samovytvořeni uživatelského konta

Zpráva

zack111 · #1 Příspěvek od **zack111** » 04 říj 2017 15:15

Zdravim,
vedel by mi niekto poradiť čo môže spôsobovať, že po reštarte sa mi samo vytvori užívateľké konto. Začalo to dnes, po zapnuti PC sa mi zobrazilo v prihlasovacom okne nove konto. Vymazal som ho, no po reštarte tam bolo za iné s názvom"ezcbaqryu".

Nižšie pripájam log.
Díky za radu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:57:15, on 4. 10. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18666)
Boot mode: Normal

Running processes:
C:\Users\Viliam\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\Viliam\AppData\Local\Akamai\netsession_win.exe
C:\Users\Viliam\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hijackthis\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O23 - Service: AbSoftMgr4 - AB Studio - C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max 2012 64-bit - English 64-bit (mi-raysat_3dsmax2012_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8340 bytes

#2 Příspěvek od **Rudy** » 04 říj 2017 18:33

Zdravím!
To bude nějaký šmejd. Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 . HijackThis je už za zenitem.

zack111 · #3 Příspěvek od **zack111** » 04 říj 2017 20:22

zdravím, díky za reakciu. Posielam nižšie log z FRST, neviem prečo ale vytvorili sa mi dva, jeden s nazvom frst.txt a druhy Addition.txt. Posielam oba. Díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2017 01
Ran by Viliam (administrator) on VILIAM-PC (04-10-2017 21:17:22)
Running from C:\Users\Viliam\Desktop
Loaded Profiles: Viliam (Available Profiles: Viliam & Ján)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Spotify Ltd) C:\Users\Viliam\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHDE.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\eOPPFrame.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Autodesk, Inc.) C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\WSCommCntr4.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Viliam\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Viliam\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Autodesk Sync] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{0EC6516A-4869-4E9A-A955-E6A601F46FB9}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-12] (Oracle Corporation)

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default [2017-10-04]
CHR Extension: (Prezentace Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-22]
CHR Extension: (World Currencies) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjejihbacnnkpphhplfimocgocljgeek [2015-12-01]
CHR Extension: (IE Tab) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-09-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKU\S-1-5-21-1874787081-2499585647-251443779-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1874787081-2499585647-251443779-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbSoftMgr4; C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [1039360 2009-02-26] (AB Studio) [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Autodesk Network Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [1539224 2008-06-13] (Autodesk, Inc.) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [295424 2016-07-29] (Brother Industries, Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2625368 2017-06-13] (ESET)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-23] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132824 2017-06-22] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107344 2017-05-04] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178056 2017-05-04] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [60544 2017-05-04] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [101648 2017-05-04] (ESET)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-04 21:14 - 2017-10-04 21:17 - 000012920 _____ C:\Users\Viliam\Desktop\FRST.txt
2017-10-04 21:14 - 2017-10-04 21:14 - 000000000 ____D C:\FRST
2017-10-04 21:13 - 2017-10-04 21:14 - 002399744 _____ (Farbar) C:\Users\Viliam\Desktop\FRST64.exe
2017-10-04 15:56 - 2017-10-04 15:56 - 000000000 ____D C:\Program Files (x86)\Hijackthis
2017-10-04 15:53 - 2017-10-04 15:53 - 000000000 ____D C:\Windows\pss
2017-10-04 13:10 - 2017-10-04 13:11 - 115869456 _____ (Microsoft Corporation) C:\Users\Viliam\Desktop\msert.exe
2017-10-04 07:10 - 2017-10-04 07:10 - 000000004 ____H C:\ProgramData\cm-lock
2017-10-02 12:58 - 2017-10-02 12:58 - 000049056 _____ C:\Users\Viliam\Desktop\nemotice.dwg
2017-09-28 10:22 - 2017-09-28 15:14 - 000000000 ____D C:\Users\Viliam\Desktop\čov vzor
2017-09-23 16:24 - 2017-09-23 16:24 - 000017892 _____ C:\Users\Viliam\Downloads\[SkT]Annabelle_2-_Zrozeni_zla_-_Annabelle-_Creation_(2017)[WebRip][1080p]_=_CSFD_73%.torrent
2017-09-23 16:22 - 2017-09-23 16:22 - 000014752 _____ C:\Users\Viliam\Downloads\[SkT]Dunkerk_-_Dunkirk_(2017)[CAM]_=_CSFD_87%.torrent
2017-09-23 16:22 - 2017-09-23 16:22 - 000014694 _____ C:\Users\Viliam\Downloads\[SkT]Baby_driver_(2017)[WebRip]_=_CSFD_77%.torrent
2017-09-19 07:29 - 2017-09-19 07:29 - 000001125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive for PC is now Backup and Sync from Google.lnk
2017-09-19 07:29 - 2017-09-19 07:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-09-18 08:52 - 2017-09-18 08:52 - 000000000 ____D C:\ProgramData\PCFaxRx
2017-09-18 08:52 - 2017-09-18 08:52 - 000000000 ____D C:\Program Files (x86)\PC-FAXReceive
2017-09-18 08:52 - 2016-05-23 16:02 - 000317952 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrFaxTxAppRunA64.dll
2017-09-18 08:52 - 2016-05-23 16:02 - 000046592 _____ C:\Windows\ChgFscEx.dll
2017-09-18 08:51 - 2017-09-18 08:51 - 000000000 ____D C:\Program Files (x86)\RemoteSetup
2017-09-18 08:51 - 2017-09-18 08:51 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK
2017-09-04 15:00 - 2017-09-04 15:00 - 000001219 _____ C:\Users\Viliam\Desktop\Scan - Shortcut.lnk
2017-09-04 14:54 - 2017-09-18 20:39 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\ControlCenter4
2017-09-04 14:48 - 2017-09-04 14:48 - 000000000 ___RD C:\Users\Viliam\AppData\Roaming\Brother
2017-09-04 14:48 - 2017-09-04 14:48 - 000000000 ____D C:\Users\Viliam\AppData\LocalLow\Brother
2017-09-04 14:42 - 2017-09-04 14:42 - 000000178 _____ C:\Windows\system32\AddPort.ini
2017-09-04 14:42 - 2017-09-04 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-09-04 14:42 - 2017-09-04 14:42 - 000000000 ____D C:\Program Files (x86)\HP
2017-09-04 14:41 - 2017-09-04 14:42 - 000002692 _____ C:\Windows\sounder.his
2017-09-04 14:41 - 2017-09-04 14:41 - 000000471 _____ C:\Windows\hpntwksetup.ini
2017-09-04 14:39 - 2017-09-18 08:53 - 000002147 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2017-09-04 14:39 - 2017-09-18 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-09-04 14:39 - 2017-09-18 08:52 - 000000024 _____ C:\Windows\Brpfx04a.ini
2017-09-04 14:39 - 2017-09-04 14:39 - 000002030 _____ C:\Users\Public\Desktop\Skúšobná verzia OmniJoin.lnk
2017-09-04 14:39 - 2017-09-04 14:39 - 000000093 _____ C:\Windows\brpcfx.ini
2017-09-04 14:38 - 2017-10-03 12:08 - 000026650 _____ C:\Windows\BRRBCOM.INI
2017-09-04 14:38 - 2017-09-04 14:38 - 000013172 _____ C:\Windows\BROMJ6920DW.INI
2017-09-04 14:37 - 2017-09-19 07:18 - 000000000 ____D C:\ProgramData\ControlCenter4
2017-09-04 14:37 - 2017-09-18 08:51 - 000000000 ____D C:\Program Files (x86)\Browny02
2017-09-04 14:37 - 2017-09-18 08:49 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2017-09-04 14:37 - 2017-09-04 14:37 - 000000066 _____ C:\Windows\Brfaxrx.ini
2017-09-04 14:37 - 2017-09-04 14:37 - 000000000 ____D C:\Users\Public\Documents\BrFaxRx
2017-09-04 14:37 - 2017-09-04 14:37 - 000000000 ____D C:\ProgramData\PCFaxTx
2017-09-04 14:37 - 2017-09-04 14:37 - 000000000 ____D C:\Brother
2017-09-04 14:37 - 2012-12-12 11:37 - 000318464 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrFaxTxAppRun64.dll
2017-09-04 14:36 - 2017-09-18 08:53 - 000000000 ____D C:\Program Files (x86)\Brother
2017-09-04 14:36 - 2015-06-16 21:39 - 000252928 _____ (brother) C:\Windows\system32\NSSRH64.dll
2017-09-04 14:36 - 2013-07-03 11:46 - 000065024 _____ (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2017-09-04 14:36 - 2013-04-11 08:55 - 000227328 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRCOI13Q.DLL
2017-09-04 14:36 - 2013-04-11 08:55 - 000180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL
2017-09-04 14:36 - 2013-04-11 08:55 - 000133744 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBI13A.EXE
2017-09-04 14:36 - 2013-04-11 08:55 - 000077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
2017-09-04 14:36 - 2013-04-11 08:55 - 000050688 _____ (Brother Industries Ltd.) C:\Windows\SysWOW64\BRPRTINK.DLL
2017-09-04 14:36 - 2013-04-11 08:55 - 000045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL
2017-09-04 14:36 - 2013-04-11 08:55 - 000025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
2017-09-04 14:36 - 2013-04-11 08:55 - 000000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI
2017-09-04 14:36 - 2013-03-08 15:45 - 000059904 _____ (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2017-09-04 14:36 - 2013-03-08 15:44 - 000087040 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2017-09-04 14:36 - 2013-01-07 02:57 - 001441792 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi213a.dll
2017-09-04 14:36 - 2011-09-08 11:36 - 000279040 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrJDec.dll
2017-09-04 14:36 - 2010-03-15 19:45 - 000073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2017-09-04 14:36 - 2007-12-13 22:16 - 000005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2017-09-04 14:36 - 2005-04-22 13:36 - 000143360 _____ C:\Windows\system32\BrSNMP64.dll
2017-09-04 14:34 - 2017-09-04 14:38 - 000000000 ____D C:\ProgramData\Brother
2017-09-04 14:34 - 2017-09-04 14:34 - 000000000 ____D C:\Users\Viliam\Downloads\install
2017-09-04 14:30 - 2017-09-04 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-09-04 14:30 - 2017-09-04 14:30 - 000000000 ____D C:\Program Files\Common Files\EPSON
2017-09-04 14:28 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2017-09-04 14:27 - 2017-09-04 14:30 - 000000000 ____D C:\ProgramData\EPSON
2017-09-04 14:27 - 2011-04-20 03:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMHDE.DLL
2017-09-04 14:27 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BHDE.DLL
2017-09-04 14:24 - 2017-09-04 14:24 - 000000000 ____D C:\Users\Viliam\AppData\Local\HP
2017-09-04 14:23 - 2017-09-04 14:23 - 000000000 ____D C:\Users\Viliam\HP
2017-09-04 14:23 - 2017-09-04 14:23 - 000000000 _____ C:\Users\Viliam\Documents\HP ePrint
2017-09-04 14:20 - 2017-09-04 14:20 - 000003358 _____ C:\Windows\System32\Tasks\HPEA3JOBS
2017-09-04 14:20 - 2017-09-04 14:20 - 000002739 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP ePrint SW.lnk
2017-09-04 14:20 - 2017-09-04 14:20 - 000000000 ____D C:\Program Files\HP
2017-09-04 14:19 - 2017-09-04 14:19 - 000000000 ____D C:\ProgramData\Apple
2017-09-04 14:19 - 2017-09-04 14:19 - 000000000 ____D C:\Program Files\Bonjour
2017-09-04 14:19 - 2017-09-04 14:19 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-09-04 10:49 - 2017-09-18 12:11 - 000000000 ____D C:\Users\Viliam\AppData\LocalLow\Mozilla
2017-09-04 10:49 - 2017-09-04 10:55 - 000000000 ____D C:\Users\Viliam\AppData\Local\Thunderbird
2017-09-04 10:49 - 2017-09-04 10:49 - 000001216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2017-09-04 10:49 - 2017-09-04 10:49 - 000001204 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2017-09-04 10:49 - 2017-09-04 10:49 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\Thunderbird
2017-09-04 10:49 - 2017-09-04 10:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-09-04 10:49 - 2017-09-04 10:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-04 21:10 - 2014-09-23 04:23 - 000000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-10-04 16:37 - 2017-06-04 18:26 - 000000000 ____D C:\Users\Viliam\AppData\Local\Akamai
2017-10-04 13:04 - 2009-07-14 07:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-04 13:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-04 10:51 - 2014-09-23 04:23 - 000000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-10-04 07:18 - 2009-07-14 06:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-04 07:18 - 2009-07-14 06:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-04 07:10 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-03 07:52 - 2014-09-27 18:13 - 000000000 ____D C:\Users\Viliam\AppData\Local\Adobe
2017-10-02 09:30 - 2016-11-11 16:13 - 000002419 _____ C:\Users\Viliam\Documents\acad.err
2017-09-26 12:10 - 2014-09-30 18:27 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\Skype
2017-09-26 09:19 - 2017-05-28 16:34 - 000000000 ____D C:\Users\Viliam\Desktop\Pomocne zuzana
2017-09-26 07:41 - 2014-09-23 04:24 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-23 22:21 - 2015-07-06 18:44 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\vlc
2017-09-23 18:04 - 2014-10-12 12:26 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\uTorrent
2017-09-19 15:49 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-09-14 11:18 - 2015-02-12 09:55 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-14 11:18 - 2015-02-12 09:55 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-14 11:18 - 2015-02-12 09:55 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-14 11:18 - 2015-02-12 09:55 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-14 11:18 - 2014-09-28 09:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-09 08:22 - 2014-09-28 11:29 - 000032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-06 09:21 - 2016-11-25 17:19 - 000000683 _____ C:\Users\Viliam\Desktop\Google Drive.lnk
2017-09-05 21:03 - 2016-11-25 17:19 - 000000000 ___RD C:\Users\Viliam\Google
2017-09-05 14:44 - 2014-09-22 21:52 - 000000000 ____D C:\Users\Viliam
2017-09-04 14:35 - 2014-09-22 21:58 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-09-04 14:20 - 2016-11-25 17:56 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-04 13:50 - 2017-09-02 19:10 - 000000000 ____D C:\Users\Viliam\GRAPHISOFT
2017-09-04 10:49 - 2015-12-05 19:23 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\Mozilla
2017-09-04 10:34 - 2015-08-08 11:25 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\TeamViewer
2017-09-04 10:34 - 2014-09-23 00:26 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\ESET

