000000 ____D C:\Program Files (x86)\Grt Dongle Qualcomm Tool
2020-03-03 23:21 - 2015-08-25 09:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-03 23:09 - 2015-08-30 19:09 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2020-03-03 23:07 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-02-23 22:35 - 2017-03-03 00:02 - 000003584 _____ C:\Users\MaClaud\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories ========

2017-04-25 22:11 - 2017-04-25 22:11 - 000000152 _____ () C:\Program Files (x86)\jvsgayah.txt
2018-02-11 12:10 - 2018-02-11 23:22 - 000000096 _____ () C:\Users\MaClaud\AppData\Roaming\version2.xml
2019-02-26 20:37 - 2019-03-10 20:08 - 000000016 _____ () C:\Users\MaClaud\AppData\Roaming\windows_e.cfg
2015-06-01 20:05 - 2018-05-11 23:49 - 000000600 _____ () C:\Users\MaClaud\AppData\Roaming\winscp.rnd
2017-03-03 00:02 - 2020-02-23 22:35 - 000003584 _____ () C:\Users\MaClaud\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-21 04:17 - 2012-01-21 04:17 - 000001263 _____ () C:\Users\MaClaud\AppData\Local\PDLSetup.20120121.041752.txt
2018-05-11 23:48 - 2019-07-18 18:43 - 000000128 _____ () C:\Users\MaClaud\AppData\Local\PUTTY.RND
2017-11-13 19:35 - 2017-11-13 19:35 - 000007605 _____ () C:\Users\MaClaud\AppData\Local\Resmon.ResmonCfg
2016-09-17 08:43 - 2016-09-17 08:43 - 000000192 _____ () C:\Users\MaClaud\AppData\Local\uts.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2020-03-23 12:13
==================== End of FRST.txt ========================

Re: Proces 25% CPU

Napsal: 25 bře 2020 10:15
od Rudy
Zdravím!
Jak je na tom váš oper. systém s legalitou?

Re: Proces 25% CPU

Napsal: 25 bře 2020 14:16
od MaClaud
Dobrý den,
aktualizace mi do poslední chvíle chodily bez problémů. Usuzuji, tedy že je vše v pořádku.

Re: Proces 25% CPU

Napsal: 25 bře 2020 14:50
od Rudy
Já se neptám na aktualizace (ty chodí i na cracknutém systému), ale na to, zda jste ten oper. systém koupil.

Re: Proces 25% CPU

Napsal: 25 bře 2020 21:30
od MaClaud
Dobrý den,
ntb jsme koupil s nainstalovanými win7 z druhé ruky. Upřímně jsem tohle neřešil. Pokud z logu vidíte že je win nějak "poléčený" berte prosím mojí žádost jako bezpředmětnou-

děkuji

Re: Proces 25% CPU

Napsal: 25 bře 2020 21:55
od Rudy
Spíše mne překvapuje, že je neinstalována verze Ultimate. Na běžných PC nebyla, jen jako korporátní na firemních PC. Pokud byl ten PC původně firemní, spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Proces 25% CPU

Napsal: 26 bře 2020 18:18
od MaClaud
Dobrý den,
děkuji - nevím zda se jedná o korporátní stroj, ale možné to je. prodávají jich měl tenkrát povícero...

LOg:
# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-26-2020
# Duration: 00:00:01
# OS: Windows 7 Ultimate
# Cleaned: 31
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\9D98824B
Deleted C:\ProgramData\CC7C0A8C

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50F4150A-48B2-417A-BE4C-C83F580FB904}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
Deleted HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{C376253E-9F86-4E7F-A447-79027644AC7E}C:\users\maclaud\appdata\roaming\baidu\baidunetdisk\baidunetdisk.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{AF73102A-B503-4C1C-904E-186FC2054BE4}C:\users\maclaud\appdata\roaming\baidu\baidunetdisk\baidunetdisk.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0837692C-E2B0-4E00-898E-D6BB348AE169}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{327CF42E-20D3-4E02-BE05-0EC67DFD9D11}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{61279DDF-33B3-45AB-B6C8-C6BD8F15694B}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{67321D41-C823-4278-ACDB-B102AF36B787}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7E91609A-8D21-4B11-A132-3A0F173BB4D8}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DA1328D1-6EBC-4CFC-8009-5FFFA531F03C}
Deleted HKLM\Software\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\DownloadProxy.EXE
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{50F4150A-48B2-417A-BE4C-C83F580FB904}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{6E1533F0-E0B5-465A-9F16-98FF0C76D493}
Deleted HKLM\Software\Wow6432Node\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Deleted HKLM\Software\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKLM\Software\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Deleted HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5962 octets] - [26/03/2020 18:12:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Proces 25% CPU

Napsal: 26 bře 2020 18:52
od Rudy
Dejte nové logy FRST+Addition.

Re: Proces 25% CPU

Napsal: 27 bře 2020 00:02
od MaClaud
Dekuji, logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-03-2020
Ran by MaClaud (administrator) on CALIBRA (ASUSTeK Computer Inc. N73SV) (26-03-2020 23:57:21)
Running from C:\Users\MaClaud\Desktop
Loaded Profiles: MaClaud (Available Profiles: MaClaud & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Electronic Team, Inc. -> Electronic Team, Inc.) C:\Program Files\Electronic Team\Flexihub\flexihub64.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Finger Power Technology Co., Ltd. -> ) C:\Users\MaClaud\AppData\Local\Kingosoft\Kingo Root\update_58142\bin\KingoSoftService.exe
(Fresco Logic Inc -> Fresco Logic) C:\Windows\System32\FLxHCIm.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Turbo Boost Technology Monitor -> Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(QUALCOMM, Inc.) [File not signed] C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11485800 2010-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2168424 2010-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FLxHCIm] => C:\windows\system32\FLxHCIm.exe [76472 2018-05-31] (Fresco Logic Inc -> Fresco Logic)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation) [File not signed]
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [2325504 2019-04-24] () [File not signed]
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [Google Update] => C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: D - D:\CDViewer.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: G - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {0f17170e-b6c5-11e8-8193-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {1a89cdc2-432d-11e8-b336-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {1c5d57a2-053c-11e8-8c84-005056c00008} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {227c2eeb-254d-11e9-bbc4-005056c00008} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\autorun.exe /auto
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {2d40703c-d021-11e2-b51a-74f06dbe6f9f} - G:\AutoRun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {37d9f32a-ab70-11e6-bbfb-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3a6d569f-c9cf-11e9-bc8e-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3a8be94d-2881-11e8-9c32-005056c00008} - H:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3ff212c1-17e9-11e5-a4ed-74f06dbe6f9f} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {47a97c14-33cc-11ea-b501-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {4c0b7178-a6f6-11e8-bf7c-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {4db7e7c0-43d3-11e1-a774-806e6f6e6963} - D:\InstAll.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {61a19f70-f90b-11e1-aa36-74f06dbe6f9f} - G:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6587f016-2a60-11ea-b538-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {695c2ab7-6793-11e9-a67d-005056c00008} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6d41ebb7-d328-11e9-83ce-005056c00008} - G:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f33-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f3a-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f5b-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f5f-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f65-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {73f0ae9a-1190-11e5-8534-74f06dbe6f9f} - G:\Startme.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {7ee5cd87-1ff6-11e6-9293-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {80c5adfa-431c-11e5-b090-005056c00008} - G:\LG_PC_Programs.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {9a231299-b3cd-11e9-a0d2-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {9cf5aa47-58f9-11e7-8dff-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {a4981f3d-db68-11e4-b6b2-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {a7a27c55-c025-11e7-b60e-005056c00008} - G:\autorun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {b234878a-a630-11e5-a126-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {ba30b0fb-e427-11e7-ade8-74f06dbe6f9f} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {bb099951-af22-11e6-b898-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {bfb2463a-6ba6-11ea-9890-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {d1c40b1e-db99-11e3-be29-74f06dbe6f9f} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {d7196ef6-8071-11e5-ae7f-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {df642bf1-097c-11ea-9b5a-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {e4095ae0-fd85-11e8-8a42-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {e4219ba4-de5c-11e3-b174-74f06dbe6f9f} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {eb3eac3b-6a8c-11ea-a708-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {f1df38be-4e45-11e5-9743-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {f1df38c4-4e45-11e5-9743-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2015-04-17]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-08-02] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs: , C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2018-03-16]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
AlternateShell:

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F61C5C-F0FF-4A58-9D9B-09A2E5678443} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660792 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2795DBAF-3CFA-42FE-BDA5-BAC71C6DB545} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core => C:\Users\MaClaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {42BDA739-E704-4D4E-B58E-43974ED6DF41} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660792 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F12801E-2A67-447B-A5FB-2E58BFBD0245} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [525104 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {569FE0DD-E93D-4094-B77E-30FE39A93607} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746800 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A7AAB9F-0700-4DF8-899F-007AEA78DF4A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1931064 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71304849-8570-4C27-9109-3AAF7DD615EE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA => C:\Users\MaClaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {8C3571BE-00E8-42C6-BE2C-AF1BC4411B85} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {983A7EB2-FAC1-421D-BCF1-EA59FC243078} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [1454080 2018-09-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A1FD4554-033D-4DBA-AF91-C2EEE878C830} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746800 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF5F4DFE-64D6-4D85-B6FD-3D77557A236A} - System32\Tasks\{32AF0D40-A55F-43E7-9339-FD2BB1BF6A0C} => C:\Windows\system32\pcalua.exe -a "E:\WMmobile soft\GarminSymbian\Garmin\GarminMobileXTforSymbianS603rdEdition_50050.exe" -d "E:\WMmobile soft\GarminSymbian\Garmin"
Task: {B5E407CF-E06F-457F-BAC8-804009CC5513} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\windows\ehome\ehrec.exe
Task: {BE3630D3-AE9E-40C3-922E-1A4701294773} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [969016 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8C36499-2C59-4710-AE75-7302BB6BD734} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1414726678-80063402-3466205120-1000 => C:\Users\MaClaud\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)
Task: {EB0E1621-0DBA-4C96-8D35-BDB55782909A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\windows\ehome\mcupdate.exe
Task: {F3CC6BB3-B68A-4C46-A40C-A1B65EB5FBDF} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2A2F8EC6-537B-4B41-AD19-33E93A923D4E}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{D3C56AF9-7B29-4B4D-979F-CE1142B157B0}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-1414726678-80063402-3466205120-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)

FireFox:
========
FF DefaultProfile: x40heix7.default
FF ProfilePath: C:\Users\MaClaud\AppData\Roaming\TomTom\HOME\Profiles\bf16q830.default [2020-03-04]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default [2020-03-26]
FF Notifications: Mozilla\Firefox\Profiles\x40heix7.default -> hxxps://calendar.google.com; hxxps://androidhost.ru
FF Extension: (Česká kontrola pravopisu (bez diakritiky)) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\cs2@dictionaries.addons.mozilla.org.xpi [2019-01-04]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-04]
FF Extension: (SafeInCloud Password Manager) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\info@safe-in-cloud.com.xpi [2019-06-10]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-03-14]
FF Extension: (uBlock Origin) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-13]
FF Extension: (No Name) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-03-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-11] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-11] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\\1.8.101.2154\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default [2020-03-26]
CHR Extension: (Prezentace) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-04]
CHR Extension: (Dokumenty) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-04]
CHR Extension: (Disk Google) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-04]
CHR Extension: (YouTube) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-04]
CHR Extension: (Maximize Flash) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\chihjmmmhbapnhemoopibkekbojilhge [2020-03-04]
CHR Extension: (Tabulky) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]
CHR Extension: (Google Kalendář) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-04]
CHR Extension: (Fullscreen Anything) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2020-03-04]
CHR Extension: (Gmail) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
StartMenuInternet: Google Chrome - C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (To-Read sites) - C:\Users\MaClaud\AppData\Roaming\Opera Software\Opera Stable\Extensions\ocjdcfknlmpoicmjpklcofjlpnegobbb [2013-09-13]
OPR Extension: (Adblock Plus) - C:\Users\MaClaud\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2013-09-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-10-07] (Apple Inc. -> Apple Inc.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 flexihub; C:\Program Files\Electronic Team\Flexihub\flexihub64.exe [6301216 2019-03-04] (Electronic Team, Inc. -> Electronic Team, Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [7643216 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 KingoSoftService; C:\Users\MaClaud\AppData\Local\Kingosoft\Kingo Root\update_58142\bin\checkupdate.exe [367584 2016-09-17] (Finger Power Technology Co., Ltd. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-12-28] (Even Balance, Inc. -> )
R2 qcmtusvc; C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [83456 2015-07-09] (QUALCOMM, Inc.) [File not signed]
R2 RapiMgr; C:\windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S2 SbieSvc; E:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (SANDBOXIE L.T.D -> Sandboxie Holdings, LLC)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-08-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [780328 2019-08-16] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.)
R3 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2011-11-13] (VMware, Inc.) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2011-11-13] () [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation -> Microsoft Corporation)
R2 WcesComm; C:\windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2548224 2019-10-22] (Sony) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [X]
S3 WsDrvInst; "E:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksdf; C:\windows\system32\drivers\aksdf.sys [389560 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\windows\system32\drivers\aksfridge.sys [487352 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R3 akshasp; C:\windows\System32\DRIVERS\akshasp.sys [69560 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R3 akshhl; C:\windows\System32\DRIVERS\akshhl.sys [68536 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R3 aksusb; C:\windows\System32\DRIVERS\aksusb.sys [313784 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R0 ambakdrv; C:\windows\System32\ambakdrv.sys [51120 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AmUStor; C:\windows\System32\drivers\AmUStor.SYS [44032 2010-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Alcor Micro, Corp.)
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AndnetBus; C:\windows\System32\DRIVERS\lgandnetbus64.sys [30208 2016-08-31] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AVEO; C:\windows\System32\DRIVERS\AVEOdcnt.sys [237056 2010-03-24] (Aveo Technology Corp. -> AVEO Corp)
S3 BTCFilterService; C:\windows\System32\DRIVERS\motfilt.sys [6144 2013-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc)
R3 cbrtfltr; C:\windows\System32\DRIVERS\cbrtfltr.sys [173248 2020-02-05] (Cellebrite Mobile Synchronization -> Cellebrite Mobile Synchronization)
S3 Ctxusbr; C:\windows\System32\DRIVERS\ctxusbr.sys [77488 2016-09-05] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [135520 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 diagswitchdrv; C:\Windows\SysWOW64\DRIVERS\diagswitchdrv.sys [117888 2014-08-17] (Huawei Technologies Co., Ltd.) [File not signed]
R3 DroidCam; C:\windows\System32\DRIVERS\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\windows\System32\DRIVERS\droidcamvideo.sys [229432 2015-05-24] (DEV47 APPS -> Dev47Apps)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-21] (DT Soft Ltd -> DT Soft Ltd)
R3 easyjtag; C:\windows\System32\DRIVERS\easyjtag_x64.sys [65024 2011-05-06] (Z3X EasyJTAG -> )
S3 eGateUSB; C:\windows\System32\Drivers\eGateUSB.sys [98816 2007-05-09] (Gemalto) [File not signed]
S3 EloMTApr; C:\windows\System32\DRIVERS\EloMTApr.sys [232960 2017-05-18] (Elo Touch Solutions, Inc. -> )
S3 EloMTSer; C:\windows\System32\DRIVERS\EloMTSer.sys [122368 2017-05-18] (Elo Touch Solutions, Inc. -> )
S3 EloMTUsb; C:\windows\System32\DRIVERS\EloMTUsb.sys [183808 2017-05-18] (Elo Touch Solutions, Inc. -> )
R3 ELTIMA_USB_HUB_FILTER; C:\windows\System32\drivers\fusbhub.sys [130560 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [129024 2010-09-08] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
R3 eustub; C:\windows\System32\DRIVERS\eusbstub.sys [39424 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 evserial9; C:\windows\System32\DRIVERS\evserial9.sys [40448 2018-04-05] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbccgpfilter; C:\Windows\SysWOW64\DRIVERS\ew_usbccgpfilter.sys [19200 2016-03-29] (Huawei Technologies Co., Ltd.) [File not signed]
R1 Ext2Fsd; C:\windows\System32\DRIVERS\Ext2Fsd.sys [799744 2017-04-02] (Kasherlab Technology Inc. -> www.ext2fsd.com)
R3 FLxHCIh; C:\windows\System32\DRIVERS\FLxHCIh.sys [146336 2018-05-31] (Fresco Logic Inc -> Fresco Logic)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [File not signed]
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [129448 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\windows\System32\drivers\ftser2k.sys [86376 2020-02-05] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 ggsomc; C:\windows\System32\DRIVERS\ggsomc.sys [32384 2018-02-05] (Sony Mobile Communications AB -> Sony Mobile Communications)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [1970104 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 HSPL_usbvcom; C:\windows\System32\DRIVERS\hw_usbvcom.sys [221824 2015-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HSPL_usbvcom; C:\Windows\SysWOW64\DRIVERS\hw_usbvcom.sys [221824 2015-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HTCAND64; C:\windows\System32\Drivers\ANDROIDUSB.sys [31744 2015-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
S3 htcnprot; C:\windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 htcusbnet; C:\windows\System32\DRIVERS\htcusbnet.sys [154624 2011-08-04] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 HtcVCom32; C:\windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\Windows\SysWOW64\DRIVERS\hw_quusbmdm.sys [226560 2016-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSetProLine; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSetProLine; C:\Windows\SysWOW64\DRIVERS\hw_quusbmdm.sys [226560 2016-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\windows\System32\DRIVERS\hw_cdcacm.sys [127360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_ctrlfakedev; C:\windows\System32\DRIVERS\hw_ctrlfakedev.sys [115712 2015-03-10] (Huawei Technologies Co., Ltd.) [File not signed]
S3 hw_ctrlfakedev; C:\Windows\SysWOW64\DRIVERS\hw_ctrlfakedev.sys [115712 2015-03-10] (Huawei Technologies Co., Ltd.) [File not signed]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [165504 2016-12-23] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-21] (ASUSTeK Computer Inc. -> )
S3 libusb0; C:\windows\System32\DRIVERS\libusb0.sys [62048 2014-06-19] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 lusbcbrt; C:\windows\System32\DRIVERS\lusbcbrt.sys [44224 2020-02-05] (Cellebrite Mobile Synchronization -> Cellebrite Mobile Synchronization)
S0 malqoorz; C:\Windows\SysWOW64\drivers\yahcdwms.sys [61440 2017-04-25] () [File not signed]
S3 massfilter_hs; C:\windows\System32\drivers\massfilter_hs.sys [11776 2010-10-20] (Microsoft Windows Hardware Compatibility Publisher -> HandSet Incorporated)
S3 motandroidusb; C:\windows\System32\Drivers\motoandroid.sys [32768 2013-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 motccgp; C:\windows\System32\DRIVERS\motccgp.sys [23552 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motmodem; C:\windows\System32\DRIVERS\motmodem.sys [31744 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 MotoSwitchService; C:\windows\System32\DRIVERS\motswch.sys [8832 2012-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 Motousbnet; C:\windows\System32\DRIVERS\Motousbnet.sys [27648 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motport; C:\windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motusbdevice; C:\windows\System32\DRIVERS\motusbdevice.sys [12288 2013-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc)
S3 nmwcd; C:\windows\System32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsucx64; C:\windows\System32\drivers\nmwcdnsucx64.sys [12800 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsux64; C:\windows\System32\drivers\nmwcdnsux64.sys [171008 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\DRIVERS\nvvhci.sys [58680 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 qcfilter; C:\windows\System32\DRIVERS\qcusbfilter.sys [40448 2015-07-09] (QUALCOMM Incorporated -> QUALCOMM Incorporated)
S3 qcusbser; C:\windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\windows\System32\DRIVERS\qcusbwwan.sys [516608 2015-07-09] (QUALCOMM Incorporated -> QUALCOMM Incorporated)
S3 R5BaseSmc; C:\windows\System32\DRIVERS\smccard.sys [23592 2014-01-13] (Feitian Technologies Co., Ltd. -> OEM)
S3 riffbox; C:\windows\System32\DRIVERS\riffbox64.sys [32768 2012-04-24] (Microsoft Windows -> Microsoft Corporation)
R3 RtlWlanu; C:\windows\System32\DRIVERS\rtwlanu.sys [7947192 2018-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 s0016bus; C:\windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mdfl; C:\windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mdm; C:\windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mgmt; C:\windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016nd5; C:\windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016obex; C:\windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016unic; C:\windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017bus; C:\windows\System32\DRIVERS\s0017bus.sys [113704 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mdfl; C:\windows\System32\DRIVERS\s0017mdfl.sys [19496 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mdm; C:\windows\System32\DRIVERS\s0017mdm.sys [152616 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mgmt; C:\windows\System32\DRIVERS\s0017mgmt.sys [133160 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017nd5; C:\windows\System32\DRIVERS\s0017nd5.sys [34856 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017obex; C:\windows\System32\DRIVERS\s0017obex.sys [128552 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017unic; C:\windows\System32\DRIVERS\s0017unic.sys [145960 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018bus; C:\windows\System32\DRIVERS\s1018bus.sys [113704 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdfl; C:\windows\System32\DRIVERS\s1018mdfl.sys [19496 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdm; C:\windows\System32\DRIVERS\s1018mdm.sys [153128 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mgmt; C:\windows\System32\DRIVERS\s1018mgmt.sys [133160 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018nd5; C:\windows\System32\DRIVERS\s1018nd5.sys [34856 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018obex; C:\windows\System32\DRIVERS\s1018obex.sys [128552 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018unic; C:\windows\System32\DRIVERS\s1018unic.sys [146472 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039bus; C:\windows\System32\DRIVERS\s1039bus.sys [127600 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdfl; C:\windows\System32\DRIVERS\s1039mdfl.sys [19568 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdm; C:\windows\System32\DRIVERS\s1039mdm.sys [161904 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\windows\System32\DRIVERS\s1039mgmt.sys [141424 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039nd5; C:\windows\System32\DRIVERS\s1039nd5.sys [34416 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\windows\System32\DRIVERS\s1039obex.sys [137328 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\windows\System32\DRIVERS\s1039unic.sys [158320 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 SbieDrv; E:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (SANDBOXIE L.T.D -> Sandboxie Holdings, LLC)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2018-12-09] (Macrovision Europe Ltd) [File not signed]
R3 seehcri; C:\windows\System32\DRIVERS\seehcri.sys [34032 2012-07-24] (Sony Ericsson Mobile Communications AB -> Sony Ericsson Mobile Communications)
S3 Ser2pl; C:\windows\System32\DRIVERS\ser2pl64.sys [160256 2013-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 smhwdev; C:\windows\System32\DRIVERS\smhwdev.sys [114432 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 smhwser; C:\windows\System32\DRIVERS\smhwser.sys [122624 2012-07-24] (QUALCOMM Incorporated) [File not signed]
S0 soesbn; C:\Windows\SysWOW64\drivers\vevk.sys [61440 2017-04-25] () [File not signed]
S3 sprdvcom; C:\windows\System32\DRIVERS\sprdvcom.sys [28160 2015-03-04] (Microsoft Corporation -> SPRD Device)
R3 ssudmdm; C:\windows\System32\DRIVERS\ssudmdm.sys [166752 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\windows\System32\DRIVERS\ssudserd.sys [166752 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 token; C:\windows\System32\DRIVERS\eps2kt1.sys [43432 2014-01-13] (Feitian Technologies Co., Ltd. -> OEM)
R2 TurboB; C:\windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] (Intel(R) Turbo Boost Technology Monitor -> )
S3 UFS2XX; C:\windows\System32\drivers\UFS2XX.sys [82528 2013-08-19] (UAB ”DIGITEKA” -> FTDI Ltd.)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbbus; C:\windows\System32\DRIVERS\lgx64bus.sys [17920 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbDiag; C:\windows\System32\DRIVERS\lgx64diag.sys [28160 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 USBModem; C:\windows\System32\DRIVERS\lgx64modem.sys [34816 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 usbrndis6; C:\windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\usbser.sys [33280 2013-08-28] (Microsoft Windows -> Microsoft Corporation)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 VSBC9; C:\windows\System32\DRIVERS\evsbc9.sys [127488 2018-04-05] (Element 5 Limited Liability Company -> ELTIMA Software)
R3 vuhub; C:\windows\System32\DRIVERS\vuhub.sys [156160 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdf_usb; C:\windows\System32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
R3 wdkmd; C:\windows\System32\DRIVERS\WDKMD.sys [39832 2010-06-18] (Wireless Display -> Intel Corporation)
S3 wdm_usb; C:\windows\System32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
S3 zghsdiag; C:\windows\System32\DRIVERS\zghsdiag.sys [129432 2011-07-07] (ZTE CORPORATION -> ZTE Incorporated)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 DIRECTIORM; \??\E:\Program Files\RAMMon\DirectIo64.sys [X]
S3 EloBus; system32\DRIVERS\EloBus.sys [X]
S3 EloSer; system32\DRIVERS\EloSerG2.sys [X]
U5 hw_usbdev; C:\Windows\SysWOW64\Drivers\hw_usbdev.sys [116864 2011-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
U4 npcap_wifi; no ImagePath
S3 qcusbnet; system32\DRIVERS\qcusbnet.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vzandnetadb; System32\Drivers\lgvzandnetadb.sys [X]
S1 xcbdplvu; \??\C:\windows\system32\drivers\xcbdplvu.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-26 23:57 - 2020-03-26 23:57 - 000000000 ____D C:\Users\MaClaud\Desktop\FRST-OlderVersion
2020-03-26 23:16 - 2020-03-26 23:16 - 000000000 ____H C:\windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2020-03-26 23:09 - 2020-03-26 23:09 - 000000000 ____D C:\windows\LastGood
2020-03-25 22:43 - 2020-03-25 22:43 - 000000000 ____D C:\Users\MaClaud\AppData\Local\SafeNet Sentinel
2020-03-25 22:42 - 2020-03-26 23:30 - 000000000 ____D C:\Users\MaClaud\AppData\Local\My UFED Extractions
2020-03-25 22:42 - 2020-03-25 22:42 - 000000000 ____D C:\Users\MaClaud\AppData\Local\Cellebrite_Mobile_Synchro
2020-03-25 22:35 - 2020-02-05 14:24 - 000044224 _____ (Cellebrite Mobile Synchronization) C:\windows\system32\Drivers\lusbcbrt.sys
2020-03-25 22:33 - 2020-02-05 14:24 - 000173248 _____ (Cellebrite Mobile Synchronization) C:\windows\system32\Drivers\cbrtfltr.sys
2020-03-25 22:32 - 2020-03-25 22:33 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4
2020-03-25 22:32 - 2020-03-25 22:33 - 000000000 ____D C:\Program Files\X Codec Pack
2020-03-25 22:32 - 2020-03-25 22:32 - 000001437 _____ C:\Users\Public\Desktop\UFED 4PC.lnk
2020-03-25 22:32 - 2020-03-25 22:32 - 000001437 _____ C:\ProgramData\Desktop\UFED 4PC.lnk
2020-03-25 22:32 - 2020-03-25 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cellebrite Mobile Synchronization
2020-03-25 22:32 - 2020-02-05 14:24 - 000086376 _____ (FTDI Ltd.) C:\windows\system32\Drivers\ftser2k.sys
2020-03-25 22:32 - 2020-02-05 14:24 - 000065896 _____ (FTDI Ltd.) C:\windows\system32\ftcserco.dll
2020-03-25 22:32 - 2020-02-05 14:24 - 000056168 _____ (FTDI Ltd.) C:\windows\system32\ftserui2.dll
2020-03-25 22:29 - 2020-03-25 22:29 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2020-03-25 22:29 - 2020-03-25 22:29 - 000000000 ____D C:\Program Files (x86)\Cellebrite Mobile Synchronization
2020-03-25 22:29 - 2020-03-25 22:29 - 000000000 ____D C:\Program Files (x86)\Cellebrite
2020-03-25 22:29 - 2019-04-29 08:17 - 007643216 _____ (SafeNet, Inc.) C:\windows\system32\hasplms.exe
2020-03-25 22:29 - 2019-04-29 08:17 - 007643216 _____ (SafeNet, Inc.) C:\windows\system32\aksllmtp.exe
2020-03-25 22:29 - 2019-04-29 08:17 - 003734096 _____ (SafeNet, Inc.) C:\windows\system32\hasplmv.exe
2020-03-25 22:29 - 2019-04-29 08:17 - 001970104 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\hardlock.sys
2020-03-25 22:29 - 2019-04-29 08:17 - 000487352 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\aksfridge.sys
2020-03-25 22:29 - 2019-04-29 08:17 - 000389560 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\aksdf.sys
2020-03-25 22:29 - 2019-04-29 08:17 - 000313784 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\aksusb.sys
2020-03-25 22:29 - 2019-04-29 08:17 - 000279992 _____ (SafeNet, Inc.) C:\windows\system32\akshhl33.dll
2020-03-25 22:29 - 2019-04-29 08:17 - 000206800 _____ (Aladdin Knowledge Systems Ltd.) C:\windows\SysWOW64\hlvdd.dll
2020-03-25 22:29 - 2019-04-29 08:17 - 000085944 _____ (SafeNet, Inc.) C:\windows\system32\aksusb5.dll
2020-03-25 22:29 - 2019-04-29 08:17 - 000074680 _____ (SafeNet, Inc.) C:\windows\system32\akshsp53.dll
2020-03-25 22:29 - 2019-04-29 08:17 - 000069560 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\akshasp.sys
2020-03-25 22:29 - 2019-04-29 08:17 - 000068536 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\akshhl.sys
2020-03-25 22:29 - 2019-04-29 08:17 - 000031160 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\aksclass.sys
2020-03-25 14:37 - 2020-03-25 14:37 - 000000000 ____D C:\Users\MaClaud\Desktop\backup
2020-03-25 14:24 - 2020-03-25 14:24 - 000226617 _____ C:\Users\MaClaud\Desktop\UnlockerPortable MajorGeeks.zip
2020-03-25 14:24 - 2020-03-25 14:24 - 000000000 ____D C:\Users\MaClaud\Desktop\UnlockerPortable
2020-03-24 23:43 - 2020-03-24 23:43 - 000033472 _____ C:\Users\MaClaud\Desktop\Addition.zip
2020-03-24 23:36 - 2020-03-24 23:37 - 000130207 _____ C:\Users\MaClaud\Desktop\Addition.txt
2020-03-24 23:35 - 2020-03-26 23:57 - 000053107 _____ C:\Users\MaClaud\Desktop\FRST.txt
2020-03-24 23:34 - 2020-03-26 23:57 - 002279936 _____ (Farbar) C:\Users\MaClaud\Desktop\FRST64.exe
2020-03-24 23:34 - 2020-03-26 23:57 - 000000000 ____D C:\FRST
2020-03-20 12:05 - 2020-03-20 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QPST
2020-03-18 18:45 - 2020-03-18 18:45 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-16 18:36 - 2020-03-16 18:36 - 000000000 ____D C:\Users\MaClaud\AppData\Local\GHISLER
2020-03-14 20:18 - 2020-03-14 20:18 - 000103140 __RSH C:\dnfl.exe
2020-03-13 19:42 - 2020-03-13 19:42 - 000000717 _____ C:\Users\Public\Desktop\Halabtech Tool_v0.9.lnk
2020-03-13 19:42 - 2020-03-13 19:42 - 000000717 _____ C:\ProgramData\Desktop\Halabtech Tool_v0.9.lnk
2020-03-13 19:42 - 2020-03-13 19:42 - 000000000 ____D C:\Users\MaClaud\AppData\Local\SkinSoft
2020-03-13 19:42 - 2020-03-13 19:42 - 000000000 ____D C:\Users\MaClaud\.android
2020-03-13 19:42 - 2020-03-13 19:42 - 000000000 ____D C:\Halabtech_Tool_V0.9
2020-03-13 19:39 - 2020-03-14 20:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-03-12 19:54 - 2020-03-13 19:06 - 000000000 ____D C:\ProgramData\Citrix
2020-03-05 20:16 - 2020-03-05 20:16 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\WinRAR
2020-03-03 23:40 - 2020-03-25 22:27 - 000000000 ____D C:\zoek_backup
2020-03-03 23:23 - 2020-03-03 23:31 - 000000000 ____D C:\Users\MaClaud\AppData\LocalLow\IGDump
2020-03-03 23:22 - 2020-03-03 23:22 - 002038755 _____ C:\Users\MaClaud\Desktop\zoek.exe
2020-03-03 23:22 - 2020-03-03 23:22 - 000000000 ____D C:\Users\MaClaud\AppData\Local\mbamtray
2020-03-03 23:22 - 2020-03-03 23:22 - 000000000 ____D C:\Users\MaClaud\AppData\Local\mbam
2020-03-03 23:12 - 2020-03-03 23:13 - 000000000 ____D C:\Users\MaClaud\AppData\Local\Windows Performance Analyzer
2020-03-03 23:12 - 2020-03-03 23:12 - 000000000 ____D C:\Users\MaClaud\Documents\WPA Files
2020-03-03 23:12 - 2020-03-03 23:12 - 000000000 ____D C:\SymCache
2020-03-03 23:09 - 2020-03-03 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-26 23:57 - 2016-11-19 17:27 - 000000000 ____D C:\Users\MaClaud\AppData\LocalLow\Mozilla
2020-03-26 23:39 - 2019-05-24 21:47 - 000003974 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{622E5186-25DA-42B1-92A5-EC41038EB5D6}
2020-03-26 23:31 - 2014-01-13 21:08 - 000000000 ____D C:\Program Files (x86)\Z3X
2020-03-26 23:12 - 2009-07-14 16:18 - 000675130 _____ C:\windows\system32\perfh005.dat
2020-03-26 23:12 - 2009-07-14 16:18 - 000144220 _____ C:\windows\system32\perfc005.dat
2020-03-26 23:12 - 2009-07-14 06:13 - 001601644 _____ C:\windows\system32\PerfStringBackup.INI
2020-03-26 23:12 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2020-03-26 21:58 - 2014-07-06 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-26 21:56 - 2009-07-14 05:45 - 000023824 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-26 21:56 - 2009-07-14 05:45 - 000023824 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-26 21:48 - 2015-02-19 21:31 - 000000091 _____ C:\HaxLogs.txt
2020-03-26 21:48 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-03-26 18:19 - 2016-02-09 09:30 - 000000000 ____D C:\Users\MaClaud\AppData\Local\SafeInCloud
2020-03-26 18:12 - 2015-11-21 17:49 - 000000000 ____D C:\AdwCleaner
2020-03-25 22:42 - 2017-10-08 10:29 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\Cellebrite Mobile Synchronization
2020-03-25 22:33 - 2017-10-08 10:29 - 000000000 ____D C:\ProgramData\Cellebrite Mobile Synchronization
2020-03-25 22:29 - 2009-07-14 04:20 - 000000000 ____D C:\windows\system32\Setup
2020-03-25 22:24 - 2012-01-21 10:56 - 000000000 ____D C:\Program Files (x86)\IIS
2020-03-25 22:20 - 2015-08-25 09:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-25 14:41 - 2009-07-14 04:20 - 000000000 ____D C:\windows\servicing
2020-03-25 14:25 - 2009-07-14 16:36 - 000000000 ___RD C:\Users\Public\Recorded TV
2020-03-25 14:25 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-03-25 14:25 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Microsoft Games
2020-03-25 14:25 - 2009-07-14 04:20 - 000000000 ____D C:\windows\PolicyDefinitions
2020-03-23 11:42 - 2012-01-21 10:17 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-03-20 20:44 - 2012-04-13 19:15 - 000003566 _____ C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA
2020-03-20 20:44 - 2012-04-13 19:15 - 000003294 _____ C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core
2020-03-20 12:05 - 2013-08-20 20:09 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2020-03-20 12:02 - 2018-03-19 18:51 - 000000000 ____D C:\Users\MaClaud\AppData\Local\QPST
2020-03-20 10:58 - 2013-01-05 11:51 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\TeamViewer
2020-03-20 10:57 - 2012-12-26 13:12 - 026985448 _____ (TeamViewer Germany GmbH) C:\Users\MaClaud\Desktop\TeamViewer_Setup.exe
2020-03-19 23:31 - 2019-08-27 21:12 - 000000122 _____ C:\windows\fdataGlobal
2020-03-19 22:29 - 2018-01-21 14:50 - 000000000 ____D C:\Users\MaClaud\AppData\Local\CrashDumps
2020-03-19 21:31 - 2012-04-13 19:16 - 000002426 _____ C:\Users\MaClaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 21:31 - 2012-04-13 19:16 - 000002389 _____ C:\Users\MaClaud\Desktop\Google Chrome.lnk
2020-03-18 18:47 - 2017-12-18 21:27 - 000000000 ____D C:\Users\MaClaud\AppData\Local\MOBILeditForensicExpress
2020-03-18 18:45 - 2017-12-18 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit Forensic Express
2020-03-17 20:34 - 2013-11-02 21:50 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\vlc
2020-03-14 20:16 - 2013-03-30 11:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-13 19:42 - 2012-01-21 03:53 - 000000000 ____D C:\Users\MaClaud
2020-03-12 19:54 - 2016-11-23 16:42 - 000000000 ____D C:\Users\MaClaud\AppData\Local\Citrix
2020-03-04 07:47 - 2015-12-25 19:12 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-03-04 00:04 - 2009-07-14 04:20 - 000000000 ___HD C:\windows\system32\GroupPolicy
2020-03-04 00:04 - 2009-07-14 04:20 - 000000000 ____D C:\windows\SysWOW64\GroupPolicy
2020-03-03 23:33 - 2020-02-21 23:08 - 000103140 _____ C:\wcrrds.pif
2020-03-03 23:33 - 2018-12-06 22:53 - 000000000 ____D C:\Program Files (x86)\Grt Dongle Qualcomm Tool
2020-03-03 23:09 - 2015-08-30 19:09 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2020-03-03 23:07 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\MSBuild