==================== Files in the root of some directories =======

2017-05-19 17:32 - 2004-05-28 09:37 - 000004900 _____ () C:\Program Files\Dily.rdd
2017-05-19 17:33 - 2017-05-19 17:33 - 000087589 _____ () C:\Program Files\reindex_Errors.txt
2017-02-24 11:37 - 2017-02-24 11:37 - 000000132 _____ () C:\Users\Viliam\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-12-11 21:16 - 2017-05-31 19:17 - 000000132 _____ () C:\Users\Viliam\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-12-07 09:47 - 2014-12-07 09:47 - 000007605 _____ () C:\Users\Viliam\AppData\Local\Resmon.ResmonCfg
2017-10-04 07:10 - 2017-10-04 07:10 - 000000004 ____H () C:\ProgramData\cm-lock
2014-09-23 05:03 - 2014-09-23 05:03 - 000000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2017-02-27 14:07 - 2017-02-27 14:07 - 000000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-18 19:28 - 2015-10-18 19:28 - 000000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-30 21:20

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-10-2017 01
Ran by Viliam (04-10-2017 21:18:28)
Running from C:\Users\Viliam\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-09-22 19:52:21)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1874787081-2499585647-251443779-500 - Administrator - Disabled)
ezcbaqryu (S-1-5-21-1874787081-2499585647-251443779-1007 - Limited - Enabled)
Guest (S-1-5-21-1874787081-2499585647-251443779-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1874787081-2499585647-251443779-1004 - Limited - Enabled)
Ján (S-1-5-21-1874787081-2499585647-251443779-1005 - Limited - Enabled) => C:\Users\Ján
Viliam (S-1-5-21-1874787081-2499585647-251443779-1000 - Administrator - Enabled) => C:\Users\Viliam