==================== Files in the root of some directories ========

2017-04-25 22:11 - 2017-04-25 22:11 - 000000152 _____ () C:\Program Files (x86)\jvsgayah.txt
2018-02-11 12:10 - 2018-02-11 23:22 - 000000096 _____ () C:\Users\MaClaud\AppData\Roaming\version2.xml
2019-02-26 20:37 - 2019-03-10 20:08 - 000000016 _____ () C:\Users\MaClaud\AppData\Roaming\windows_e.cfg
2015-06-01 20:05 - 2018-05-11 23:49 - 000000600 _____ () C:\Users\MaClaud\AppData\Roaming\winscp.rnd
2017-03-03 00:02 - 2020-02-23 22:35 - 000003584 _____ () C:\Users\MaClaud\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-21 04:17 - 2012-01-21 04:17 - 000001263 _____ () C:\Users\MaClaud\AppData\Local\PDLSetup.20120121.041752.txt
2018-05-11 23:48 - 2019-07-18 18:43 - 000000128 _____ () C:\Users\MaClaud\AppData\Local\PUTTY.RND
2017-11-13 19:35 - 2017-11-13 19:35 - 000007605 _____ () C:\Users\MaClaud\AppData\Local\Resmon.ResmonCfg
2016-09-17 08:43 - 2016-09-17 08:43 - 000000192 _____ () C:\Users\MaClaud\AppData\Local\uts.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2020-03-23 12:13
==================== End of FRST.txt ========================

Re: Proces 25% CPU

Napsal: 27 bře 2020 10:43
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: D - D:\CDViewer.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: G - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {0f17170e-b6c5-11e8-8193-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {1a89cdc2-432d-11e8-b336-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {1c5d57a2-053c-11e8-8c84-005056c00008} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {227c2eeb-254d-11e9-bbc4-005056c00008} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\autorun.exe /auto
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {2d40703c-d021-11e2-b51a-74f06dbe6f9f} - G:\AutoRun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {37d9f32a-ab70-11e6-bbfb-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3a6d569f-c9cf-11e9-bc8e-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3a8be94d-2881-11e8-9c32-005056c00008} - H:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3ff212c1-17e9-11e5-a4ed-74f06dbe6f9f} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {47a97c14-33cc-11ea-b501-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {4c0b7178-a6f6-11e8-bf7c-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {4db7e7c0-43d3-11e1-a774-806e6f6e6963} - D:\InstAll.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {61a19f70-f90b-11e1-aa36-74f06dbe6f9f} - G:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6587f016-2a60-11ea-b538-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {695c2ab7-6793-11e9-a67d-005056c00008} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6d41ebb7-d328-11e9-83ce-005056c00008} - G:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f33-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f3a-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f5b-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f5f-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f65-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {73f0ae9a-1190-11e5-8534-74f06dbe6f9f} - G:\Startme.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {7ee5cd87-1ff6-11e6-9293-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {80c5adfa-431c-11e5-b090-005056c00008} - G:\LG_PC_Programs.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {9a231299-b3cd-11e9-a0d2-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {9cf5aa47-58f9-11e7-8dff-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {a4981f3d-db68-11e4-b6b2-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {a7a27c55-c025-11e7-b60e-005056c00008} - G:\autorun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {b234878a-a630-11e5-a126-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {ba30b0fb-e427-11e7-ade8-74f06dbe6f9f} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {bb099951-af22-11e6-b898-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {bfb2463a-6ba6-11ea-9890-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {d1c40b1e-db99-11e3-be29-74f06dbe6f9f} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {d7196ef6-8071-11e5-ae7f-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {df642bf1-097c-11ea-9b5a-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {e4095ae0-fd85-11e8-8a42-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {e4219ba4-de5c-11e3-b174-74f06dbe6f9f} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {eb3eac3b-6a8c-11ea-a708-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {f1df38be-4e45-11e5-9743-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {f1df38c4-4e45-11e5-9743-74f06dbe6f9f} - G:\Lenovo_Suite.exe
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
AlternateShell:
Task: {2795DBAF-3CFA-42FE-BDA5-BAC71C6DB545} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core => C:\Users\MaClaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {71304849-8570-4C27-9109-3AAF7DD615EE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA => C:\Users\MaClaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {AF5F4DFE-64D6-4D85-B6FD-3D77557A236A} - System32\Tasks\{32AF0D40-A55F-43E7-9339-FD2BB1BF6A0C} => C:\Windows\system32\pcalua.exe -a "E:\WMmobile soft\GarminSymbian\Garmin\GarminMobileXTforSymbianS603rdEdition_50050.exe" -d "E:\WMmobile soft\GarminSymbian\Garmin"
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U4 npcap_wifi; no ImagePath
C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA
C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core
C:\Users\MaClaud\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
AlternateDataStreams: C:\ProgramData\TEMP:2738F84D [161]
FirewallRules: [TCP Query User{E0622A34-B552-42BE-B02A-383DFB7E9BDB}E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe] => (Allow) E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe No File
FirewallRules: [UDP Query User{3E34B975-E7C8-489D-9313-19A28F9348CF}E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe] => (Allow) E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe No File
FirewallRules: [{90F8219D-C27D-4495-B286-BF2ED55FB577}] => (Allow) C:\Users\MaClaud\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe No File
FirewallRules: [{C7F28666-7C67-4EAD-9FB9-C1833310BF0F}] => (Allow) C:\Users\MaClaud\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe No File
FirewallRules: [TCP Query User{3590DE15-90FA-4027-AA0C-D21C6051B23E}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe No File
FirewallRules: [UDP Query User{FB185D0B-D52C-4ED5-9184-A94A2080A1DD}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe No File
FirewallRules: [{C5FE7218-950E-4576-B85B-C563116A5519}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe No File
FirewallRules: [{9A4B9AA1-10E1-432A-8E83-3A2D692CA470}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe No File
FirewallRules: [{39964606-C521-4409-A8DF-0E3E757875C9}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe No File
FirewallRules: [{DC7C02AD-E433-4D93-9C4E-B1B571854896}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe No File
FirewallRules: [{D0E10892-BBFC-4DA6-9789-F4659D4FA62C}] => (Allow) C:\Program Files\Opera x64\opera.exe No File
FirewallRules: [{63392551-2647-493B-8ED3-C76F438A5BD9}] => (Allow) C:\Program Files\Opera x64\opera.exe No File
FirewallRules: [TCP Query User{E58CB52E-6AA3-4BB1-A24D-820D4139C680}E:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) E:\program files (x86)\motorola\rsd lite\sdl.exe No File
FirewallRules: [UDP Query User{5CD62F4E-34B3-455E-A158-B88D404AEACA}E:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) E:\program files (x86)\motorola\rsd lite\sdl.exe No File
FirewallRules: [TCP Query User{A053AEEA-A396-4902-819C-E14E2F18C5FF}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe No File
FirewallRules: [UDP Query User{BB24652E-59A7-4D7F-8DC8-136A9F5BC1E6}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe No File
FirewallRules: [TCP Query User{17DE5FB0-2AA9-43FF-A9F3-B0405DC1B389}E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe] => (Allow) E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe No File
FirewallRules: [UDP Query User{663CA96F-CAE6-4DF7-B8B1-A74EF8B34451}E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe] => (Allow) E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe No File
FirewallRules: [TCP Query User{2CEF201F-543A-4FC3-836F-E84628DCBE53}E:\program files\android\android studio\bin\studio64.exe] => (Allow) E:\program files\android\android studio\bin\studio64.exe No File
FirewallRules: [UDP Query User{B5A37A6F-A169-4692-8AF4-ECC898821E64}E:\program files\android\android studio\bin\studio64.exe] => (Allow) E:\program files\android\android studio\bin\studio64.exe No File
FirewallRules: [{F9E818B6-FC6D-4233-B0B6-6189429F64AE}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{1DA16A50-5AE5-4E9D-B435-431BD14AA29D}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{7214E1CC-5B6A-434A-9D2B-3DC0713021F2}] => (Allow) E:\Program Files (x86)\Maxthon\Bin\Maxthon.exe No File
FirewallRules: [{4EDA8748-410B-47A9-9BEA-8CCAC5857278}] => (Allow) E:\Program Files (x86)\Maxthon\Bin\Maxthon.exe No File
FirewallRules: [{438C0BE2-2AB5-42B0-9D16-62BE5DC9CC89}] => (Allow) E:\Program Files (x86)\Maxthon\Bin\MxUp.exe No File
FirewallRules: [{2C2079B1-DB00-4A76-97D7-935BD8292C00}] => (Allow) E:\Program Files (x86)\Maxthon\Bin\MxUp.exe No File
FirewallRules: [{5F4F6301-274D-4C35-B27A-5E9646E604C0}] => (Allow) E:\Program Files (x86)\GOG.com\Unreal Tournament 2004\System\UT2004.exe No File
FirewallRules: [{2394CBAF-C7C3-4774-BC5D-0E60BFE6E170}] => (Allow) E:\Program Files (x86)\GOG.com\Unreal Tournament 2004\System\UT2004.exe No File
FirewallRules: [{BCA642A9-E9F8-4BDC-BF97-ABBE68D9AEB5}] => (Allow) E:\Program Files (x86)\Maxthon5\Bin\MxUp.exe No File
FirewallRules: [{F102D211-CA52-468B-8BEA-F8BA08DBA9F8}] => (Allow) E:\Program Files (x86)\Maxthon5\Bin\MxUp.exe No File
FirewallRules: [{A25E86C4-55D2-4968-ABF9-5357F4286E97}] => (Allow) E:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe No File
FirewallRules: [{D7273040-0BF3-4431-8833-F27C5FF170A0}] => (Allow) E:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe No File
FirewallRules: [TCP Query User{7B69E75D-7386-4231-8450-1F9DA2169E9D}E:\compex\npfind.exe] => (Allow) E:\compex\npfind.exe No File
FirewallRules: [UDP Query User{2D74492E-9D01-4301-9BB3-8A4182751608}E:\compex\npfind.exe] => (Allow) E:\compex\npfind.exe No File
FirewallRules: [TCP Query User{2B1C3701-E869-478B-A7FC-BC35B24295E7}E:\compex\uconfig.exe] => (Allow) E:\compex\uconfig.exe No File
FirewallRules: [UDP Query User{A39C243F-01AA-4895-8747-0C8B673ABFB3}E:\compex\uconfig.exe] => (Allow) E:\compex\uconfig.exe No File
FirewallRules: [TCP Query User{F0B18698-B2FA-416C-8D4F-48549C5E65BA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [UDP Query User{F621348E-96C4-47F0-ABDE-1766EB92E7B8}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [{3F6F69A8-6ADC-431A-8CB4-26FA53EA11D9}] => (Allow) C:\Program Files\Bitdefender Home Scanner\hvasrv.exe No File
FirewallRules: [{69FE8CA3-6F3D-4961-8F30-8FF5C2ECC323}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe No File
FirewallRules: [{2EDB447A-E4F5-44B7-B734-1D0E3A3492C6}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe No File
FirewallRules: [TCP Query User{9AAB46A3-F873-4187-9803-A9726055B408}C:\xiaomi\xiaomiflash\xiaomiflash.exe] => (Allow) C:\xiaomi\xiaomiflash\xiaomiflash.exe No File
FirewallRules: [UDP Query User{B883713C-3167-480D-A0A8-E842C1A4231D}C:\xiaomi\xiaomiflash\xiaomiflash.exe] => (Allow) C:\xiaomi\xiaomiflash\xiaomiflash.exe No File
FirewallRules: [{972E5496-68E5-453A-91B7-3E1BFF0C3255}] => (Block) C:\xiaomi\xiaomiflash\xiaomiflash.exe No File
FirewallRules: [{86F6B110-F3CF-41BC-ABB2-107616F9FA7C}] => (Block) C:\xiaomi\xiaomiflash\xiaomiflash.exe No File
FirewallRules: [TCP Query User{EAB362EB-EAA6-4383-B5E9-78BD4CD9694E}E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe] => (Allow) E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe No File
FirewallRules: [UDP Query User{88803B66-614F-470D-B3A4-5E8F399A28CD}E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe] => (Allow) E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe No File
FirewallRules: [{304FEF58-E688-4CFE-8163-AF0F6BC27DDE}] => (Block) E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe No File
FirewallRules: [{F96BB533-44C9-46BD-80EC-DDC858B93F7C}] => (Block) E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe No File
FirewallRules: [TCP Query User{551DFBB6-482A-4653-A210-1321968BCEA9}C:\ext2explorer\ext2explore.exe] => (Allow) C:\ext2explorer\ext2explore.exe No File
FirewallRules: [UDP Query User{3924DAF6-25C0-40AC-BACD-5DD36149BD39}C:\ext2explorer\ext2explore.exe] => (Allow) C:\ext2explorer\ext2explore.exe No File
FirewallRules: [{28AF0703-B5FF-4390-813B-C206A8785234}] => (Block) C:\ext2explorer\ext2explore.exe No File
FirewallRules: [{1DA100E1-434B-44A7-A989-946271CEA733}] => (Block) C:\ext2explorer\ext2explore.exe No File
FirewallRules: [TCP Query User{0D525454-DDCD-4C55-8D94-4BD006FD00C9}E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe] => (Block) E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe No File
FirewallRules: [UDP Query User{E1B1F73C-AA49-4C3F-95DF-40B1E8D95554}E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe] => (Block) E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe No File
FirewallRules: [TCP Query User{1214E2E2-7763-427D-800B-C34379B342DD}E:\!!firmware\hcu_client\hcu (2).exe] => (Block) E:\!!firmware\hcu_client\hcu (2).exe No File
FirewallRules: [UDP Query User{071BBB23-9DD9-49B7-8F8A-38A339ADFDF7}E:\!!firmware\hcu_client\hcu (2).exe] => (Block) E:\!!firmware\hcu_client\hcu (2).exe No File
FirewallRules: [TCP Query User{34D2D096-7283-4954-8C59-D0E5B60F54F5}E:\!!firmware\hcu_client\hcu_322\hcu.exe] => (Allow) E:\!!firmware\hcu_client\hcu_322\hcu.exe No File
FirewallRules: [UDP Query User{F1D11559-D7A7-4BC7-9A14-D98E128AC629}E:\!!firmware\hcu_client\hcu_322\hcu.exe] => (Allow) E:\!!firmware\hcu_client\hcu_322\hcu.exe No File
FirewallRules: [TCP Query User{CB20BC64-9CFB-41A2-BE53-C96AE0F27AA4}E:\!!firmware\pixel\aadb.exe] => (Block) E:\!!firmware\pixel\aadb.exe No File
FirewallRules: [UDP Query User{A3806397-67B2-452D-8885-0D59B07ECF31}E:\!!firmware\pixel\aadb.exe] => (Block) E:\!!firmware\pixel\aadb.exe No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Proces 25% CPU