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personálny firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.99+ (HKLM\...\{FDF42E5F-B254-4A31-BE0E-B423580B03B2}_is1) (Version: 1.99++ - CAD Studio)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
AB Softlock 4 (HKLM-x32\...\{7C4142F1-8C82-4E7D-B540-3E783B2B7F9A}) (Version: 4.20.0005 - AB Studio)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
ALZip 8.51 (HKLM-x32\...\ALZip_is1) (Version: v8.51 - ESTsoft Corp.)
AML Free Registry Cleaner 4.25 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.)
Any PDF to DWG Converter 2013 (HKLM-x32\...\Any PDF to DWG Converter_is1) (Version: - AnyDWG Software, Inc.)
ARCHICAD 20 CZE (HKLM\...\001FFF2FFF20FF00FF1101F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
ArchShaders for V-Ray vol.1 (HKLM-x32\...\ArchShaders for V-Ray vol.1_is1) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{61D4B846-49F8-2639-A4EB-977875265F37}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0409-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (HKLM\...\{5783F2D7-D001-0409-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.107.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\{723C8298-C7B0-0409-A1B6-C3BA6F3FFAB1}) (Version: 14.0 - Autodesk) Hidden
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\Autodesk 3ds Max 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD 2016 SP 1 (HKLM\...\AutoCAD 2016 SP1) (Version: 20.1.107.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version: - Autodesk)
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.100 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Revit Architecture 2011 x64 (HKLM\...\{94D463D0-2B13-4181-9512-B27004B1151A}) (Version: 10.03.26170 - Autodesk) Hidden
Autodesk Revit Architecture 2011 x64 (HKLM\...\Autodesk Revit Architecture 2011 x64) (Version: 10.03.26170 - Autodesk)
Backup and Sync from Google (HKLM-x32\...\{9AC75ED0-A54A-4AEA-9563-87572879D91C}) (Version: 3.36.6721.3394 - Google, Inc.)
Balík TT 2010 (HKLM-x32\...\{91CA3F48-5DAD-4147-AECE-C7219C4B2562}) (Version: 2010.0.0.0 - Svoboda Software (svoboda.zbynek@quick.cz, mobile +420 606 227 420))
BIMTech CAD Tools verze 1.0 (HKLM-x32\...\{B85607AD-545E-486D-9B1E-893A5DBE7CA2}_is1) (Version: 1.0 - BIM Technology s.r.o.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrLauncher (HKLM-x32\...\{474764AE-5A67-4312-ADD3-449798BD96D1}) (Version: 1.1.21.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother MFL-Pro Suite MFC-J6920DW (HKLM-x32\...\{6A367B4D-2E1C-4843-9FF0-A1DF1DEAB1E6}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{38D06621-1D12-4EFB-95E1-99295DC1F3CB}) (Version: 1.3.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{891C6028-44F7-4559-860F-616E5DEB2934}) (Version: 1.0.25.1 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{83626DDE-99CD-4FF2-804E-36BE82143315}) (Version: 1.0.14.0 - Brother Industries Ltd.) Hidden
CADKON-TZB 2010 (HKLM-x32\...\{0ABCECAD-0700-0400-0100-0ABCECAD0100}) (Version: 14.00.0000 - AB Studio) Hidden
CADKON-TZB 2010 pro AutoCAD 2010 (HKLM-x32\...\InstallShield_{0ABCECAD-0700-0400-0100-0ABCECAD0100}) (Version: 14.00.0000 - AB Studio)
ccc-core-static (HKLM-x32\...\{058E65E2-AFC2-8974-43A2-1EA5A4A53471}) (Version: 2010.0426.2136.36953 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CEWE fotosvet (HKLM-x32\...\CEWE fotosvet) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
CodeMeter Runtime Kit v5.22a (HKLM\...\{8D299F2C-A3C8-49A5-A726-E885AB397243}) (Version: 5.22.1508.501 - WIBU-SYSTEMS AG)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.26.0 - Conexant)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.61 - Conexant)
ControlCenter4 (HKLM-x32\...\{96732F18-93C7-4AD8-930C-76B793AA6175}) (Version: 4.4.18.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1E89F75C-EF46-406C-9AAC-615B3CCC1D3D}) (Version: 4.3.2.1 - Brother Insutries Ltd.) Hidden
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 1.17 - Piriform)
DeviceDetect (HKLM-x32\...\{9C27CE44-0F33-42CC-8A30-4A08369EB7B3}) (Version: 1.3.1.0 - Brother Industries Ltd.) Hidden
ESET Smart Security (HKLM\...\{DAA963B2-AEF7-480C-940D-56D4387E345B}) (Version: 10.1.219.1 - ESET, spol. s r.o.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Find Subtitles 1.0 (HKLM-x32\...\{2DC8C516-D612-4EE8-A6AE-D356D637E132}_is1) (Version: 1.0 - Findsubtitles.com)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF20FF00FF2801F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HP DesignJet T120 and T520 Printer Series (HKLM-x32\...\HPAmpereXL) (Version: - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP T120 and T520 series ICC Profiles (HKLM\...\{4F9E7F57-1D06-4B50-9691-813F87C655B8}) (Version: 2.0.0 - HP Inc.)
HP Web Registration (HKLM-x32\...\{D2FF897E-4A99-446E-8BB4-DD99CD496838}) (Version: 1.3.0.0 - HP Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 12.6.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.6.5 - KLCP)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.3.0 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.3.0 (x86 sk)) (Version: 52.3.0 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetworkRepairTool (HKLM-x32\...\{947DE453-69FD-4CF6-A682-04D1308C79AF}) (Version: 1.2.15.0 - Brother Industries, Ltd.) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Odinštalovať tlačiareň EPSON WF-7525 Series (HKLM\...\EPSON WF-7525 Series) (Version: - SEIKO EPSON Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC-FAXReceive (HKLM-x32\...\{5A00BD65-623B-430A-9EE4-EA2A943B91F9}) (Version: 1.6.14.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{3C17737F-A6C4-4528-9A60-06DD0D4B3A63}) (Version: 1.0.18.1 - Brother Industries Ltd.) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.0 - pdfforge GmbH)
PDFTools Version 1.2 (09/28/2006) (HKLM-x32\...\PDFTools_is1) (Version: 1.0 - www.SheelApps.com - Sheel Khanna)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PROFIT 2016.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{BDD8C463-1183-4A91-9EC8-BF68E4ECA9B6}) (Version: 3.9.2.1 - Brother Industries Ltd.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp 2017 (HKLM\...\{BCA90A4C-9C6A-49D1-91F9-594A0BE02432}) (Version: 17.1.174 - Trimble, Inc.)
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
StatusMonitor (HKLM-x32\...\{0B96D5AD-FADB-4232-9337-D09F631BF958}) (Version: 1.17.13.0 - Brother Insutries Ltd.) Hidden
Surfer 8 (HKLM-x32\...\{18A64EE3-F1FE-46F3-AAE1-8CDB35B6038B}) (Version: 8.1.24.0 - Golden Software, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TimeMaker v1.0 (remove only) (HKLM-x32\...\TimeMaker) (Version: - )
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Total Uninstall 6.7.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.7.1 - Gavrila Martau)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
V-Ray for 3dsmax 2012 for x64 (HKLM\...\V-Ray for 3dsmax 2012 for x64) (Version: 2.00.03 - Chaos Software Ltd)
WhatsApp (HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\WhatsApp) (Version: 0.2.4240 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Architecture 2011\Program\APIContext.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1-x32: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2011-11-02] (ESTsoft Corp.)
ContextMenuHandlers1-x32-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc.)
ContextMenuHandlers1-x32-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers1-x32-x32: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1-x32-x32: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers2: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2011-11-02] (ESTsoft Corp.)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers2: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers4-x32: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2011-11-02] (ESTsoft Corp.)
ContextMenuHandlers4-x32: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-04-27] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2011-11-02] (ESTsoft Corp.)
ContextMenuHandlers6: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll [2011-11-02] (ESTsoft Corp.)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {027C7758-15AB-4248-862E-2734580A80F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {27B0D091-3E4B-42A0-B2E8-CB06832F8BF4} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-01] ()
Task: {566990E0-29E5-4626-8339-E4559127C02B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7703619C-BE04-482F-A73E-F672D5E07F38} - System32\Tasks\GoogleUpdateTaskMachineCore1d042bafdedf0fc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8D153BB0-BAB0-431B-B817-B1A575DA8AC1} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {95BA3671-57FA-4E55-A11E-25525CBAD1A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-14] (Adobe Systems Incorporated)
Task: {98A11938-152B-43DE-9FFF-E971030CA039} - System32\Tasks\AdobeAAMUpdater-1.0-Viliam-PC-Viliam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {BF9A7B0F-2567-4D69-829C-D219E74C15E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d000d9df8e4a8e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D0244428-2D96-447B-AAD7-235992F91B2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {E5FB5649-7726-42B1-A7C7-1FDF7DD53223} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-02-22 21:52 - 2011-02-22 21:52 - 000086016 _____ () C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
2017-08-31 17:18 - 2017-08-31 17:18 - 040257336 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2014-09-25 20:44 - 2014-09-25 20:44 - 000049152 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2017-09-26 07:41 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 07:41 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2013-07-11 13:21 - 2013-07-11 13:21 - 000143752 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axutil.dll
2013-04-25 15:43 - 2013-04-25 15:43 - 000472904 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axis2_engine.dll
2013-07-11 13:21 - 2013-07-11 13:21 - 000179592 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axiom.dll
2013-04-25 15:44 - 2013-04-25 15:44 - 000040264 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\axis2_parser.dll
2013-04-25 15:44 - 2013-04-25 15:44 - 001310024 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\libxml2.dll
2013-04-25 15:43 - 2013-04-25 15:43 - 000140104 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\neethi.dll
2013-07-11 13:21 - 2013-07-11 13:21 - 000067912 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_sender.dll
2013-07-11 13:21 - 2013-07-11 13:21 - 000023368 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_receiver.dll
2013-07-11 13:21 - 2013-07-11 13:21 - 000036680 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\addressing\axis2_mod_addr.dll
2013-07-11 13:21 - 2013-07-11 13:21 - 000017224 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\logging\axis2_mod_log.dll
2017-09-12 21:51 - 2017-09-01 12:06 - 031189504 _____ () C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\PepperFlash\27.0.0.130\pepflashplayer.dll
2017-09-04 14:36 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-10-04 07:36 - 2017-10-04 07:36 - 000088064 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\_ctypes.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000918528 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\_hashlib.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000098816 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32api.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000110080 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\pywintypes27.dll
2017-10-04 07:36 - 2017-10-04 07:36 - 000364544 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\pythoncom27.dll
2017-10-04 07:36 - 2017-10-04 07:36 - 000686080 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\unicodedata.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000320512 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32com.shell.shell.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 001177088 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\wx._core_.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000806912 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\wx._gdi_.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000816640 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\wx._windows_.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 001067520 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\wx._controls_.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000733696 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\wx._misc_.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000736256 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\pysqlite2._sqlite.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000119808 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32file.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000108544 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32security.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000007168 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\hashobjs_ext.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000017920 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\thumbnails_ext.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000082432 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\usb_ext.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000013824 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\common.time34.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000018432 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32event.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000088576 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\windows.volumes.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000017408 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\windows.winwrap.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000167936 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32gui.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000046080 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\_socket.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 001309696 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\_ssl.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000129536 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\_elementtree.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000127488 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\pyexpat.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000038912 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32inet.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000077824 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\wx._html2.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000036864 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\_psutil_windows.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000524248 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\windows._lib_cacheinvalidation.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000011264 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32crypt.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000218624 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\PIL._imaging.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000027648 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\_multiprocessing.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000020480 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\_yappi.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000035840 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32process.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000024064 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32pipe.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000010240 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\select.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000025600 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32pdh.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000058880 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\windows.device_monitor.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000017408 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32profile.pyd
2017-10-04 07:36 - 2017-10-04 07:36 - 000022528 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI37242\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1874787081-2499585647-251443779-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1874787081-2499585647-251443779-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Viliam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk => C:\Windows\pss\CodeMeter Control Center.lnk.CommonStartup
MSCONFIG\startupreg: ABUNINSTALLEX => c:\programdata\ab studio\ABUnInstallEx.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Viliam\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: I16A => C:\Windows\twain_32\Brimi16a\Common\TwDsUiLaunch.exe
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Viliam\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0E574DCB-C06B-4EB7-827C-88945CB4C825}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E42F1230-37D7-4DB5-AB4C-8B9E496CAD7D}] => (Allow) C:\Users\Viliam\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{B5B2AF09-F39D-4081-B2F5-F2C0A9034429}] => (Allow) C:\Users\Viliam\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{FE6C10E6-5866-461E-812F-61D8A3BBE8AF}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{EEE47C0A-C9E3-44E7-8337-8D3B0973FCBB}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{57A5B90C-5272-41A3-857B-D5F8CC73DDE3}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{1DD7E255-0CEB-46B8-841A-87B9ED7B79F7}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{8B68BDAE-6824-4A6A-8781-B30AEA4210BF}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{8F6EE632-F3F9-4921-93C8-E523E7979AC3}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{26E68B4F-3C90-4988-9EDB-7A42A72A83B2}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{61919F9A-2F4A-41CD-8838-FCA3A91CF080}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{66F5D497-D314-4919-972C-040F656217A9}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{2179B923-CDED-4B91-8D90-CBF83B6FC6D3}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{DDD5B644-198E-4F5A-8618-70E44E24B184}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{F7E48E0A-8FEC-4A10-8C97-9817E575E66B}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{0FAC6549-79C3-4C0E-A94E-F985DC5F9357}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{AB88F2A3-3FA3-4CC4-9553-099D78C96076}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F2B326AF-34C6-4616-AD79-689A1E82B9A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C8D9041E-124D-4842-9A62-0958141B9A01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7C038A95-0B76-40FE-9AF5-7D503B3523A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C1E9EBDF-2457-4BB9-B884-9BF1224F2EB0}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{84478CE4-EB66-49AF-A8A6-7EAB7B9342F8}C:\users\viliam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\viliam\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D43E1E29-3773-4CBD-9A95-683D7870A370}C:\users\viliam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\viliam\appdata\local\akamai\netsession_win.exe
FirewallRules: [{E0C5EADE-BC30-4FCF-8487-67C38F68114D}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 20\ARCHICAD.exe
FirewallRules: [{8DB485EE-BF3C-41D7-BDE2-062449175582}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 20\CineRender\CineRender 64bit.exe
FirewallRules: [{B0FFFBEB-0685-415F-B6E3-DDAECC222BDC}] => (Allow) C:\Program Files\GRAPHISOFT\ARCHICAD 20\BIMxUploader.exe
FirewallRules: [{9431098C-81C5-4032-A264-29449342707B}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 20\OverwatchServer.exe
FirewallRules: [{E27890A1-102D-4870-9944-4DB6638A377F}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{D5200B13-496E-4AB4-89E5-D5A8FDB31DD6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{23407D28-2E16-46C3-A085-F857FF24C4A6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{847C9B97-3374-4D93-9FE1-C9F61B17DA37}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{95EED7BC-2238-4B0D-B6BA-E69B5E6C5001}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{344B58A1-2ED3-47D4-8C41-D11422073F38}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{08958AFB-4E34-4CB0-893C-BB9EE774C973}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C6249BD-279F-4DE5-9C48-9B01D338D62C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D2183E5B-B20A-4CB8-81E1-703003B0319A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A6568265-F951-4201-BE42-1566AD03ABA5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13c\FAXRX.EXE
FirewallRules: [{06D8FB69-9EDF-4865-8C0D-CBC5863D6160}] => (Allow) LPort=54925
FirewallRules: [{4A4148B6-D267-4FD8-81FA-8176E711F60F}] => (Allow) LPort=54925
FirewallRules: [{904D1797-896D-4F8B-880D-B921D6C57338}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe
FirewallRules: [{444B72D3-4A36-43ED-8040-41FBCDEE417D}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe
FirewallRules: [{CAF2405A-5E3B-4D05-A5BD-5951F06344EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