Napsal: 30 bře 2020 09:57
od MaClaud
Dobrý den,
dekuji log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by MaClaud (30-03-2020 10:55:39) Run:1
Running from C:\Users\MaClaud\Desktop
Loaded Profiles: MaClaud (Available Profiles: MaClaud & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: D - D:\CDViewer.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: G - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {0f17170e-b6c5-11e8-8193-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {1a89cdc2-432d-11e8-b336-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {1c5d57a2-053c-11e8-8c84-005056c00008} - H:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {227c2eeb-254d-11e9-bbc4-005056c00008} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\autorun.exe /auto
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {2d40703c-d021-11e2-b51a-74f06dbe6f9f} - G:\AutoRun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {37d9f32a-ab70-11e6-bbfb-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3a6d569f-c9cf-11e9-bc8e-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3a8be94d-2881-11e8-9c32-005056c00008} - H:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {3ff212c1-17e9-11e5-a4ed-74f06dbe6f9f} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {47a97c14-33cc-11ea-b501-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {4c0b7178-a6f6-11e8-bf7c-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {4db7e7c0-43d3-11e1-a774-806e6f6e6963} - D:\InstAll.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {61a19f70-f90b-11e1-aa36-74f06dbe6f9f} - G:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6587f016-2a60-11ea-b538-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {695c2ab7-6793-11e9-a67d-005056c00008} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6d41ebb7-d328-11e9-83ce-005056c00008} - G:\Setup.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f33-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f3a-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f5b-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f5f-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {6f554f65-3e22-11e8-b339-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {73f0ae9a-1190-11e5-8534-74f06dbe6f9f} - G:\Startme.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {7ee5cd87-1ff6-11e6-9293-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {80c5adfa-431c-11e5-b090-005056c00008} - G:\LG_PC_Programs.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {9a231299-b3cd-11e9-a0d2-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {9cf5aa47-58f9-11e7-8dff-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {a4981f3d-db68-11e4-b6b2-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {a7a27c55-c025-11e7-b60e-005056c00008} - G:\autorun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {b234878a-a630-11e5-a126-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {ba30b0fb-e427-11e7-ade8-74f06dbe6f9f} - G:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {bb099951-af22-11e6-b898-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {bfb2463a-6ba6-11ea-9890-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {d1c40b1e-db99-11e3-be29-74f06dbe6f9f} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {d7196ef6-8071-11e5-ae7f-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {df642bf1-097c-11ea-9b5a-005056c00008} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {e4095ae0-fd85-11e8-8a42-74f06dbe6f9f} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {e4219ba4-de5c-11e3-b174-74f06dbe6f9f} - G:\MotoCastSetup.exe -a
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {eb3eac3b-6a8c-11ea-a708-74f06dbe6f9f} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {f1df38be-4e45-11e5-9743-74f06dbe6f9f} - G:\Lenovo_Suite.exe
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\MountPoints2: {f1df38c4-4e45-11e5-9743-74f06dbe6f9f} - G:\Lenovo_Suite.exe
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
AlternateShell:
Task: {2795DBAF-3CFA-42FE-BDA5-BAC71C6DB545} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core => C:\Users\MaClaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {71304849-8570-4C27-9109-3AAF7DD615EE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA => C:\Users\MaClaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {AF5F4DFE-64D6-4D85-B6FD-3D77557A236A} - System32\Tasks\{32AF0D40-A55F-43E7-9339-FD2BB1BF6A0C} => C:\Windows\system32\pcalua.exe -a "E:\WMmobile soft\GarminSymbian\Garmin\GarminMobileXTforSymbianS603rdEdition_50050.exe" -d "E:\WMmobile soft\GarminSymbian\Garmin"
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U4 npcap_wifi; no ImagePath
C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA
C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core
C:\Users\MaClaud\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll -> No File
AlternateDataStreams: C:\ProgramData\TEMP:2738F84D [161]
FirewallRules: [TCP Query User{E0622A34-B552-42BE-B02A-383DFB7E9BDB}E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe] => (Allow) E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe No File
FirewallRules: [UDP Query User{3E34B975-E7C8-489D-9313-19A28F9348CF}E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe] => (Allow) E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe No File
FirewallRules: [{90F8219D-C27D-4495-B286-BF2ED55FB577}] => (Allow) C:\Users\MaClaud\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe No File
FirewallRules: [{C7F28666-7C67-4EAD-9FB9-C1833310BF0F}] => (Allow) C:\Users\MaClaud\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe No File
FirewallRules: [TCP Query User{3590DE15-90FA-4027-AA0C-D21C6051B23E}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe No File
FirewallRules: [UDP Query User{FB185D0B-D52C-4ED5-9184-A94A2080A1DD}C:\program files (x86)\connectify\connectify.exe] => (Allow) C:\program files (x86)\connectify\connectify.exe No File
FirewallRules: [{C5FE7218-950E-4576-B85B-C563116A5519}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe No File
FirewallRules: [{9A4B9AA1-10E1-432A-8E83-3A2D692CA470}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper.exe No File
FirewallRules: [{39964606-C521-4409-A8DF-0E3E757875C9}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe No File
FirewallRules: [{DC7C02AD-E433-4D93-9C4E-B1B571854896}] => (Allow) C:\Program Files\Opera x64\pluginwrapper\opera_plugin_wrapper_32.exe No File
FirewallRules: [{D0E10892-BBFC-4DA6-9789-F4659D4FA62C}] => (Allow) C:\Program Files\Opera x64\opera.exe No File
FirewallRules: [{63392551-2647-493B-8ED3-C76F438A5BD9}] => (Allow) C:\Program Files\Opera x64\opera.exe No File
FirewallRules: [TCP Query User{E58CB52E-6AA3-4BB1-A24D-820D4139C680}E:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) E:\program files (x86)\motorola\rsd lite\sdl.exe No File
FirewallRules: [UDP Query User{5CD62F4E-34B3-455E-A158-B88D404AEACA}E:\program files (x86)\motorola\rsd lite\sdl.exe] => (Allow) E:\program files (x86)\motorola\rsd lite\sdl.exe No File
FirewallRules: [TCP Query User{A053AEEA-A396-4902-819C-E14E2F18C5FF}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe No File
FirewallRules: [UDP Query User{BB24652E-59A7-4D7F-8DC8-136A9F5BC1E6}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe No File
FirewallRules: [TCP Query User{17DE5FB0-2AA9-43FF-A9F3-B0405DC1B389}E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe] => (Allow) E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe No File
FirewallRules: [UDP Query User{663CA96F-CAE6-4DF7-B8B1-A74EF8B34451}E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe] => (Allow) E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe No File
FirewallRules: [TCP Query User{2CEF201F-543A-4FC3-836F-E84628DCBE53}E:\program files\android\android studio\bin\studio64.exe] => (Allow) E:\program files\android\android studio\bin\studio64.exe No File
FirewallRules: [UDP Query User{B5A37A6F-A169-4692-8AF4-ECC898821E64}E:\program files\android\android studio\bin\studio64.exe] => (Allow) E:\program files\android\android studio\bin\studio64.exe No File
FirewallRules: [{F9E818B6-FC6D-4233-B0B6-6189429F64AE}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{1DA16A50-5AE5-4E9D-B435-431BD14AA29D}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{7214E1CC-5B6A-434A-9D2B-3DC0713021F2}] => (Allow) E:\Program Files (x86)\Maxthon\Bin\Maxthon.exe No File
FirewallRules: [{4EDA8748-410B-47A9-9BEA-8CCAC5857278}] => (Allow) E:\Program Files (x86)\Maxthon\Bin\Maxthon.exe No File
FirewallRules: [{438C0BE2-2AB5-42B0-9D16-62BE5DC9CC89}] => (Allow) E:\Program Files (x86)\Maxthon\Bin\MxUp.exe No File
FirewallRules: [{2C2079B1-DB00-4A76-97D7-935BD8292C00}] => (Allow) E:\Program Files (x86)\Maxthon\Bin\MxUp.exe No File
FirewallRules: [{5F4F6301-274D-4C35-B27A-5E9646E604C0}] => (Allow) E:\Program Files (x86)\GOG.com\Unreal Tournament 2004\System\UT2004.exe No File
FirewallRules: [{2394CBAF-C7C3-4774-BC5D-0E60BFE6E170}] => (Allow) E:\Program Files (x86)\GOG.com\Unreal Tournament 2004\System\UT2004.exe No File
FirewallRules: [{BCA642A9-E9F8-4BDC-BF97-ABBE68D9AEB5}] => (Allow) E:\Program Files (x86)\Maxthon5\Bin\MxUp.exe No File
FirewallRules: [{F102D211-CA52-468B-8BEA-F8BA08DBA9F8}] => (Allow) E:\Program Files (x86)\Maxthon5\Bin\MxUp.exe No File
FirewallRules: [{A25E86C4-55D2-4968-ABF9-5357F4286E97}] => (Allow) E:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe No File
FirewallRules: [{D7273040-0BF3-4431-8833-F27C5FF170A0}] => (Allow) E:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe No File
FirewallRules: [TCP Query User{7B69E75D-7386-4231-8450-1F9DA2169E9D}E:\compex\npfind.exe] => (Allow) E:\compex\npfind.exe No File
FirewallRules: [UDP Query User{2D74492E-9D01-4301-9BB3-8A4182751608}E:\compex\npfind.exe] => (Allow) E:\compex\npfind.exe No File
FirewallRules: [TCP Query User{2B1C3701-E869-478B-A7FC-BC35B24295E7}E:\compex\uconfig.exe] => (Allow) E:\compex\uconfig.exe No File
FirewallRules: [UDP Query User{A39C243F-01AA-4895-8747-0C8B673ABFB3}E:\compex\uconfig.exe] => (Allow) E:\compex\uconfig.exe No File
FirewallRules: [TCP Query User{F0B18698-B2FA-416C-8D4F-48549C5E65BA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [UDP Query User{F621348E-96C4-47F0-ABDE-1766EB92E7B8}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [{3F6F69A8-6ADC-431A-8CB4-26FA53EA11D9}] => (Allow) C:\Program Files\Bitdefender Home Scanner\hvasrv.exe No File
FirewallRules: [{69FE8CA3-6F3D-4961-8F30-8FF5C2ECC323}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe No File
FirewallRules: [{2EDB447A-E4F5-44B7-B734-1D0E3A3492C6}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe No File
FirewallRules: [TCP Query User{9AAB46A3-F873-4187-9803-A9726055B408}C:\xiaomi\xiaomiflash\xiaomiflash.exe] => (Allow) C:\xiaomi\xiaomiflash\xiaomiflash.exe No File
FirewallRules: [UDP Query User{B883713C-3167-480D-A0A8-E842C1A4231D}C:\xiaomi\xiaomiflash\xiaomiflash.exe] => (Allow) C:\xiaomi\xiaomiflash\xiaomiflash.exe No File
FirewallRules: [{972E5496-68E5-453A-91B7-3E1BFF0C3255}] => (Block) C:\xiaomi\xiaomiflash\xiaomiflash.exe No File
FirewallRules: [{86F6B110-F3CF-41BC-ABB2-107616F9FA7C}] => (Block) C:\xiaomi\xiaomiflash\xiaomiflash.exe No File
FirewallRules: [TCP Query User{EAB362EB-EAA6-4383-B5E9-78BD4CD9694E}E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe] => (Allow) E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe No File
FirewallRules: [UDP Query User{88803B66-614F-470D-B3A4-5E8F399A28CD}E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe] => (Allow) E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe No File
FirewallRules: [{304FEF58-E688-4CFE-8163-AF0F6BC27DDE}] => (Block) E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe No File
FirewallRules: [{F96BB533-44C9-46BD-80EC-DDC858B93F7C}] => (Block) E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe No File
FirewallRules: [TCP Query User{551DFBB6-482A-4653-A210-1321968BCEA9}C:\ext2explorer\ext2explore.exe] => (Allow) C:\ext2explorer\ext2explore.exe No File
FirewallRules: [UDP Query User{3924DAF6-25C0-40AC-BACD-5DD36149BD39}C:\ext2explorer\ext2explore.exe] => (Allow) C:\ext2explorer\ext2explore.exe No File
FirewallRules: [{28AF0703-B5FF-4390-813B-C206A8785234}] => (Block) C:\ext2explorer\ext2explore.exe No File
FirewallRules: [{1DA100E1-434B-44A7-A989-946271CEA733}] => (Block) C:\ext2explorer\ext2explore.exe No File
FirewallRules: [TCP Query User{0D525454-DDCD-4C55-8D94-4BD006FD00C9}E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe] => (Block) E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe No File
FirewallRules: [UDP Query User{E1B1F73C-AA49-4C3F-95DF-40B1E8D95554}E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe] => (Block) E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe No File
FirewallRules: [TCP Query User{1214E2E2-7763-427D-800B-C34379B342DD}E:\!!firmware\hcu_client\hcu (2).exe] => (Block) E:\!!firmware\hcu_client\hcu (2).exe No File
FirewallRules: [UDP Query User{071BBB23-9DD9-49B7-8F8A-38A339ADFDF7}E:\!!firmware\hcu_client\hcu (2).exe] => (Block) E:\!!firmware\hcu_client\hcu (2).exe No File
FirewallRules: [TCP Query User{34D2D096-7283-4954-8C59-D0E5B60F54F5}E:\!!firmware\hcu_client\hcu_322\hcu.exe] => (Allow) E:\!!firmware\hcu_client\hcu_322\hcu.exe No File
FirewallRules: [UDP Query User{F1D11559-D7A7-4BC7-9A14-D98E128AC629}E:\!!firmware\hcu_client\hcu_322\hcu.exe] => (Allow) E:\!!firmware\hcu_client\hcu_322\hcu.exe No File
FirewallRules: [TCP Query User{CB20BC64-9CFB-41A2-BE53-C96AE0F27AA4}E:\!!firmware\pixel\aadb.exe] => (Block) E:\!!firmware\pixel\aadb.exe No File
FirewallRules: [UDP Query User{A3806397-67B2-452D-8885-0D59B07ECF31}E:\!!firmware\pixel\aadb.exe] => (Block) E:\!!firmware\pixel\aadb.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0f17170e-b6c5-11e8-8193-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a89cdc2-432d-11e8-b336-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c5d57a2-053c-11e8-8c84-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{227c2eeb-254d-11e9-bbc4-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2d40703c-d021-11e2-b51a-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{37d9f32a-ab70-11e6-bbfb-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a6d569f-c9cf-11e9-bc8e-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3a8be94d-2881-11e8-9c32-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ff212c1-17e9-11e5-a4ed-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47a97c14-33cc-11ea-b501-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c0b7178-a6f6-11e8-bf7c-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4db7e7c0-43d3-11e1-a774-806e6f6e6963} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{61a19f70-f90b-11e1-aa36-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6587f016-2a60-11ea-b538-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{695c2ab7-6793-11e9-a67d-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d41ebb7-d328-11e9-83ce-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f554f33-3e22-11e8-b339-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f554f3a-3e22-11e8-b339-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f554f5b-3e22-11e8-b339-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f554f5f-3e22-11e8-b339-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f554f65-3e22-11e8-b339-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73f0ae9a-1190-11e5-8534-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7ee5cd87-1ff6-11e6-9293-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80c5adfa-431c-11e5-b090-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9a231299-b3cd-11e9-a0d2-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9cf5aa47-58f9-11e7-8dff-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4981f3d-db68-11e4-b6b2-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a7a27c55-c025-11e7-b60e-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b234878a-a630-11e5-a126-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba30b0fb-e427-11e7-ade8-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb099951-af22-11e6-b898-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb2463a-6ba6-11ea-9890-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1c40b1e-db99-11e3-be29-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7196ef6-8071-11e5-ae7f-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df642bf1-097c-11ea-9b5a-005056c00008} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4095ae0-fd85-11e8-8a42-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4219ba4-de5c-11e3-b174-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb3eac3b-6a8c-11ea-a708-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1df38be-4e45-11e5-9743-74f06dbe6f9f} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1df38c4-4e45-11e5-9743-74f06dbe6f9f} => removed successfully
"C:\Program Files\MediaTek\SP Driver\SPDriverInstall" => not found
HKLM\System\CurrentControlSet\Control\SafeBoot\\"AlternateShell"="cmd.exe" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2795DBAF-3CFA-42FE-BDA5-BAC71C6DB545}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2795DBAF-3CFA-42FE-BDA5-BAC71C6DB545}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71304849-8570-4C27-9109-3AAF7DD615EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71304849-8570-4C27-9109-3AAF7DD615EE}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF5F4DFE-64D6-4D85-B6FD-3D77557A236A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF5F4DFE-64D6-4D85-B6FD-3D77557A236A}" => removed successfully
C:\windows\System32\Tasks\{32AF0D40-A55F-43E7-9339-FD2BB1BF6A0C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32AF0D40-A55F-43E7-9339-FD2BB1BF6A0C}" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
"C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000UA" => not found
"C:\windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1414726678-80063402-3466205120-1000Core" => not found
C:\Users\MaClaud\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-1414726678-80063402-3466205120-1000_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu => removed successfully
C:\ProgramData\TEMP => ":2738F84D" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E0622A34-B552-42BE-B02A-383DFB7E9BDB}E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3E34B975-E7C8-489D-9313-19A28F9348CF}E:\program files (x86)\readon technology\readon tv movie radio player 7.5.0.0\internettv.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90F8219D-C27D-4495-B286-BF2ED55FB577}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7F28666-7C67-4EAD-9FB9-C1833310BF0F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3590DE15-90FA-4027-AA0C-D21C6051B23E}C:\program files (x86)\connectify\connectify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB185D0B-D52C-4ED5-9184-A94A2080A1DD}C:\program files (x86)\connectify\connectify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C5FE7218-950E-4576-B85B-C563116A5519}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A4B9AA1-10E1-432A-8E83-3A2D692CA470}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{39964606-C521-4409-A8DF-0E3E757875C9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC7C02AD-E433-4D93-9C4E-B1B571854896}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D0E10892-BBFC-4DA6-9789-F4659D4FA62C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63392551-2647-493B-8ED3-C76F438A5BD9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E58CB52E-6AA3-4BB1-A24D-820D4139C680}E:\program files (x86)\motorola\rsd lite\sdl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5CD62F4E-34B3-455E-A158-B88D404AEACA}E:\program files (x86)\motorola\rsd lite\sdl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A053AEEA-A396-4902-819C-E14E2F18C5FF}D:\easysetupassistant\easysetupassistant.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BB24652E-59A7-4D7F-8DC8-136A9F5BC1E6}D:\easysetupassistant\easysetupassistant.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{17DE5FB0-2AA9-43FF-A9F3-B0405DC1B389}E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{663CA96F-CAE6-4DF7-B8B1-A74EF8B34451}E:\program files (x86)\radiocomm\radiocomm v11.11.11\radiocomm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2CEF201F-543A-4FC3-836F-E84628DCBE53}E:\program files\android\android studio\bin\studio64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B5A37A6F-A169-4692-8AF4-ECC898821E64}E:\program files\android\android studio\bin\studio64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9E818B6-FC6D-4233-B0B6-6189429F64AE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DA16A50-5AE5-4E9D-B435-431BD14AA29D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7214E1CC-5B6A-434A-9D2B-3DC0713021F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4EDA8748-410B-47A9-9BEA-8CCAC5857278}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{438C0BE2-2AB5-42B0-9D16-62BE5DC9CC89}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C2079B1-DB00-4A76-97D7-935BD8292C00}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F4F6301-274D-4C35-B27A-5E9646E604C0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2394CBAF-C7C3-4774-BC5D-0E60BFE6E170}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BCA642A9-E9F8-4BDC-BF97-ABBE68D9AEB5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F102D211-CA52-468B-8BEA-F8BA08DBA9F8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A25E86C4-55D2-4968-ABF9-5357F4286E97}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D7273040-0BF3-4431-8833-F27C5FF170A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7B69E75D-7386-4231-8450-1F9DA2169E9D}E:\compex\npfind.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2D74492E-9D01-4301-9BB3-8A4182751608}E:\compex\npfind.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2B1C3701-E869-478B-A7FC-BC35B24295E7}E:\compex\uconfig.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A39C243F-01AA-4895-8747-0C8B673ABFB3}E:\compex\uconfig.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F0B18698-B2FA-416C-8D4F-48549C5E65BA}C:\program files (x86)\kodi\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F621348E-96C4-47F0-ABDE-1766EB92E7B8}C:\program files (x86)\kodi\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F6F69A8-6ADC-431A-8CB4-26FA53EA11D9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69FE8CA3-6F3D-4961-8F30-8FF5C2ECC323}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2EDB447A-E4F5-44B7-B734-1D0E3A3492C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9AAB46A3-F873-4187-9803-A9726055B408}C:\xiaomi\xiaomiflash\xiaomiflash.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B883713C-3167-480D-A0A8-E842C1A4231D}C:\xiaomi\xiaomiflash\xiaomiflash.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{972E5496-68E5-453A-91B7-3E1BFF0C3255}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{86F6B110-F3CF-41BC-ABB2-107616F9FA7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EAB362EB-EAA6-4383-B5E9-78BD4CD9694E}E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{88803B66-614F-470D-B3A4-5E8F399A28CD}E:\!!firmware\octopusfrp_tool\install_octoplus_frp_1.3.7.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{304FEF58-E688-4CFE-8163-AF0F6BC27DDE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F96BB533-44C9-46BD-80EC-DDC858B93F7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{551DFBB6-482A-4653-A210-1321968BCEA9}C:\ext2explorer\ext2explore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3924DAF6-25C0-40AC-BACD-5DD36149BD39}C:\ext2explorer\ext2explore.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28AF0703-B5FF-4390-813B-C206A8785234}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DA100E1-434B-44A7-A989-946271CEA733}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0D525454-DDCD-4C55-8D94-4BD006FD00C9}E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E1B1F73C-AA49-4C3F-95DF-40B1E8D95554}E:\!!firmware\accesstoolkit\accesstoolkit\adb_files\adb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1214E2E2-7763-427D-800B-C34379B342DD}E:\!!firmware\hcu_client\hcu (2).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{071BBB23-9DD9-49B7-8F8A-38A339ADFDF7}E:\!!firmware\hcu_client\hcu (2).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{34D2D096-7283-4954-8C59-D0E5B60F54F5}E:\!!firmware\hcu_client\hcu_322\hcu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F1D11559-D7A7-4BC7-9A14-D98E128AC629}E:\!!firmware\hcu_client\hcu_322\hcu.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CB20BC64-9CFB-41A2-BE53-C96AE0F27AA4}E:\!!firmware\pixel\aadb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3806397-67B2-452D-8885-0D59B07ECF31}E:\!!firmware\pixel\aadb.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 299403655 B
Java, Flash, Steam htmlcache => 93839330 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 411778022 B
Firefox => 1399062284 B
Opera => 5661696 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
systemprofile32 => 66506 B
LocalService => 99631 B
NetworkService => 100791 B
MaClaud => 1037912416 B
UpdatusUser => 1037912416 B
Guest => 1037991985 B
MSSQL$SQLEXPRESS => 1037991985 B