13-09-2017 16:39:27 Scheduled Checkpoint
20-09-2017 17:01:50 Scheduled Checkpoint
28-09-2017 15:46:02 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2017 09:16:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 3.10.2017.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a70

Start Time: 01d33d44f4028e6f

Termination Time: 8

Application Path: C:\Users\Viliam\Desktop\FRST64.exe

Report Id: 54fcffff-a938-11e7-af2a-00266c530562

Error: (10/04/2017 09:10:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2607463

Error: (10/04/2017 09:10:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2607463

Error: (10/04/2017 09:10:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2017 09:10:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2606465

Error: (10/04/2017 09:10:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2606465

Error: (10/04/2017 09:10:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2017 09:10:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2605467

Error: (10/04/2017 09:10:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2605467

Error: (10/04/2017 09:10:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

System errors:
=============
Error: (10/04/2017 07:11:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/04/2017 07:11:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/03/2017 07:42:54 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/03/2017 07:42:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/02/2017 07:57:57 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{0EC6516A-4869-4E9A-A955-E6A601F46FB9}.
The backup browser is stopping.

Error: (10/02/2017 07:48:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (10/02/2017 07:43:56 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (10/02/2017 07:43:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/02/2017 07:43:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/02/2017 07:41:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ekrn service.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 61%
Total physical RAM: 3957.86 MB
Available physical RAM: 1504.15 MB
Total Virtual: 7913.9 MB
Available Virtual: 4623.27 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:195.21 GB) (Free:58.03 GB) NTFS
Drive d: (Data) (Fixed) (Total:736.2 GB) (Free:150.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 91006D53)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#4 Příspěvek od **Rudy** » 04 říj 2017 21:05

To je v pořádku. FRST vytvoří po skenu 2 logy. Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

zack111 · #5 Příspěvek od **zack111** » 05 říj 2017 08:27

aplikaciu som spustil a postupoval podľa návodu, nižšie posielam log:

# AdwCleaner 7.0.3.1 - Logfile created on Thu Oct 05 06:02:07 2017
# Updated on 2017/29/09 by Malwarebytes
# Database: 10-04-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\ProgramData\IObit\ASCDownloader
PUP.Optional.Legacy, C:\ProgramData\Application Data\IObit\ASCDownloader
PUP.Optional.Legacy, C:\Users\All Users\IObit\ASCDownloader
ALToolBar, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESTsoft
ALToolBar, C:\ProgramData\ESTsoft
ALToolBar, C:\ProgramData\Application Data\ESTsoft
ALToolBar, C:\Program Files (x86)\ESTsoft
ALToolBar, C:\Users\All Users\ESTsoft
ALToolBar, C:\Users\Viliam\AppData\Roaming\ESTsoft

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IOBIT\ASC
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
PUP.Optional.SofTonicAssistant, [Key] - HKU\S-1-5-21-1874787081-2499585647-251443779-1000\Software\Softonic
PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Softonic

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

#6 Příspěvek od **Rudy** » 05 říj 2017 17:16

Ještě dokončete kliknutím na mazání a dejte nový log FRST.

zack111 · #7 Příspěvek od **zack111** » 05 říj 2017 19:46

posielam log ktory sa mi zobrazil po mazani

# AdwCleaner 7.0.3.1 - Logfile created on Thu Oct 05 18:42:36 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1854 B] - [2017/10/5 7:27:27]
C:/AdwCleaner/AdwCleaner[S0].txt - [1816 B] - [2017/10/5 6:2:7]
C:/AdwCleaner/AdwCleaner[S1].txt - [1250 B] - [2017/10/5 18:41:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

#8 Příspěvek od **Rudy** » 05 říj 2017 20:12

OK. Teď dejte nový log FRST.

zack111 · #9 Příspěvek od **zack111** » 06 říj 2017 06:44

posielam log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2017 01
Ran by Viliam (administrator) on VILIAM-PC (06-10-2017 07:32:15)
Running from C:\Users\Viliam\Desktop
Loaded Profiles: Viliam (Available Profiles: Viliam & Ján)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Autodesk Sync] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40257336 2017-08-31] ()
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{0EC6516A-4869-4E9A-A955-E6A601F46FB9}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-12] (Oracle Corporation)

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default [2017-10-06]
CHR Extension: (Prezentace Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Dokumenty Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-22]
CHR Extension: (World Currencies) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjejihbacnnkpphhplfimocgocljgeek [2015-12-01]
CHR Extension: (IE Tab) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-09-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Viliam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKU\S-1-5-21-1874787081-2499585647-251443779-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1874787081-2499585647-251443779-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbSoftMgr4; C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [1039360 2009-02-26] (AB Studio) [File not signed]
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Autodesk Network Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [1539224 2008-06-13] (Autodesk, Inc.) [File not signed]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [295424 2016-07-29] (Brother Industries, Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2625368 2017-06-13] (ESET)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-23] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132824 2017-06-22] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107344 2017-05-04] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178056 2017-05-04] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [60544 2017-05-04] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [101648 2017-05-04] (ESET)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-06 07:29 - 2017-10-06 07:29 - 000000004 ____H C:\ProgramData\cm-lock
2017-10-05 09:26 - 2017-10-05 09:26 - 000001816 _____ C:\Users\Viliam\Desktop\AdwCleaner[S0].txt
2017-10-05 07:59 - 2017-10-05 20:42 - 000000000 ____D C:\AdwCleaner
2017-10-05 07:59 - 2017-10-05 07:59 - 008250832 _____ (Malwarebytes) C:\Users\Viliam\Desktop\adwcleaner_7.0.3.1.exe
2017-10-04 21:18 - 2017-10-04 21:19 - 000059767 _____ C:\Users\Viliam\Desktop\Addition.txt
2017-10-04 21:14 - 2017-10-06 07:34 - 000011159 _____ C:\Users\Viliam\Desktop\FRST.txt
2017-10-04 21:14 - 2017-10-06 07:32 - 000000000 ____D C:\FRST
2017-10-04 21:13 - 2017-10-04 21:14 - 002399744 _____ (Farbar) C:\Users\Viliam\Desktop\FRST64.exe
2017-10-04 15:56 - 2017-10-04 15:56 - 000000000 ____D C:\Program Files (x86)\Hijackthis
2017-10-04 15:53 - 2017-10-04 15:53 - 000000000 ____D C:\Windows\pss
2017-10-02 12:58 - 2017-10-02 12:58 - 000049056 _____ C:\Users\Viliam\Desktop\nemotice.dwg
2017-09-28 10:22 - 2017-09-28 15:14 - 000000000 ____D C:\Users\Viliam\Desktop\čov vzor
2017-09-23 16:24 - 2017-09-23 16:24 - 000017892 _____ C:\Users\Viliam\Downloads\[SkT]Annabelle_2-_Zrozeni_zla_-_Annabelle-_Creation_(2017)[WebRip][1080p]_=_CSFD_73%.torrent
2017-09-23 16:22 - 2017-09-23 16:22 - 000014752 _____ C:\Users\Viliam\Downloads\[SkT]Dunkerk_-_Dunkirk_(2017)[CAM]_=_CSFD_87%.torrent
2017-09-23 16:22 - 2017-09-23 16:22 - 000014694 _____ C:\Users\Viliam\Downloads\[SkT]Baby_driver_(2017)[WebRip]_=_CSFD_77%.torrent
2017-09-19 07:29 - 2017-09-19 07:29 - 000001125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive for PC is now Backup and Sync from Google.lnk
2017-09-19 07:29 - 2017-09-19 07:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-09-18 08:52 - 2017-09-18 08:52 - 000000000 ____D C:\ProgramData\PCFaxRx
2017-09-18 08:52 - 2017-09-18 08:52 - 000000000 ____D C:\Program Files (x86)\PC-FAXReceive
2017-09-18 08:52 - 2016-05-23 16:02 - 000317952 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrFaxTxAppRunA64.dll
2017-09-18 08:52 - 2016-05-23 16:02 - 000046592 _____ C:\Windows\ChgFscEx.dll
2017-09-18 08:51 - 2017-09-18 08:51 - 000000000 ____D C:\Program Files (x86)\RemoteSetup
2017-09-18 08:51 - 2017-09-18 08:51 - 000000000 ____D C:\Program Files (x86)\ControlCenter4 CSDK

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-06 07:31 - 2014-09-23 04:23 - 000000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2017-10-06 07:29 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-05 20:51 - 2009-07-14 06:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-05 20:51 - 2009-07-14 06:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-05 20:49 - 2009-07-14 07:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-05 20:49 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-05 20:46 - 2014-09-23 04:23 - 000000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2017-10-05 15:37 - 2014-09-22 21:52 - 000000000 ____D C:\Users\Viliam
2017-10-05 10:46 - 2017-09-04 14:38 - 000026650 _____ C:\Windows\BRRBCOM.INI
2017-10-05 09:27 - 2014-10-12 10:54 - 000000000 ____D C:\ProgramData\IObit
2017-10-05 08:06 - 2014-09-27 18:13 - 000000000 ____D C:\Users\Viliam\AppData\Local\Adobe
2017-10-04 16:37 - 2017-06-04 18:26 - 000000000 ____D C:\Users\Viliam\AppData\Local\Akamai
2017-10-02 09:30 - 2016-11-11 16:13 - 000002419 _____ C:\Users\Viliam\Documents\acad.err
2017-09-26 12:10 - 2014-09-30 18:27 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\Skype
2017-09-26 09:19 - 2017-05-28 16:34 - 000000000 ____D C:\Users\Viliam\Desktop\Pomocne zuzana
2017-09-26 07:41 - 2014-09-23 04:24 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-23 22:21 - 2015-07-06 18:44 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\vlc
2017-09-23 18:04 - 2014-10-12 12:26 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\uTorrent
2017-09-19 15:49 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-09-19 07:18 - 2017-09-04 14:37 - 000000000 ____D C:\ProgramData\ControlCenter4
2017-09-18 20:39 - 2017-09-04 14:54 - 000000000 ____D C:\Users\Viliam\AppData\Roaming\ControlCenter4
2017-09-18 12:11 - 2017-09-04 10:49 - 000000000 ____D C:\Users\Viliam\AppData\LocalLow\Mozilla
2017-09-18 08:53 - 2017-09-04 14:39 - 000002147 _____ C:\Users\Public\Desktop\Brother Creative Center.lnk
2017-09-18 08:53 - 2017-09-04 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-09-18 08:53 - 2017-09-04 14:36 - 000000000 ____D C:\Program Files (x86)\Brother
2017-09-18 08:52 - 2017-09-04 14:39 - 000000024 _____ C:\Windows\Brpfx04a.ini
2017-09-18 08:51 - 2017-09-04 14:37 - 000000000 ____D C:\Program Files (x86)\Browny02
2017-09-18 08:49 - 2017-09-04 14:37 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2017-09-14 11:18 - 2015-02-12 09:55 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-14 11:18 - 2015-02-12 09:55 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-14 11:18 - 2015-02-12 09:55 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-14 11:18 - 2015-02-12 09:55 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-14 11:18 - 2014-09-28 09:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-09 08:22 - 2014-09-28 11:29 - 000032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-06 09:21 - 2016-11-25 17:19 - 000000683 _____ C:\Users\Viliam\Desktop\Google Drive.lnk

==================== Files in the root of some directories =======

2017-05-19 17:32 - 2004-05-28 09:37 - 000004900 _____ () C:\Program Files\Dily.rdd
2017-05-19 17:33 - 2017-05-19 17:33 - 000087589 _____ () C:\Program Files\reindex_Errors.txt
2017-02-24 11:37 - 2017-02-24 11:37 - 000000132 _____ () C:\Users\Viliam\AppData\Roaming\Adobe BMP Format CS6 Prefs
2015-12-11 21:16 - 2017-05-31 19:17 - 000000132 _____ () C:\Users\Viliam\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-12-07 09:47 - 2014-12-07 09:47 - 000007605 _____ () C:\Users\Viliam\AppData\Local\Resmon.ResmonCfg
2017-10-06 07:29 - 2017-10-06 07:29 - 000000004 ____H () C:\ProgramData\cm-lock
2014-09-23 05:03 - 2014-09-23 05:03 - 000000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2017-02-27 14:07 - 2017-02-27 14:07 - 000000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-10-18 19:28 - 2015-10-18 19:28 - 000000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-30 21:20

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-10-2017 01
Ran by Viliam (06-10-2017 07:35:07)
Running from C:\Users\Viliam\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-09-22 19:52:21)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1874787081-2499585647-251443779-500 - Administrator - Disabled)
ezcbaqryu (S-1-5-21-1874787081-2499585647-251443779-1007 - Limited - Enabled)
Guest (S-1-5-21-1874787081-2499585647-251443779-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1874787081-2499585647-251443779-1004 - Limited - Enabled)
Ján (S-1-5-21-1874787081-2499585647-251443779-1005 - Limited - Enabled) => C:\Users\Ján
Viliam (S-1-5-21-1874787081-2499585647-251443779-1000 - Administrator - Enabled) => C:\Users\Viliam