RecycleBin => 4010334847 B
EmptyTemp: => 9.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:56:34 ====

Re: Proces 25% CPU

Napsal: 30 bře 2020 14:05
od Rudy
Smazáno. Nastala nějaká změna?

Re: Proces 25% CPU

Napsal: 31 bře 2020 00:11
od MaClaud
Z kraje to vypadalo docela slibne ale po chvili prace s PC se nepochopitelne nejaky proces spusti na 25%, zavruho primo z task manageru a spusti se znovu jiny... prikladam ted log z frst prave kdyz se proces spustil (+ screenshot)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
Ran by MaClaud (administrator) on CALIBRA (ASUSTeK Computer Inc. N73SV) (31-03-2020 01:06:50)
Running from C:\Users\MaClaud\Desktop
Loaded Profiles: MaClaud (Available Profiles: MaClaud & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Electronic Team, Inc. -> Electronic Team, Inc.) C:\Program Files\Electronic Team\Flexihub\flexihub64.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Finger Power Technology Co., Ltd. -> ) C:\Users\MaClaud\AppData\Local\Kingosoft\Kingo Root\update_58142\bin\KingoSoftService.exe
(Fresco Logic Inc -> Fresco Logic) C:\Windows\System32\FLxHCIm.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Turbo Boost Technology Monitor -> Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(QUALCOMM, Inc.) [File not signed] C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc.) [File not signed] C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11485800 2010-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2168424 2010-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [FLxHCIm] => C:\windows\system32\FLxHCIm.exe [76472 2018-05-31] (Fresco Logic Inc -> Fresco Logic)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10228224 2010-11-03] (Intel Corporation) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [309560 2020-03-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [2325504 2019-04-24] () [File not signed]
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Run: [Google Update] => C:\Users\MaClaud\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-1414726678-80063402-3466205120-1000\...\Winlogon: [Shell] C:\windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2015-04-17]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-08-02] (Broadcom Corporation -> Broadcom Corporation.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs: , C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: , C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EasyJTAG Startup Agent.lnk [2020-03-30]
ShortcutTarget: EasyJTAG Startup Agent.lnk -> C:\Program Files\Z3X\EASYJTAG\autorun_agent.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SPDriverInstall.lnk [2018-03-16]
ShortcutTarget: SPDriverInstall.lnk -> C:\Program Files\MediaTek\SP Driver\SPDriverInstall (No File)
AlternateShell:

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F61C5C-F0FF-4A58-9D9B-09A2E5678443} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660792 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42BDA739-E704-4D4E-B58E-43974ED6DF41} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660792 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F12801E-2A67-447B-A5FB-2E58BFBD0245} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [525104 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {569FE0DD-E93D-4094-B77E-30FE39A93607} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746800 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A7AAB9F-0700-4DF8-899F-007AEA78DF4A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1931064 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C3571BE-00E8-42C6-BE2C-AF1BC4411B85} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {983A7EB2-FAC1-421D-BCF1-EA59FC243078} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [1454080 2018-09-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A1FD4554-033D-4DBA-AF91-C2EEE878C830} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746800 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5E407CF-E06F-457F-BAC8-804009CC5513} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\windows\ehome\ehrec.exe
Task: {BE3630D3-AE9E-40C3-922E-1A4701294773} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [969016 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8C36499-2C59-4710-AE75-7302BB6BD734} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1414726678-80063402-3466205120-1000 => C:\Users\MaClaud\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)
Task: {EB0E1621-0DBA-4C96-8D35-BDB55782909A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\windows\ehome\mcupdate.exe
Task: {F3CC6BB3-B68A-4C46-A40C-A1B65EB5FBDF} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{2A2F8EC6-537B-4B41-AD19-33E93A923D4E}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{D3C56AF9-7B29-4B4D-979F-CE1142B157B0}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1414726678-80063402-3466205120-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)