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personálny firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.99+ (HKLM\...\{FDF42E5F-B254-4A31-BE0E-B423580B03B2}_is1) (Version: 1.99++ - CAD Studio)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
AB Softlock 4 (HKLM-x32\...\{7C4142F1-8C82-4E7D-B540-3E783B2B7F9A}) (Version: 4.20.0005 - AB Studio)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version: - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version: - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version: - Microsoft)
ALZip 8.51 (HKLM-x32\...\ALZip_is1) (Version: v8.51 - ESTsoft Corp.)
AML Free Registry Cleaner 4.25 (HKLM-x32\...\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1) (Version: - AML SOFT, Inc.)
Any PDF to DWG Converter 2013 (HKLM-x32\...\Any PDF to DWG Converter_is1) (Version: - AnyDWG Software, Inc.)
ARCHICAD 20 CZE (HKLM\...\001FFF2FFF20FF00FF1101F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
ArchShaders for V-Ray vol.1 (HKLM-x32\...\ArchShaders for V-Ray vol.1_is1) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{61D4B846-49F8-2639-A4EB-977875265F37}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0409-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (HKLM\...\{5783F2D7-D001-0409-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2016 - English (HKLM\...\{5783F2D7-F001-0409-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.107.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack - English (HKLM\...\{5783F2D7-F001-0409-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\{723C8298-C7B0-0409-A1B6-C3BA6F3FFAB1}) (Version: 14.0 - Autodesk) Hidden
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\Autodesk 3ds Max 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD 2016 SP 1 (HKLM\...\AutoCAD 2016 SP1) (Version: 20.1.107.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Design Review 2011 (HKLM-x32\...\{8D20B4D7-3422-4099-9332-39F27E617A6F}) (Version: 11.0.0.86 - Autodesk, Inc.) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version: - Autodesk)
Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.100 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Medium Image library (HKLM-x32\...\{975951E7-14D0-49AF-A630-89680D12D7F6}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Revit Architecture 2011 x64 (HKLM\...\{94D463D0-2B13-4181-9512-B27004B1151A}) (Version: 10.03.26170 - Autodesk) Hidden
Autodesk Revit Architecture 2011 x64 (HKLM\...\Autodesk Revit Architecture 2011 x64) (Version: 10.03.26170 - Autodesk)
Backup and Sync from Google (HKLM-x32\...\{9AC75ED0-A54A-4AEA-9563-87572879D91C}) (Version: 3.36.6721.3394 - Google, Inc.)
Balík TT 2010 (HKLM-x32\...\{91CA3F48-5DAD-4147-AECE-C7219C4B2562}) (Version: 2010.0.0.0 - Svoboda Software (svoboda.zbynek@quick.cz, mobile +420 606 227 420))
BIMTech CAD Tools verze 1.0 (HKLM-x32\...\{B85607AD-545E-486D-9B1E-893A5DBE7CA2}_is1) (Version: 1.0 - BIM Technology s.r.o.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrLauncher (HKLM-x32\...\{474764AE-5A67-4312-ADD3-449798BD96D1}) (Version: 1.1.21.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother MFL-Pro Suite MFC-J6920DW (HKLM-x32\...\{6A367B4D-2E1C-4843-9FF0-A1DF1DEAB1E6}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC}) (Version: 1.4.0.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{38D06621-1D12-4EFB-95E1-99295DC1F3CB}) (Version: 1.3.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{891C6028-44F7-4559-860F-616E5DEB2934}) (Version: 1.0.25.1 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{83626DDE-99CD-4FF2-804E-36BE82143315}) (Version: 1.0.14.0 - Brother Industries Ltd.) Hidden
CADKON-TZB 2010 (HKLM-x32\...\{0ABCECAD-0700-0400-0100-0ABCECAD0100}) (Version: 14.00.0000 - AB Studio) Hidden
CADKON-TZB 2010 pro AutoCAD 2010 (HKLM-x32\...\InstallShield_{0ABCECAD-0700-0400-0100-0ABCECAD0100}) (Version: 14.00.0000 - AB Studio)
ccc-core-static (HKLM-x32\...\{058E65E2-AFC2-8974-43A2-1EA5A4A53471}) (Version: 2010.0426.2136.36953 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CEWE fotosvet (HKLM-x32\...\CEWE fotosvet) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
CodeMeter Runtime Kit v5.22a (HKLM\...\{8D299F2C-A3C8-49A5-A726-E885AB397243}) (Version: 5.22.1508.501 - WIBU-SYSTEMS AG)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.26.0 - Conexant)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.61 - Conexant)
ControlCenter4 (HKLM-x32\...\{96732F18-93C7-4AD8-930C-76B793AA6175}) (Version: 4.4.18.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1E89F75C-EF46-406C-9AAC-615B3CCC1D3D}) (Version: 4.3.2.1 - Brother Insutries Ltd.) Hidden
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 1.17 - Piriform)
DeviceDetect (HKLM-x32\...\{9C27CE44-0F33-42CC-8A30-4A08369EB7B3}) (Version: 1.3.1.0 - Brother Industries Ltd.) Hidden
ESET Smart Security (HKLM\...\{DAA963B2-AEF7-480C-940D-56D4387E345B}) (Version: 10.1.219.1 - ESET, spol. s r.o.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Find Subtitles 1.0 (HKLM-x32\...\{2DC8C516-D612-4EE8-A6AE-D356D637E132}_is1) (Version: 1.0 - Findsubtitles.com)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF20FF00FF2801F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HP DesignJet T120 and T520 Printer Series (HKLM-x32\...\HPAmpereXL) (Version: - Hewlett-Packard Co.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP T120 and T520 series ICC Profiles (HKLM\...\{4F9E7F57-1D06-4B50-9691-813F87C655B8}) (Version: 2.0.0 - HP Inc.)
HP Web Registration (HKLM-x32\...\{D2FF897E-4A99-446E-8BB4-DD99CD496838}) (Version: 1.3.0.0 - HP Inc.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
K-Lite Mega Codec Pack 12.6.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.6.5 - KLCP)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.3.0 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.3.0 (x86 sk)) (Version: 52.3.0 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetworkRepairTool (HKLM-x32\...\{947DE453-69FD-4CF6-A682-04D1308C79AF}) (Version: 1.2.15.0 - Brother Industries, Ltd.) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Odinštalovať tlačiareň EPSON WF-7525 Series (HKLM\...\EPSON WF-7525 Series) (Version: - SEIKO EPSON Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PC-FAXReceive (HKLM-x32\...\{5A00BD65-623B-430A-9EE4-EA2A943B91F9}) (Version: 1.6.14.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{3C17737F-A6C4-4528-9A60-06DD0D4B3A63}) (Version: 1.0.18.1 - Brother Industries Ltd.) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.4.0 - pdfforge GmbH)
PDFTools Version 1.2 (09/28/2006) (HKLM-x32\...\PDFTools_is1) (Version: 1.0 - www.SheelApps.com - Sheel Khanna)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PROFIT 2016.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
RemoteSetup (HKLM-x32\...\{BDD8C463-1183-4A91-9EC8-BF68E4ECA9B6}) (Version: 3.9.2.1 - Brother Industries Ltd.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
SketchUp 2017 (HKLM\...\{BCA90A4C-9C6A-49D1-91F9-594A0BE02432}) (Version: 17.1.174 - Trimble, Inc.)
SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
StatusMonitor (HKLM-x32\...\{0B96D5AD-FADB-4232-9337-D09F631BF958}) (Version: 1.17.13.0 - Brother Insutries Ltd.) Hidden
Surfer 8 (HKLM-x32\...\{18A64EE3-F1FE-46F3-AAE1-8CDB35B6038B}) (Version: 8.1.24.0 - Golden Software, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TimeMaker v1.0 (remove only) (HKLM-x32\...\TimeMaker) (Version: - )
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Total Uninstall 6.7.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.7.1 - Gavrila Martau)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
V-Ray for 3dsmax 2012 for x64 (HKLM\...\V-Ray for 3dsmax 2012 for x64) (Version: 2.00.03 - Chaos Software Ltd)
WhatsApp (HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\WhatsApp) (Version: 0.2.4240 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Architecture 2011\Program\APIContext.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-31] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers1-x32: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1-x32: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers1-x32-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2010-01-11] (Autodesk, Inc.)
ContextMenuHandlers1-x32-x32: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers1-x32-x32: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1-x32-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers1-x32-x32: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers2: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers2: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2011-04-18] (Igor Pavlov)
ContextMenuHandlers4-x32: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers4-x32: [Explorer Context Menu] -> {82C63EC5-1B4C-43B7-7AC8-57148B696B95} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers4-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-31] (Google)
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-04-27] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers6: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {027C7758-15AB-4248-862E-2734580A80F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {27B0D091-3E4B-42A0-B2E8-CB06832F8BF4} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-01] ()
Task: {566990E0-29E5-4626-8339-E4559127C02B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7703619C-BE04-482F-A73E-F672D5E07F38} - System32\Tasks\GoogleUpdateTaskMachineCore1d042bafdedf0fc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8D153BB0-BAB0-431B-B817-B1A575DA8AC1} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {95BA3671-57FA-4E55-A11E-25525CBAD1A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-14] (Adobe Systems Incorporated)
Task: {98A11938-152B-43DE-9FFF-E971030CA039} - System32\Tasks\AdobeAAMUpdater-1.0-Viliam-PC-Viliam => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {BF9A7B0F-2567-4D69-829C-D219E74C15E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d000d9df8e4a8e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D0244428-2D96-447B-AAD7-235992F91B2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {E5FB5649-7726-42B1-A7C7-1FDF7DD53223} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-02-22 21:52 - 2011-02-22 21:52 - 000086016 _____ () C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
2017-09-04 14:36 - 2005-04-22 13:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
2017-08-31 17:18 - 2017-08-31 17:18 - 040257336 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2014-09-25 20:44 - 2014-09-25 20:44 - 000049152 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2017-10-06 07:31 - 2017-10-06 07:31 - 000088064 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\_ctypes.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000918528 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\_hashlib.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000098816 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32api.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000110080 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\pywintypes27.dll
2017-10-06 07:31 - 2017-10-06 07:31 - 000364544 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\pythoncom27.dll
2017-10-06 07:31 - 2017-10-06 07:31 - 000686080 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\unicodedata.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000320512 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32com.shell.shell.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 001177088 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\wx._core_.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000806912 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\wx._gdi_.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000816640 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\wx._windows_.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 001067520 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\wx._controls_.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000733696 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\wx._misc_.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000736256 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\pysqlite2._sqlite.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000119808 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32file.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000108544 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32security.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000007168 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\hashobjs_ext.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000017920 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\thumbnails_ext.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000082432 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\usb_ext.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000013824 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\common.time34.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000018432 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32event.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000088576 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\windows.volumes.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000017408 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\windows.winwrap.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000167936 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32gui.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000046080 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\_socket.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 001309696 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\_ssl.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000129536 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\_elementtree.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000127488 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\pyexpat.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000038912 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32inet.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000077824 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\wx._html2.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000036864 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\_psutil_windows.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000524248 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\windows._lib_cacheinvalidation.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000011264 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32crypt.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000218624 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\PIL._imaging.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000027648 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\_multiprocessing.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000020480 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\_yappi.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000035840 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32process.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000024064 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32pipe.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000010240 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\select.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000025600 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32pdh.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000058880 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\windows.device_monitor.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000017408 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32profile.pyd
2017-10-06 07:31 - 2017-10-06 07:31 - 000022528 _____ () C:\Users\Viliam\AppData\Local\Temp\_MEI9642\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1874787081-2499585647-251443779-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1874787081-2499585647-251443779-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Viliam\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: DragonUpdater => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk => C:\Windows\pss\CodeMeter Control Center.lnk.CommonStartup
MSCONFIG\startupreg: ABUNINSTALLEX => c:\programdata\ab studio\ABUnInstallEx.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Viliam\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: I16A => C:\Windows\twain_32\Brimi16a\Common\TwDsUiLaunch.exe
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Viliam\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0E574DCB-C06B-4EB7-827C-88945CB4C825}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E42F1230-37D7-4DB5-AB4C-8B9E496CAD7D}] => (Allow) C:\Users\Viliam\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{B5B2AF09-F39D-4081-B2F5-F2C0A9034429}] => (Allow) C:\Users\Viliam\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{FE6C10E6-5866-461E-812F-61D8A3BBE8AF}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{EEE47C0A-C9E3-44E7-8337-8D3B0973FCBB}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{57A5B90C-5272-41A3-857B-D5F8CC73DDE3}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{1DD7E255-0CEB-46B8-841A-87B9ED7B79F7}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{8B68BDAE-6824-4A6A-8781-B30AEA4210BF}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{8F6EE632-F3F9-4921-93C8-E523E7979AC3}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{26E68B4F-3C90-4988-9EDB-7A42A72A83B2}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{61919F9A-2F4A-41CD-8838-FCA3A91CF080}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{66F5D497-D314-4919-972C-040F656217A9}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{2179B923-CDED-4B91-8D90-CBF83B6FC6D3}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{DDD5B644-198E-4F5A-8618-70E44E24B184}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{F7E48E0A-8FEC-4A10-8C97-9817E575E66B}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{0FAC6549-79C3-4C0E-A94E-F985DC5F9357}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{AB88F2A3-3FA3-4CC4-9553-099D78C96076}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F2B326AF-34C6-4616-AD79-689A1E82B9A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C8D9041E-124D-4842-9A62-0958141B9A01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7C038A95-0B76-40FE-9AF5-7D503B3523A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C1E9EBDF-2457-4BB9-B884-9BF1224F2EB0}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{84478CE4-EB66-49AF-A8A6-7EAB7B9342F8}C:\users\viliam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\viliam\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D43E1E29-3773-4CBD-9A95-683D7870A370}C:\users\viliam\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\viliam\appdata\local\akamai\netsession_win.exe
FirewallRules: [{E0C5EADE-BC30-4FCF-8487-67C38F68114D}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 20\ARCHICAD.exe
FirewallRules: [{8DB485EE-BF3C-41D7-BDE2-062449175582}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 20\CineRender\CineRender 64bit.exe
FirewallRules: [{B0FFFBEB-0685-415F-B6E3-DDAECC222BDC}] => (Allow) C:\Program Files\GRAPHISOFT\ARCHICAD 20\BIMxUploader.exe
FirewallRules: [{9431098C-81C5-4032-A264-29449342707B}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 20\OverwatchServer.exe
FirewallRules: [{E27890A1-102D-4870-9944-4DB6638A377F}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{D5200B13-496E-4AB4-89E5-D5A8FDB31DD6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{23407D28-2E16-46C3-A085-F857FF24C4A6}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{847C9B97-3374-4D93-9FE1-C9F61B17DA37}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{95EED7BC-2238-4B0D-B6BA-E69B5E6C5001}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{344B58A1-2ED3-47D4-8C41-D11422073F38}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{08958AFB-4E34-4CB0-893C-BB9EE774C973}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C6249BD-279F-4DE5-9C48-9B01D338D62C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D2183E5B-B20A-4CB8-81E1-703003B0319A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A6568265-F951-4201-BE42-1566AD03ABA5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13c\FAXRX.EXE
FirewallRules: [{06D8FB69-9EDF-4865-8C0D-CBC5863D6160}] => (Allow) LPort=54925
FirewallRules: [{4A4148B6-D267-4FD8-81FA-8176E711F60F}] => (Allow) LPort=54925
FirewallRules: [{904D1797-896D-4F8B-880D-B921D6C57338}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe
FirewallRules: [{444B72D3-4A36-43ED-8040-41FBCDEE417D}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe
FirewallRules: [{CAF2405A-5E3B-4D05-A5BD-5951F06344EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

13-09-2017 16:39:27 Scheduled Checkpoint
20-09-2017 17:01:50 Scheduled Checkpoint
28-09-2017 15:46:02 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/05/2017 08:10:29 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Autodesk\Composite 2012\python\lib\distutils\command\wininst-8_d.exe".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (10/04/2017 09:16:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 3.10.2017.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a70

Start Time: 01d33d44f4028e6f

Termination Time: 8

Application Path: C:\Users\Viliam\Desktop\FRST64.exe

Report Id: 54fcffff-a938-11e7-af2a-00266c530562

Error: (10/04/2017 09:10:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2607463

Error: (10/04/2017 09:10:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2607463

Error: (10/04/2017 09:10:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2017 09:10:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2606465

Error: (10/04/2017 09:10:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2606465

Error: (10/04/2017 09:10:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/04/2017 09:10:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2605467

Error: (10/04/2017 09:10:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2605467

System errors:
=============
Error: (10/06/2017 07:30:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/06/2017 07:30:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/05/2017 08:48:50 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{0EC6516A-4869-4E9A-A955-E6A601F46FB9}.
The backup browser is stopping.

Error: (10/05/2017 08:44:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/05/2017 08:44:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (10/05/2017 08:42:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/05/2017 08:42:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/05/2017 08:42:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (10/05/2017 08:42:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (10/05/2017 08:42:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management & Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 58%
Total physical RAM: 3957.86 MB
Available physical RAM: 1629.12 MB
Total Virtual: 7913.9 MB
Available Virtual: 5914.63 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:195.21 GB) (Free:57.58 GB) NTFS
Drive d: (Data) (Fixed) (Total:736.2 GB) (Free:149.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 91006D53)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#10 Příspěvek od **Rudy** » 06 říj 2017 16:21

Pátral jsem po příčinách vytváření těchto uživatelských profilů a zjistil, že by toto měl vytvářet sám ESET, konkrétně System ESET LiveGrid. Proč, to jsem se nedověděl, zkuste na jeji tech podporu dát dotaz. Nyní ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Policies\Explorer: []
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Viliam\AppData\Local\Akamai
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe => No File
ContextMenuHandlers1-x32: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers2: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers6: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {566990E0-29E5-4626-8339-E4559127C02B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7703619C-BE04-482F-A73E-F672D5E07F38} - System32\Tasks\GoogleUpdateTaskMachineCore1d042bafdedf0fc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BF9A7B0F-2567-4D69-829C-D219E74C15E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d000d9df8e4a8e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
C:\Users\Viliam\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

EmptyTemp:
ResetHosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

zack111 · #11 Příspěvek od **zack111** » 07 říj 2017 08:04

diky za radu, napišem teda na tu tech. podporu. nižšie posielam log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2017
Ran by Viliam (07-10-2017 08:59:18) Run:1
Running from C:\Users\Viliam\Desktop
Loaded Profiles: Viliam (Available Profiles: Viliam & Ján)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Run: [] => [X]
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\...\Policies\Explorer: []
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Viliam\AppData\Local\Akamai
CustomCLSID: HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe => No File
ContextMenuHandlers1-x32: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers2: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers4-x32: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers6: [ALZip] -> {4EB37360-49E8-11D3-95B5-004033382980} => C:\Program Files (x86)\ESTsoft\ALZip\AZCTM64.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {566990E0-29E5-4626-8339-E4559127C02B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7703619C-BE04-482F-A73E-F672D5E07F38} - System32\Tasks\GoogleUpdateTaskMachineCore1d042bafdedf0fc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BF9A7B0F-2567-4D69-829C-D219E74C15E6} - System32\Tasks\GoogleUpdateTaskMachineUA1d000d9df8e4a8e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
C:\Users\Viliam\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

EmptyTemp:
ResetHosts:
End
*****************

HKU\S-1-5-21-1874787081-2499585647-251443779-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-1874787081-2499585647-251443779-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Users\Viliam\AppData\Local\Akamai => moved successfully
HKU\S-1-5-21-1874787081-2499585647-251443779-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E} => key removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ALZip => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{4EB37360-49E8-11D3-95B5-004033382980} => key removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\ALZip => key removed successfully
HKLM\Software\Classes\CLSID\{4EB37360-49E8-11D3-95B5-004033382980} => key removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ALZip => key removed successfully
HKLM\Software\Classes\CLSID\{4EB37360-49E8-11D3-95B5-004033382980} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ALZip => key removed successfully
HKLM\Software\Classes\CLSID\{4EB37360-49E8-11D3-95B5-004033382980} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => key removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{566990E0-29E5-4626-8339-E4559127C02B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{566990E0-29E5-4626-8339-E4559127C02B} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7703619C-BE04-482F-A73E-F672D5E07F38} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7703619C-BE04-482F-A73E-F672D5E07F38} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d042bafdedf0fc => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d042bafdedf0fc => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF9A7B0F-2567-4D69-829C-D219E74C15E6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF9A7B0F-2567-4D69-829C-D219E74C15E6} => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d000d9df8e4a8e => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d000d9df8e4a8e => key removed successfully

"C:\Users\Viliam\AppData\Local\Temp" folder move:

Could not move "C:\Users\Viliam\AppData\Local\Temp" => Scheduled to move on reboot.

C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully.
ResetHosts: => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23364384 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 1178 B
Edge => 0 B
Chrome => 402142045 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33320 B
systemprofile32 => 33320 B
LocalService => 33192 B
NetworkService => 1318 B
Viliam => 225938932 B
Ján => 75315 B

RecycleBin => 1068628 B
EmptyTemp: => 630.5 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-10-2017 09:01:25)

C:\Users\Viliam\AppData\Local\Temp => moved successfully

==== End of Fixlog 09:01:26 ====

#12 Příspěvek od **Rudy** » 07 říj 2017 10:07

Smazáno, log by již měl být OK. To zjištění bylo překvapením pro mne samotného. Nemáte zač!

zack111 · #13 Příspěvek od **zack111** » 10 říj 2017 07:29

díky za Váš čas
to neznáme konto je tam ale stále i po opätovnom zmazaní. Písal som už na tech. podporu Esetu, zatial ale bez odpovede.

#14 Příspěvek od **Rudy** » 10 říj 2017 16:41

Právěže to ESET obnovuje. Prtoč se tak děje, nevím. Oni by vám to měli zodpovědět.

zack111 · #15 Příspěvek od **zack111** » 11 říj 2017 15:07

dozvedel som sa teda že ten účet vytvoril Eset. Prečo pod takým divným názvom pripomínajúci malware som sa nedozvedel. A hlavne vytvoril sa sám bez upozornenia pričom jeden fantomovy učet už nastavený mám.
Každopádne díky za kontrolu logu. Po dlhom čase sa to už určite mojemu PC hodilo.

VIRY.CZ

samovytvořeni uživatelského konta

samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta

Re: samovytvořeni uživatelského konta