FireFox:
========
FF DefaultProfile: x40heix7.default
FF ProfilePath: C:\Users\MaClaud\AppData\Roaming\TomTom\HOME\Profiles\bf16q830.default [2020-03-04]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default [2020-03-31]
FF Notifications: Mozilla\Firefox\Profiles\x40heix7.default -> hxxps://calendar.google.com; hxxps://androidhost.ru
FF Extension: (Česká kontrola pravopisu (bez diakritiky)) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\cs2@dictionaries.addons.mozilla.org.xpi [2019-01-04]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-04]
FF Extension: (SafeInCloud Password Manager) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\info@safe-in-cloud.com.xpi [2019-06-10]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-03-14]
FF Extension: (uBlock Origin) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\uBlock0@raymondhill.net.xpi [2019-03-13]
FF Extension: (No Name) - C:\Users\MaClaud\AppData\Roaming\Mozilla\Firefox\Profiles\x40heix7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-03-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-11] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-11] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-09-02] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\\1.8.101.2154\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default [2020-03-31]
CHR Extension: (Prezentace) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-04]
CHR Extension: (Dokumenty) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-04]
CHR Extension: (Disk Google) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-04]
CHR Extension: (YouTube) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-04]
CHR Extension: (Maximize Flash) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\chihjmmmhbapnhemoopibkekbojilhge [2020-03-04]
CHR Extension: (Tabulky) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]
CHR Extension: (Google Kalendář) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-03-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-04]
CHR Extension: (Fullscreen Anything) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\olcfgpmjldkkjdclidhcbonieibfhhdh [2020-03-04]
CHR Extension: (Gmail) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\MaClaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
StartMenuInternet: Google Chrome - C:\Users\MaClaud\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR Extension: (To-Read sites) - C:\Users\MaClaud\AppData\Roaming\Opera Software\Opera Stable\Extensions\ocjdcfknlmpoicmjpklcofjlpnegobbb [2013-09-13]
OPR Extension: (Adblock Plus) - C:\Users\MaClaud\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2013-09-13]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-03-12] (Apple Inc. -> Apple Inc.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 flexihub; C:\Program Files\Electronic Team\Flexihub\flexihub64.exe [6301216 2019-03-04] (Electronic Team, Inc. -> Electronic Team, Inc.)
R2 hasplms; C:\windows\system32\hasplms.exe [7643216 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 KingoSoftService; C:\Users\MaClaud\AppData\Local\Kingosoft\Kingo Root\update_58142\bin\checkupdate.exe [367584 2016-09-17] (Finger Power Technology Co., Ltd. -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2012-12-28] (Even Balance, Inc. -> )
R2 qcmtusvc; C:\Program Files (x86)\QUALCOMM Incorporated\Qualcomm USB Drivers For Windows\DriverPackage\Qualcomm\Tools\qcmtusvc.exe [83456 2015-07-09] (QUALCOMM, Inc.) [File not signed]
R2 RapiMgr; C:\windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S2 SbieSvc; E:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (SANDBOXIE L.T.D -> Sandboxie Holdings, LLC)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-08-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [780328 2019-08-16] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.)
R3 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [79872 2011-11-13] (VMware, Inc.) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2011-11-13] () [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
R2 WcesComm; C:\windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2548224 2019-10-22] (Sony) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [X]
S3 WsDrvInst; "E:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksdf; C:\windows\system32\drivers\aksdf.sys [389560 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\windows\system32\drivers\aksfridge.sys [487352 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshasp; C:\windows\System32\DRIVERS\akshasp.sys [69560 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\windows\System32\DRIVERS\akshhl.sys [68536 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\windows\System32\DRIVERS\aksusb.sys [313784 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
R0 ambakdrv; C:\windows\System32\ambakdrv.sys [51120 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AmUStor; C:\windows\System32\drivers\AmUStor.SYS [44032 2010-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Alcor Micro, Corp.)
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2016-12-22] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AndnetBus; C:\windows\System32\DRIVERS\lgandnetbus64.sys [30208 2016-08-31] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AVEO; C:\windows\System32\DRIVERS\AVEOdcnt.sys [237056 2010-03-24] (Aveo Technology Corp. -> AVEO Corp)
S3 BTCFilterService; C:\windows\System32\DRIVERS\motfilt.sys [6144 2013-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc)
R3 cbrtfltr; C:\windows\System32\DRIVERS\cbrtfltr.sys [173248 2020-02-05] (Cellebrite Mobile Synchronization -> Cellebrite Mobile Synchronization)
S3 Ctxusbr; C:\windows\System32\DRIVERS\ctxusbr.sys [77488 2016-09-05] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [135520 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 diagswitchdrv; C:\Windows\SysWOW64\DRIVERS\diagswitchdrv.sys [117888 2014-08-17] (Huawei Technologies Co., Ltd.) [File not signed]
R3 DroidCam; C:\windows\System32\DRIVERS\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\windows\System32\DRIVERS\droidcamvideo.sys [229432 2015-05-24] (DEV47 APPS -> Dev47Apps)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-21] (DT Soft Ltd -> DT Soft Ltd)
S3 easyjtag; C:\windows\System32\DRIVERS\easyjtag_x64.sys [65024 2011-05-06] (Z3X EasyJTAG -> )
S3 eGateUSB; C:\windows\System32\Drivers\eGateUSB.sys [98816 2007-05-09] (Gemalto) [File not signed]
S3 EloMTApr; C:\windows\System32\DRIVERS\EloMTApr.sys [232960 2017-05-18] (Elo Touch Solutions, Inc. -> )
S3 EloMTSer; C:\windows\System32\DRIVERS\EloMTSer.sys [122368 2017-05-18] (Elo Touch Solutions, Inc. -> )
S3 EloMTUsb; C:\windows\System32\DRIVERS\EloMTUsb.sys [183808 2017-05-18] (Elo Touch Solutions, Inc. -> )
R3 ELTIMA_USB_HUB_FILTER; C:\windows\System32\drivers\fusbhub.sys [130560 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [129024 2010-09-08] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
R3 eustub; C:\windows\System32\DRIVERS\eusbstub.sys [39424 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 evserial9; C:\windows\System32\DRIVERS\evserial9.sys [40448 2018-04-05] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 ew_usbccgpfilter; C:\windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbccgpfilter; C:\Windows\SysWOW64\DRIVERS\ew_usbccgpfilter.sys [19200 2016-03-29] (Huawei Technologies Co., Ltd.) [File not signed]
R1 Ext2Fsd; C:\windows\System32\DRIVERS\Ext2Fsd.sys [799744 2017-04-02] (Kasherlab Technology Inc. -> http://www.ext2fsd.com)
R3 FLxHCIh; C:\windows\System32\DRIVERS\FLxHCIh.sys [146336 2018-05-31] (Fresco Logic Inc -> Fresco Logic)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () [File not signed]
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [129448 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\windows\System32\drivers\ftser2k.sys [86376 2020-02-05] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 ggsomc; C:\windows\System32\DRIVERS\ggsomc.sys [32384 2018-02-06] (Sony Mobile Communications AB -> Sony Mobile Communications)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [1970104 2019-04-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 HSPL_usbvcom; C:\windows\System32\DRIVERS\hw_usbvcom.sys [221824 2015-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HSPL_usbvcom; C:\Windows\SysWOW64\DRIVERS\hw_usbvcom.sys [221824 2015-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HTCAND64; C:\windows\System32\Drivers\ANDROIDUSB.sys [31744 2015-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
S3 htcnprot; C:\windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 htcusbnet; C:\windows\System32\DRIVERS\htcusbnet.sys [154624 2011-08-04] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 HtcVCom32; C:\windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
S3 HWHandSet; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSet; C:\Windows\SysWOW64\DRIVERS\hw_quusbmdm.sys [226560 2016-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSetProLine; C:\windows\System32\DRIVERS\hw_quusbmdm.sys [226560 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HWHandSetProLine; C:\Windows\SysWOW64\DRIVERS\hw_quusbmdm.sys [226560 2016-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\windows\System32\DRIVERS\hw_cdcacm.sys [127360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_ctrlfakedev; C:\windows\System32\DRIVERS\hw_ctrlfakedev.sys [115712 2015-03-10] (Huawei Technologies Co., Ltd.) [File not signed]
S3 hw_ctrlfakedev; C:\Windows\SysWOW64\DRIVERS\hw_ctrlfakedev.sys [115712 2015-03-10] (Huawei Technologies Co., Ltd.) [File not signed]
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [165504 2016-12-23] (Microsoft Windows Hardware Compatibility Publisher -> ITE )
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-21] (ASUSTeK Computer Inc. -> )
S3 libusb0; C:\windows\System32\DRIVERS\libusb0.sys [62048 2014-06-19] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 lusbcbrt; C:\windows\System32\DRIVERS\lusbcbrt.sys [44224 2020-02-05] (Cellebrite Mobile Synchronization -> Cellebrite Mobile Synchronization)
S0 malqoorz; C:\Windows\SysWOW64\drivers\yahcdwms.sys [61440 2017-04-25] () [File not signed]
S3 massfilter_hs; C:\windows\System32\drivers\massfilter_hs.sys [11776 2010-10-20] (Microsoft Windows Hardware Compatibility Publisher -> HandSet Incorporated)
S3 motandroidusb; C:\windows\System32\Drivers\motoandroid.sys [32768 2013-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 motccgp; C:\windows\System32\DRIVERS\motccgp.sys [23552 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motmodem; C:\windows\System32\DRIVERS\motmodem.sys [31744 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 MotoSwitchService; C:\windows\System32\DRIVERS\motswch.sys [8832 2012-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
S3 Motousbnet; C:\windows\System32\DRIVERS\Motousbnet.sys [27648 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motport; C:\windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 motusbdevice; C:\windows\System32\DRIVERS\motusbdevice.sys [12288 2013-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Inc)
S3 nmwcd; C:\windows\System32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\windows\System32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsucx64; C:\windows\System32\drivers\nmwcdnsucx64.sys [12800 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdnsux64; C:\windows\System32\drivers\nmwcdnsux64.sys [171008 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\windows\System32\DRIVERS\nvvhci.sys [58680 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 pccsmcfd; C:\windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 qcfilter; C:\windows\System32\DRIVERS\qcusbfilter.sys [40448 2015-07-09] (QUALCOMM Incorporated -> QUALCOMM Incorporated)
S3 qcusbser; C:\windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\windows\System32\DRIVERS\qcusbwwan.sys [516608 2015-07-09] (QUALCOMM Incorporated -> QUALCOMM Incorporated)
S3 R5BaseSmc; C:\windows\System32\DRIVERS\smccard.sys [23592 2014-01-13] (Feitian Technologies Co., Ltd. -> OEM)
S3 riffbox; C:\windows\System32\DRIVERS\riffbox64.sys [32768 2012-04-24] (Microsoft Windows -> Microsoft Corporation)
R3 RtlWlanu; C:\windows\System32\DRIVERS\rtwlanu.sys [7947192 2018-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 s0016bus; C:\windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mdfl; C:\windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mdm; C:\windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016mgmt; C:\windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016nd5; C:\windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016obex; C:\windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0016unic; C:\windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017bus; C:\windows\System32\DRIVERS\s0017bus.sys [113704 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mdfl; C:\windows\System32\DRIVERS\s0017mdfl.sys [19496 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mdm; C:\windows\System32\DRIVERS\s0017mdm.sys [152616 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017mgmt; C:\windows\System32\DRIVERS\s0017mgmt.sys [133160 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017nd5; C:\windows\System32\DRIVERS\s0017nd5.sys [34856 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017obex; C:\windows\System32\DRIVERS\s0017obex.sys [128552 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s0017unic; C:\windows\System32\DRIVERS\s0017unic.sys [145960 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018bus; C:\windows\System32\DRIVERS\s1018bus.sys [113704 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdfl; C:\windows\System32\DRIVERS\s1018mdfl.sys [19496 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdm; C:\windows\System32\DRIVERS\s1018mdm.sys [153128 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mgmt; C:\windows\System32\DRIVERS\s1018mgmt.sys [133160 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018nd5; C:\windows\System32\DRIVERS\s1018nd5.sys [34856 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018obex; C:\windows\System32\DRIVERS\s1018obex.sys [128552 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018unic; C:\windows\System32\DRIVERS\s1018unic.sys [146472 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039bus; C:\windows\System32\DRIVERS\s1039bus.sys [127600 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdfl; C:\windows\System32\DRIVERS\s1039mdfl.sys [19568 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdm; C:\windows\System32\DRIVERS\s1039mdm.sys [161904 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\windows\System32\DRIVERS\s1039mgmt.sys [141424 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039nd5; C:\windows\System32\DRIVERS\s1039nd5.sys [34416 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\windows\System32\DRIVERS\s1039obex.sys [137328 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\windows\System32\DRIVERS\s1039unic.sys [158320 2012-07-24] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 SbieDrv; E:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (SANDBOXIE L.T.D -> Sandboxie Holdings, LLC)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12400 2018-12-09] (Macrovision Europe Ltd) [File not signed]
R3 seehcri; C:\windows\System32\DRIVERS\seehcri.sys [34032 2012-07-24] (Sony Ericsson Mobile Communications AB -> Sony Ericsson Mobile Communications)
S3 Ser2pl; C:\windows\System32\DRIVERS\ser2pl64.sys [160256 2013-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 smhwdev; C:\windows\System32\DRIVERS\smhwdev.sys [114432 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 smhwser; C:\windows\System32\DRIVERS\smhwser.sys [122624 2012-07-24] (QUALCOMM Incorporated) [File not signed]
S0 soesbn; C:\Windows\SysWOW64\drivers\vevk.sys [61440 2017-04-25] () [File not signed]
S3 sprdvcom; C:\windows\System32\DRIVERS\sprdvcom.sys [28160 2015-03-04] (Microsoft Corporation -> SPRD Device)
S3 ssudmdm; C:\windows\System32\DRIVERS\ssudmdm.sys [166752 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\windows\System32\DRIVERS\ssudserd.sys [166752 2019-08-16] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SzCCID; C:\windows\System32\DRIVERS\SzCCID.sys [46080 2020-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Generic)
S3 token; C:\windows\System32\DRIVERS\eps2kt1.sys [43432 2014-01-13] (Feitian Technologies Co., Ltd. -> OEM)
R2 TurboB; C:\windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] (Intel(R) Turbo Boost Technology Monitor -> )
S3 UFS2XX; C:\windows\System32\drivers\UFS2XX.sys [82528 2013-08-19] (UAB ”DIGITEKA” -> FTDI Ltd.)
S3 upperdev; C:\windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 usbbus; C:\windows\System32\DRIVERS\lgx64bus.sys [17920 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 UsbDiag; C:\windows\System32\DRIVERS\lgx64diag.sys [28160 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 USBModem; C:\windows\System32\DRIVERS\lgx64modem.sys [34816 2016-02-17] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 usbrndis6; C:\windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\usbser.sys [33280 2013-08-28] (Microsoft Windows -> Microsoft Corporation)
S3 UsbserFilt; C:\windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 VSBC9; C:\windows\System32\DRIVERS\evsbc9.sys [127488 2018-04-05] (Element 5 Limited Liability Company -> ELTIMA Software)
R3 vuhub; C:\windows\System32\DRIVERS\vuhub.sys [156160 2019-03-01] (Element 5 Limited Liability Company -> ELTIMA Software)
S3 WDC_SAM; C:\windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdf_usb; C:\windows\System32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
R3 wdkmd; C:\windows\System32\DRIVERS\WDKMD.sys [39832 2010-06-18] (Wireless Display -> Intel Corporation)
S3 wdm_usb; C:\windows\System32\DRIVERS\usb2ser.sys [140672 2014-11-24] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
S3 zghsdiag; C:\windows\System32\DRIVERS\zghsdiag.sys [129432 2011-07-07] (ZTE CORPORATION -> ZTE Incorporated)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 DIRECTIORM; \??\E:\Program Files\RAMMon\DirectIo64.sys [X]
S3 EloBus; system32\DRIVERS\EloBus.sys [X]
S3 EloSer; system32\DRIVERS\EloSerG2.sys [X]
U5 hw_usbdev; C:\Windows\SysWOW64\Drivers\hw_usbdev.sys [116864 2011-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 qcusbnet; system32\DRIVERS\qcusbnet.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vzandnetadb; System32\Drivers\lgvzandnetadb.sys [X]
S1 xcbdplvu; \??\C:\windows\system32\drivers\xcbdplvu.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-30 10:55 - 2020-03-30 10:56 - 000049645 _____ C:\Users\MaClaud\Desktop\Fixlog.txt
2020-03-30 00:43 - 2020-03-30 00:43 - 000001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-03-30 00:43 - 2020-03-30 00:43 - 000001747 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-03-30 00:43 - 2020-03-30 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-03-30 00:43 - 2020-03-30 00:43 - 000000000 ____D C:\Program Files\iTunes
2020-03-30 00:43 - 2020-03-30 00:43 - 000000000 ____D C:\Program Files\iPod
2020-03-27 00:57 - 2020-03-30 10:55 - 000000000 ____D C:\Users\MaClaud\Desktop\FRST-OlderVersion
2020-03-27 00:16 - 2020-03-27 00:16 - 000000000 ____H C:\windows\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2020-03-25 23:43 - 2020-03-25 23:43 - 000000000 ____D C:\Users\MaClaud\AppData\Local\SafeNet Sentinel
2020-03-25 23:42 - 2020-03-30 13:58 - 000000000 ____D C:\Users\MaClaud\AppData\Local\My UFED Extractions
2020-03-25 23:42 - 2020-03-25 23:42 - 000000000 ____D C:\Users\MaClaud\AppData\Local\Cellebrite_Mobile_Synchro
2020-03-25 23:35 - 2020-02-05 15:24 - 000044224 _____ (Cellebrite Mobile Synchronization) C:\windows\system32\Drivers\lusbcbrt.sys
2020-03-25 23:33 - 2020-02-05 15:24 - 000173248 _____ (Cellebrite Mobile Synchronization) C:\windows\system32\Drivers\cbrtfltr.sys
2020-03-25 23:32 - 2020-03-25 23:33 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4
2020-03-25 23:32 - 2020-03-25 23:33 - 000000000 ____D C:\Program Files\X Codec Pack
2020-03-25 23:32 - 2020-03-25 23:32 - 000001437 _____ C:\Users\Public\Desktop\UFED 4PC.lnk
2020-03-25 23:32 - 2020-03-25 23:32 - 000001437 _____ C:\ProgramData\Desktop\UFED 4PC.lnk
2020-03-25 23:32 - 2020-03-25 23:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cellebrite Mobile Synchronization
2020-03-25 23:32 - 2020-02-05 15:24 - 000090112 _____ C:\windows\system32\SCPwrSetSvr.exe
2020-03-25 23:32 - 2020-02-05 15:24 - 000086376 _____ (FTDI Ltd.) C:\windows\system32\Drivers\ftser2k.sys
2020-03-25 23:32 - 2020-02-05 15:24 - 000065896 _____ (FTDI Ltd.) C:\windows\system32\ftcserco.dll
2020-03-25 23:32 - 2020-02-05 15:24 - 000056168 _____ (FTDI Ltd.) C:\windows\system32\ftserui2.dll
2020-03-25 23:32 - 2020-02-05 15:24 - 000046080 _____ (Generic) C:\windows\system32\Drivers\SzCCID.sys
2020-03-25 23:32 - 2020-02-05 15:24 - 000028544 _____ () C:\windows\system32\Drivers\AlcGener.sys
2020-03-25 23:32 - 2020-02-05 15:24 - 000027648 _____ (Generic) C:\windows\system32\SzCcidV1800.dll
2020-03-25 23:29 - 2020-03-25 23:29 - 000000000 ____D C:\ProgramData\SafeNet Sentinel
2020-03-25 23:29 - 2020-03-25 23:29 - 000000000 ____D C:\Program Files (x86)\Cellebrite Mobile Synchronization
2020-03-25 23:29 - 2020-03-25 23:29 - 000000000 ____D C:\Program Files (x86)\Cellebrite
2020-03-25 23:29 - 2019-04-29 09:17 - 007643216 _____ (SafeNet, Inc.) C:\windows\system32\hasplms.exe
2020-03-25 23:29 - 2019-04-29 09:17 - 007643216 _____ (SafeNet, Inc.) C:\windows\system32\aksllmtp.exe
2020-03-25 23:29 - 2019-04-29 09:17 - 003734096 _____ (SafeNet, Inc.) C:\windows\system32\hasplmv.exe
2020-03-25 23:29 - 2019-04-29 09:17 - 001970104 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\hardlock.sys
2020-03-25 23:29 - 2019-04-29 09:17 - 000487352 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\aksfridge.sys
2020-03-25 23:29 - 2019-04-29 09:17 - 000389560 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\aksdf.sys
2020-03-25 23:29 - 2019-04-29 09:17 - 000313784 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\aksusb.sys
2020-03-25 23:29 - 2019-04-29 09:17 - 000279992 _____ (SafeNet, Inc.) C:\windows\system32\akshhl33.dll
2020-03-25 23:29 - 2019-04-29 09:17 - 000206800 _____ (Aladdin Knowledge Systems Ltd.) C:\windows\SysWOW64\hlvdd.dll
2020-03-25 23:29 - 2019-04-29 09:17 - 000085944 _____ (SafeNet, Inc.) C:\windows\system32\aksusb5.dll
2020-03-25 23:29 - 2019-04-29 09:17 - 000074680 _____ (SafeNet, Inc.) C:\windows\system32\akshsp53.dll
2020-03-25 23:29 - 2019-04-29 09:17 - 000069560 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\akshasp.sys
2020-03-25 23:29 - 2019-04-29 09:17 - 000068536 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\akshhl.sys
2020-03-25 23:29 - 2019-04-29 09:17 - 000031160 _____ (SafeNet, Inc.) C:\windows\system32\Drivers\aksclass.sys
2020-03-25 15:37 - 2020-03-25 15:37 - 000000000 ____D C:\Users\MaClaud\Desktop\backup
2020-03-25 15:24 - 2020-03-25 15:24 - 000226617 _____ C:\Users\MaClaud\Desktop\UnlockerPortable MajorGeeks.zip
2020-03-25 15:24 - 2020-03-25 15:24 - 000000000 ____D C:\Users\MaClaud\Desktop\UnlockerPortable
2020-03-25 00:43 - 2020-03-27 01:02 - 000033126 _____ C:\Users\MaClaud\Desktop\Addition.zip
2020-03-25 00:36 - 2020-03-27 01:01 - 000127452 _____ C:\Users\MaClaud\Desktop\Addition.txt
2020-03-25 00:35 - 2020-03-31 01:07 - 000048126 _____ C:\Users\MaClaud\Desktop\FRST.txt
2020-03-25 00:34 - 2020-03-31 01:07 - 000000000 ____D C:\FRST
2020-03-25 00:34 - 2020-03-30 10:55 - 002280448 _____ (Farbar) C:\Users\MaClaud\Desktop\FRST64.exe
2020-03-20 13:05 - 2020-03-20 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QPST
2020-03-18 19:45 - 2020-03-18 19:45 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-16 19:36 - 2020-03-16 19:36 - 000000000 ____D C:\Users\MaClaud\AppData\Local\GHISLER
2020-03-14 21:18 - 2020-03-14 21:18 - 000103140 __RSH C:\dnfl.exe
2020-03-13 20:42 - 2020-03-13 20:42 - 000000717 _____ C:\Users\Public\Desktop\Halabtech Tool_v0.9.lnk
2020-03-13 20:42 - 2020-03-13 20:42 - 000000717 _____ C:\ProgramData\Desktop\Halabtech Tool_v0.9.lnk
2020-03-13 20:42 - 2020-03-13 20:42 - 000000000 ____D C:\Users\MaClaud\AppData\Local\SkinSoft
2020-03-13 20:42 - 2020-03-13 20:42 - 000000000 ____D C:\Users\MaClaud\.android
2020-03-13 20:42 - 2020-03-13 20:42 - 000000000 ____D C:\Halabtech_Tool_V0.9
2020-03-13 20:39 - 2020-03-14 21:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-03-12 20:54 - 2020-03-13 20:06 - 000000000 ____D C:\ProgramData\Citrix
2020-03-05 21:16 - 2020-03-05 21:16 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\WinRAR
2020-03-04 00:40 - 2020-03-25 23:27 - 000000000 ____D C:\zoek_backup
2020-03-04 00:23 - 2020-03-04 00:31 - 000000000 ____D C:\Users\MaClaud\AppData\LocalLow\IGDump
2020-03-04 00:22 - 2020-03-04 00:22 - 002038755 _____ C:\Users\MaClaud\Desktop\zoek.exe
2020-03-04 00:22 - 2020-03-04 00:22 - 000000000 ____D C:\Users\MaClaud\AppData\Local\mbamtray
2020-03-04 00:22 - 2020-03-04 00:22 - 000000000 ____D C:\Users\MaClaud\AppData\Local\mbam
2020-03-04 00:12 - 2020-03-04 00:13 - 000000000 ____D C:\Users\MaClaud\AppData\Local\Windows Performance Analyzer
2020-03-04 00:12 - 2020-03-04 00:12 - 000000000 ____D C:\Users\MaClaud\Documents\WPA Files
2020-03-04 00:12 - 2020-03-04 00:12 - 000000000 ____D C:\SymCache
2020-03-04 00:09 - 2020-03-04 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-31 00:55 - 2019-05-24 22:47 - 000003974 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{622E5186-25DA-42B1-92A5-EC41038EB5D6}
2020-03-31 00:27 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2020-03-31 00:26 - 2012-01-21 05:15 - 000000000 ____D C:\Program Files\DIFX
2020-03-30 23:33 - 2009-07-14 17:18 - 000675130 _____ C:\windows\system32\perfh005.dat
2020-03-30 23:33 - 2009-07-14 17:18 - 000144220 _____ C:\windows\system32\perfc005.dat
2020-03-30 23:33 - 2009-07-14 07:13 - 001601644 _____ C:\windows\system32\PerfStringBackup.INI
2020-03-30 22:40 - 2009-07-14 06:45 - 000023824 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-30 22:40 - 2009-07-14 06:45 - 000023824 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-30 22:37 - 2016-02-09 10:30 - 000000000 ____D C:\Users\MaClaud\AppData\Local\SafeInCloud
2020-03-30 22:32 - 2016-11-19 18:27 - 000000000 ____D C:\Users\MaClaud\AppData\LocalLow\Mozilla
2020-03-30 22:32 - 2015-02-19 22:31 - 000000091 _____ C:\HaxLogs.txt
2020-03-30 22:32 - 2014-07-06 11:52 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-30 22:32 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-03-30 10:56 - 2013-01-06 16:26 - 000000000 ____D C:\Users\MaClaud\AppData\LocalLow\Temp
2020-03-30 00:39 - 2017-10-09 00:11 - 000000962 _____ C:\Users\MaClaud\Desktop\Direct eMMC Qualcomm Flasher.lnk
2020-03-30 00:39 - 2017-10-09 00:11 - 000000942 _____ C:\Users\MaClaud\Desktop\Direct eMMC Samsung Flasher.lnk
2020-03-30 00:39 - 2017-10-09 00:11 - 000000937 _____ C:\Users\MaClaud\Desktop\EasyJTAG Android Explorer.lnk
2020-03-30 00:39 - 2017-10-09 00:11 - 000000917 _____ C:\Users\MaClaud\Desktop\EasyJTAG SPI Flasher.lnk
2020-03-30 00:39 - 2017-10-09 00:11 - 000000902 _____ C:\Users\MaClaud\Desktop\EasyJTAG Tool.lnk
2020-03-30 00:38 - 2017-01-03 18:29 - 000001112 _____ C:\Users\MaClaud\Desktop\LG 2-3G Tool.lnk
2020-03-30 00:38 - 2015-05-29 20:45 - 000001237 _____ C:\Users\Public\Desktop\Samsung Tool PRO.lnk
2020-03-30 00:38 - 2015-05-29 20:45 - 000001237 _____ C:\ProgramData\Desktop\Samsung Tool PRO.lnk
2020-03-30 00:38 - 2014-01-13 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z3X
2020-03-30 00:36 - 2014-01-13 22:08 - 000000000 ____D C:\Program Files (x86)\Z3X
2020-03-29 22:10 - 2012-01-21 11:17 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-03-27 15:58 - 2017-07-15 13:51 - 000000000 ____D C:\windows\rescache
2020-03-26 19:12 - 2015-11-21 18:49 - 000000000 ____D C:\AdwCleaner
2020-03-25 23:42 - 2017-10-08 11:29 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\Cellebrite Mobile Synchronization
2020-03-25 23:33 - 2017-10-08 11:29 - 000000000 ____D C:\ProgramData\Cellebrite Mobile Synchronization
2020-03-25 23:29 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\Setup
2020-03-25 23:24 - 2012-01-21 11:56 - 000000000 ____D C:\Program Files (x86)\IIS
2020-03-25 23:20 - 2015-08-25 10:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-25 15:41 - 2009-07-14 05:20 - 000000000 ____D C:\windows\servicing
2020-03-25 15:25 - 2009-07-14 17:36 - 000000000 ___RD C:\Users\Public\Recorded TV
2020-03-25 15:25 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-03-25 15:25 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Microsoft Games
2020-03-25 15:25 - 2009-07-14 05:20 - 000000000 ____D C:\windows\PolicyDefinitions
2020-03-20 13:05 - 2013-08-20 21:09 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2020-03-20 13:02 - 2018-03-19 19:51 - 000000000 ____D C:\Users\MaClaud\AppData\Local\QPST
2020-03-20 11:58 - 2013-01-05 12:51 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\TeamViewer
2020-03-20 11:57 - 2012-12-26 14:12 - 026985448 _____ (TeamViewer Germany GmbH) C:\Users\MaClaud\Desktop\TeamViewer_Setup.exe
2020-03-20 00:31 - 2019-08-27 22:12 - 000000122 _____ C:\windows\fdataGlobal
2020-03-19 23:29 - 2018-01-21 15:50 - 000000000 ____D C:\Users\MaClaud\AppData\Local\CrashDumps
2020-03-19 22:31 - 2012-04-13 20:16 - 000002426 _____ C:\Users\MaClaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 22:31 - 2012-04-13 20:16 - 000002389 _____ C:\Users\MaClaud\Desktop\Google Chrome.lnk
2020-03-18 19:47 - 2017-12-18 22:27 - 000000000 ____D C:\Users\MaClaud\AppData\Local\MOBILeditForensicExpress
2020-03-18 19:45 - 2017-12-18 22:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBILedit Forensic Express
2020-03-17 21:34 - 2013-11-02 22:50 - 000000000 ____D C:\Users\MaClaud\AppData\Roaming\vlc
2020-03-14 21:16 - 2013-03-30 12:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-13 20:42 - 2012-01-21 04:53 - 000000000 ____D C:\Users\MaClaud
2020-03-12 20:54 - 2016-11-23 17:42 - 000000000 ____D C:\Users\MaClaud\AppData\Local\Citrix
2020-03-04 08:47 - 2015-12-25 20:12 - 000000008 __RSH C:\ProgramData\ntuser.pol
2020-03-04 01:04 - 2009-07-14 05:20 - 000000000 ___HD C:\windows\system32\GroupPolicy
2020-03-04 01:04 - 2009-07-14 05:20 - 000000000 ____D C:\windows\SysWOW64\GroupPolicy
2020-03-04 00:33 - 2020-02-22 00:08 - 000103140 _____ C:\wcrrds.pif
2020-03-04 00:33 - 2018-12-06 23:53 - 000000000 ____D C:\Program Files (x86)\Grt Dongle Qualcomm Tool
2020-03-04 00:09 - 2015-08-30 20:09 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2020-03-04 00:07 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\MSBuild

==================== Files in the root of some directories ========

2017-04-25 23:11 - 2017-04-25 23:11 - 000000152 _____ () C:\Program Files (x86)\jvsgayah.txt
2018-02-11 13:10 - 2018-02-12 00:22 - 000000096 _____ () C:\Users\MaClaud\AppData\Roaming\version2.xml
2019-02-26 21:37 - 2019-03-10 21:08 - 000000016 _____ () C:\Users\MaClaud\AppData\Roaming\windows_e.cfg
2015-06-01 21:05 - 2018-05-12 00:49 - 000000600 _____ () C:\Users\MaClaud\AppData\Roaming\winscp.rnd
2012-01-21 05:17 - 2012-01-21 05:17 - 000001263 _____ () C:\Users\MaClaud\AppData\Local\PDLSetup.20120121.041752.txt
2018-05-12 00:48 - 2019-07-18 19:43 - 000000128 _____ () C:\Users\MaClaud\AppData\Local\PUTTY.RND
2017-11-13 20:35 - 2017-11-13 20:35 - 000007605 _____ () C:\Users\MaClaud\AppData\Local\Resmon.ResmonCfg
2016-09-17 09:43 - 2016-09-17 09:43 - 000000192 _____ () C:\Users\MaClaud\AppData\Local\uts.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <==== ATTENTION

LastRegBack: 2020-03-30 14:25
==================== End of FRST.txt ========================

Re: Proces 25% CPU

Napsal: 31 bře 2020 09:26
od Rudy
Winword je proces MS Word, tedy legitimní. Ten odstraníte jen odinstalací MS Office a to určitě nechcete.

Re: Proces 25% CPU

Napsal: 31 bře 2020 21:44
od MaClaud
samozrejme to ja chapu ale ten winword jsem uvedl jen jako jeden z mnoha prikladu, v tomto konkretnim byl prave winword ten proces ktery vytezuje procesor na 25%. jindy je to treba svchost, nebo safeincloud atd atd... Podstata je ta ze kdz tdany proces v task manageru zastavite tak se spusti nahodne jiny a zase na 25% a tak je to stale dokola a dokola.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz