Vytazenie RAM pamate

Zpráva

branno · #1 Příspěvek od **branno** » 28 říj 2020 22:18

Ahojte, prosim nasiel by si niekto cas a mohol sa mi pozriet na moj log? pred tyzdnom som dokupil novu ramku do pc, mam celkovo 12 gb, vsetko fungovalo fajn, do chvile ako som kupil novu graficku kartu a nainstaloval nan rozne drivery, ktore boli na prilizenom cd. Graficka karta mi nevyhovovala, mierne sekal pc, tak som si vratil naspat staru a vymazal vsetky ovladace od novej grafiky, tie stare v tej dobe som nemazal. Od vtedy mam problem ze pc je hlucnejsi a ked pozriem v spravcovi vykon, stale je tam vytazenie ram cca 4 gb, uz po spusteni pc mam 2 gb.. Predtym som to mal vzdy na nule, trosku aj pomalsi pc ide.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Brano at 2020-10-28 22:15:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 154 GB (16%) free of 954 GB
Total RAM: 12240 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:36, on 28. 10. 2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Brano.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.sk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: STATISTICA Browser Helper - {990A8747-93BF-4EF7-B72E-94A6884B98C2} - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Web Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\PROGRA~2\ACCESS~1\ACCESS~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: Monitor Cartridge Alerts - HP DJ 2600 series.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Volanie kliknutím - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sparx Systems Keystore Service (Sparx Keystore) - Unknown owner - C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe

--
End of file - 12380 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
taskeng.exe {D9C54A52-929F-45B2-A100-D4EF2D4E2194}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k bthaudiosvc
"C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP DeskJet 2600 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN81S4B63V06PS;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe"
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe"
WLIDSvcM.exe 2932
"C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe"
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\ESET\ESET Smart Security\eguiproxy.exe" /hide
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Windows\system32\AUDIODG.EXE 0x6c8
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.0.1557755883\1627878869" -parentBuildID 20201027185343 -prefsHandle 1132 -prefMapHandle 1124 -prefsLen 1 -prefMapSize 269756 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 1204 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.6.190911086\1643238703" -childID 1 -isForBrowser -prefsHandle 2252 -prefMapHandle 2244 -prefsLen 679 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 2260 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.13.155408838\1478240627" -childID 2 -isForBrowser -prefsHandle 3532 -prefMapHandle 3528 -prefsLen 679 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 3544 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.20.69564382\1153887543" -childID 3 -isForBrowser -prefsHandle 2596 -prefMapHandle 2588 -prefsLen 7058 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 2572 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.27.589558374\1432945925" -childID 4 -isForBrowser -prefsHandle 4188 -prefMapHandle 4136 -prefsLen 7792 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 4200 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.34.1865134749\912989591" -childID 5 -isForBrowser -prefsHandle 4336 -prefMapHandle 3796 -prefsLen 7792 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 4384 tab
"C:\Program Files\net.downloadhelper.coapp\bin/net.downloadhelper.coapp-win-64.exe" "C:\Program Files\net.downloadhelper.coapp\firefox.net.downloadhelper.coapp.json" {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
\??\C:\Windows\system32\conhost.exe "12259701421960818799703047373-1273203550412063219-1521488755-773861657261888425
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.41.1411066834\734212427" -childID 6 -isForBrowser -prefsHandle 4484 -prefMapHandle 4184 -prefsLen 8224 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 2108 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.55.1642218867\1352882189" -childID 8 -isForBrowser -prefsHandle 5260 -prefMapHandle 5104 -prefsLen 8264 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 9096 tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.62.1140089734\1989162856" -childID 9 -isForBrowser -prefsHandle 5212 -prefMapHandle 9084 -prefsLen 8311 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 5192 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4788.69.1373028777\160666525" -childID 10 -isForBrowser -prefsHandle 3260 -prefMapHandle 5048 -prefsLen 8311 -prefMapSize 269756 -parentBuildID 20201027185343 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4788 "\\.\pipe\gecko-crash-server-pipe.4788" 5252 tab
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 8CBF07BB-9472-D426-7700-624CDE5C6504 -Reinvoke
"C:\Users\Brano\Downloads\Programs\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

=========Mozilla firefox=========

ProfilePath - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871

prefs.js - "browser.startup.homepage" - "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.238 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.238 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-05 542264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13 210632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files\StatSoft\STATISTICA 12\StaBHO.dll [2014-04-19 286800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-10-17 984456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-05 461880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{990A8747-93BF-4EF7-B72E-94A6884B98C2}]
STATISTICA Browser Helper - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll [2014-04-18 238160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-10-17 687504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{11352A67-0178-46B1-8855-D50B2F81C054} - Web Accessibility Toolbar - C:\PROGRA~2\ACCESS~1\ACCESS~1.DLL [2007-06-19 427520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [2020-03-07 180736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2019-05-05 4064368]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-05-19 9773272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-02-15 2694320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28 500936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2017-05-19 9773272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /systray /nologon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2020-10-23 3416352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Brano\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do aplikácie OneNote.lnk]
C:\PROGRA~2\MICROS~1\root\Office16\ONENOTEM.EXE [2020-10-17 171320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do programu OneNote.lnk]
C:\PROGRA~1\MICROS~2\Office15\ONENOTEM.EXE [2012-10-01 185992]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-08-30 676608]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2017-04-11 225944]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2017-03-23 2133216]

C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Monitor Cartridge Alerts - HP DJ 2600 series.lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.bdmpeg"=bdmpega64.acm
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit -
.js - open - "C:\Program Files\JetBrains\PhpStorm 2018.2.4\bin\phpstorm64.exe" "%1"

======List of files/folders created in the last 1 month======

2020-10-28 22:05:02 ----D---- C:\Program Files (x86)\Mozilla Firefox
2020-10-26 17:32:34 ----A---- C:\Windows\system32\OpenCL.dll
2020-10-26 17:32:34 ----A---- C:\Windows\system32\drivers\nvvhci.sys
2020-10-26 15:30:28 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2020-10-26 15:30:10 ----D---- C:\ProgramData\NVIDIA Corporation
2020-10-26 15:28:55 ----D---- C:\Program Files\NVIDIA Corporation
2020-10-26 15:27:05 ----D---- C:\NVIDIA
2020-10-26 15:26:26 ----N---- C:\Windows\gdrv2.sys
2020-10-22 20:52:18 ----D---- C:\Windows\pss
2020-10-22 17:46:44 ----D---- C:\Program Files (x86)\GPU-Z
2020-10-07 22:11:52 ----D---- C:\Users\Brano\AppData\Roaming\Winamp

======List of files/folders modified in the last 1 month======

2020-10-28 22:15:36 ----D---- C:\Windows\Prefetch
2020-10-28 22:15:35 ----D---- C:\Windows\Temp
2020-10-28 22:15:35 ----D---- C:\Program Files\trend micro
2020-10-28 22:14:34 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-28 22:14:33 ----RD---- C:\Program Files (x86)
2020-10-28 11:25:12 ----SHD---- C:\System Volume Information
2020-10-28 08:49:54 ----D---- C:\Windows\system32\config
2020-10-28 08:38:35 ----D---- C:\Windows\System32
2020-10-28 08:38:35 ----D---- C:\Windows\inf
2020-10-28 08:38:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-10-28 08:34:54 ----D---- C:\Windows\system32\Tasks
2020-10-28 00:00:33 ----D---- C:\Users\Brano\AppData\Roaming\DMCache
2020-10-27 22:30:52 ----D---- C:\Program Files (x86)\Steam
2020-10-26 17:55:49 ----D---- C:\Windows\system32\drivers
2020-10-26 17:55:48 ----D---- C:\Windows\system32\DriverStore
2020-10-26 17:55:31 ----HD---- C:\ProgramData
2020-10-26 17:55:31 ----D---- C:\Windows
2020-10-26 17:55:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2020-10-26 17:55:28 ----D---- C:\Windows\SysWOW64
2020-10-26 17:34:33 ----D---- C:\Windows\Help
2020-10-26 17:33:17 ----D---- C:\Windows\system32\catroot2
2020-10-26 15:33:11 ----SHD---- C:\Windows\Installer
2020-10-26 15:28:55 ----D---- C:\Program Files
2020-10-25 08:31:54 ----D---- C:\Users\Brano\AppData\Roaming\uTorrent
2020-10-25 08:25:15 ----D---- C:\Program Files\Common Files
2020-10-24 22:24:42 ----D---- C:\ProgramData\Avast Software
2020-10-17 09:38:08 ----D---- C:\Windows\Microsoft.NET
2020-10-17 07:52:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-10-17 07:50:21 ----D---- C:\Program Files (x86)\Microsoft Office
2020-10-08 18:37:24 ----RSD---- C:\Windows\assembly
2020-10-07 22:12:41 ----D---- C:\Program Files (x86)\Winamp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-12-19 381440]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2019-07-26 149144]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2019-07-26 189232]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2019-07-26 113336]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2018-12-20 229296]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 47632]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-30 11833856]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-30 608768]
R3 AmdTools64;AMD Special Tools Driver; C:\Windows\system32\DRIVERS\AmdTools64.sys [2018-03-23 58216]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2012-08-20 138568]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2012-08-20 416072]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-04-24 96768]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
S0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys []
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys []
S3 BthAudioHF;BthAudioHF Service; C:\Windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 csr_a2dp;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2009-12-21 78848]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2018-01-12 120416]
S3 gdrv2;gdrv2; \??\C:\Windows\gdrv2.sys [2020-10-26 32600]
S3 GVCIDrv;GVCIDrv; \??\C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys []
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2019-04-17 69840]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 158320]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2017-08-30 27136]
S3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2018-05-02 442848]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-29 23200]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2018-04-29 50136]
S4 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2018-04-29 82816]
S4 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2018-04-29 61520]
S4 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
S4 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2020-10-01 67456]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [2015-02-15 710320]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-30 241152]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 361984]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusti; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-10-09 11137416]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2020-03-07 2433232]
R2 HFGService;Handsfree Headset Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2017-09-28 21304]
R2 Sparx Keystore;Sparx Systems Keystore Service; C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [2014-05-19 446464]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [2017-06-21 492768]
R2 WsDrvInst;Wondershare Driver Install Service; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [2017-06-22 118048]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2017-03-04 5132888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\elevation_service.exe [2020-10-20 1406448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-10-28 221392]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 214856]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-10-24 1876256]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [2017-09-28 187904]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-08-13 335416]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 29 říj 2020 10:19

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . Jsou přesnější, než RSIT.

branno · #3 Příspěvek od **branno** » 29 říj 2020 22:35

Dobry vecer, nech sa paci:

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2020
Ran by Brano (administrator) on BRANO-PC (29-10-2020 22:26:52)
Running from C:\Users\Brano\Downloads
Loaded Profiles: Brano
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [180736 2020-03-07] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-08-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4064368 2019-05-05] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {003ea3d3-2aa6-11e4-afed-08606e8674f7} - E:\Startme.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {09e382df-f190-11e9-9abb-08606e8674f7} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {9e493240-6f1d-11e5-b102-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {b52b1a40-689a-11e3-b963-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {df8de1ea-d312-11e9-a8d5-08606e8674f7} - G:\Setup.exe
HKLM\...\Print\Monitors\HP 0053 Status Monitor: C:\Windows\system32\hpinksts0053LM.dll [485048 2016-10-14] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 2600 series): C:\Windows\system32\HPDiscoPM0053.dll [983176 2017-07-11] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\Windows\system32\novamnk7.dll [29504 2013-02-13] (Softland S.R.L. -> Softland)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe [2020-10-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Cartridge Alerts - HP DJ 2600 series.lnk [2020-10-29]
ShortcutAndArgument: Monitor Cartridge Alerts - HP DJ 2600 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP DeskJet 2600 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN81S4B63V06PS;CONNECTION=USB;MONITOR=1;
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02802E82-0A48-4E6F-AFCB-5FB450C74309} - System32\Tasks\{C84DF89B-871E-440B-8E9B-BDECE65199C4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\Instaluj.cz - 18054.exe" -d C:\Users\Brano\Downloads
Task: {09AC0BE8-1CD6-47A9-B238-82E0E676DD59} - System32\Tasks\GoogleUpdateTaskMachineCore1d042dc124dc7db => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {163EFA2C-38AA-413F-BDAD-BA54D6394F11} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {250A440C-F21A-4E9B-85AF-11BA22B5CD1C} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {2724522B-134A-474C-9EB6-DA7E9FACE99F} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4ab95c120830 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {2F2D65AD-C4F8-44F5-B1C3-D3431C44DF7A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3334144 2015-11-08] () [File not signed]
Task: {32441C47-2F8F-4469-B5B1-58C49153D824} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-13] (Adobe Inc. -> Adobe)
Task: {3E0BB8CC-BAAF-4755-9F67-95D7BAEB7025} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {405E13AC-8341-4B41-86DB-6906D50DF8C8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Brano-PC-Brano Brano-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {42DB5FF9-8672-4397-B127-FA54497FE901} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {42DB5FF9-8672-4397-B127-FA54497FE901} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {43BEF70E-7D7D-4844-80F7-DD54EC6A612A} - System32\Tasks\{DED9697D-1B88-4E5D-BC6B-283BA8F77FCB} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\cdbremse149.exe -d C:\Users\Brano\Downloads
Task: {444EE762-E700-43C5-AAA6-1E6B77ADB65F} - System32\Tasks\{C0FFF6C3-F189-469A-96CE-CF1023355F9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content\setup.exe" -d "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content"
Task: {462D39BE-6953-43CC-A06B-5D5128B4E36F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {478C3314-719B-4268-AC6B-76F41366753D} - System32\Tasks\{65F998B0-31C9-4897-81A5-C23132EBB797} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6\SETUP.EXE" -d "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6"
Task: {53535CE9-845F-4C20-B59D-EA690EA063B2} - System32\Tasks\HPCustPartic.exe_{E0D756EE-C284-4474-A930-0C4FB6A121F5} => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653064 2017-07-11] (Hewlett Packard -> HP Inc.)
Task: {58666CC9-C7CA-4EA7-B96E-2FF60D61FBA7} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653064 2017-07-11] (Hewlett Packard -> HP Inc.)
Task: {5C2AA820-6EDF-4565-B181-CEBCD60CD391} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2019-11-02] (Microsoft Corporation -> Microsoft)
Task: {662B7186-D8CE-45C9-9E4D-DBA79C0998CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {68A5B2D3-4CB8-4A5C-ABF2-79C1DFE6BA92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-13] (Adobe Inc. -> Adobe)
Task: {72D8AE31-A8C5-4B8A-9FA4-0CDEC4451D9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7619288 2017-05-19] (Piriform Ltd -> Piriform Ltd)
Task: {77CC796F-6917-4693-9E65-3A5A044432CA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {77CC796F-6917-4693-9E65-3A5A044432CA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {77CC796F-6917-4693-9E65-3A5A044432CA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {7BEC0D92-4600-4FCD-8F1D-762A0E1A0CC8} - System32\Tasks\{FDCFB939-C3C8-4E2C-AA87-30D7C63DB24C} => C:\Windows\system32\pcalua.exe -a F:\crack\crack\crack.exe -d F:\crack\crack
Task: {85AC58AD-A5CB-4041-BFC4-B01E33235F2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {85AC58AD-A5CB-4041-BFC4-B01E33235F2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {917062CA-8659-4C76-9C5C-071644AAA348} - System32\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {91F46D62-9AA5-4149-B8F3-7D67FEB099C3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {962D6EB6-5306-4D7F-8068-FD78EDFD8B26} - System32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {9BE904E5-0D6F-4578-A965-AE6E5384DE16} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BEE5AFF-A0A0-420F-9AF9-835D69EC27A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CA94012-1D15-4BCF-8CCC-C305482EE4EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D1794D0-0777-49AF-B3A8-33AEB21B71A2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A452A26B-12F5-4101-9FB0-33D758A989D5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115024 2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8087BE9-A643-4AC6-B4F2-1F1FECBCECE9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {AF10A9F9-D562-4C90-B5A4-13384DB689D3} - System32\Tasks\GoogleUpdateTaskMachineUA1cfffe641e69724 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B25DAD4D-AA08-4D93-9F4F-30626FAF15E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B33731B4-8588-421E-8A13-564665B5017D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115024 2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B909C1D2-71D1-415D-97FF-B099390953D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC66F365-810F-49E4-82A7-1CAAC6AB7A47} - System32\Tasks\{E7B74B5B-714F-413B-96C8-B96B5097D740} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\NetBeans 7.3.1\uninstall.exe"
Task: {D470150A-A015-4744-905F-E80EF2BF96B1} - System32\Tasks\{5CEF075C-C815-44AA-B567-3E1ADA22EC10} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTA IV čeština.exe" -d "C:\Users\Brano\Downloads\GTA IV"
Task: {DB86EA97-9714-452B-901D-E5CB9A1010EB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {DD849DB8-3AAE-4B53-AB66-9350FCC54043} - System32\Tasks\AdobeAAMUpdater-1.0-Brano-PC-Brano => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E25F9E5B-416F-4945-9E4A-F480DB92FA65} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {EB4235C3-D593-49CE-90C0-93636392E569} - System32\Tasks\{B8836964-1947-45DC-A13F-730BE3FAEC06} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\WAT20.exe -d C:\Users\Brano\Downloads
Task: {EFDC00BA-EC82-48B9-9276-3EF237F634F5} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {FB33DE0A-443E-44E7-8BB4-EB95E0E9EB6D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FB5D0226-28C7-4084-9DAD-B72FAAF9E695} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4ab95ae36ed2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{9B9F017D-318D-4653-90E8-C8604C546AC6}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{E3DF3D7D-4BAF-48EC-AE63-2096B45D5CF1}: [DhcpNameServer] 192.168.1.1 195.146.128.62

FireFox:
========
FF DefaultProfile: 6ibij09m.default-1474735892871
FF ProfilePath: C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 [2020-10-29]
FF Homepage: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> www.google.sk
FF NewTab: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> www.google.sk
FF Notifications: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> hxxps://badoo.com; hxxps://www.instagram.com; hxxps://tinder.com; hxxps://www.aliexpress.com; hxxps://www.youtube.com; hxxps://www.facebook.com
FF Extension: (Video DownloadHelper) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-30]
FF Extension: (Web Developer) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2020-01-17]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-05-02] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Brano\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Brano\AppData\Roaming\IDM\idmmzcc5 [2019-05-10] [Legacy] [not signed]
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-13] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-10-29]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default [2020-09-28]
CHR DownloadDir: C:\Users\Brano\Desktop\LENOVO
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com
CHR Extension: (Dokumenty) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-30]
CHR Extension: (Disk Google) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Adblock pre Youtube™) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-03-22]
CHR Extension: (Google Search) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (Mendeley Web Importer) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2020-09-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-20]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-20]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-20]
CHR Extension: (IDM Integration Module) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (Scopus Document Download Manager) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojplelelocihfchkdaebocpankipadmp [2020-09-19]
CHR Extension: (Gmail) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-20]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-05]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-13] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-02-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2433232 2020-03-07] (ESET, spol. s r.o. -> ESET)
R2 HFGService; C:\Windows\System32\HFGService.dll [535552 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 Sparx Keystore; C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [446464 2014-05-19] () [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [416072 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [52224 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [78848 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2018-01-12] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-07-26] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50136 2018-04-29] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-04-29] (ESET, spol. s r.o. -> ESET)
S4 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61520 2018-04-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [113336 2019-07-26] (ESET, spol. s r.o. -> ESET)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-10-26] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S1 prodrv06; C:\Windows\SysWOW64\drivers\prodrv06.sys [52128 2003-10-10] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [62720 2003-10-10] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-19] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
U3 aqenpjun; C:\Windows\System32\Drivers\aqenpjun.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
S3 GVCIDrv; \??\C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys [X]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-29 22:26 - 2020-10-29 22:29 - 000036124 _____ C:\Users\Brano\Downloads\FRST.txt
2020-10-29 22:25 - 2020-10-29 22:25 - 002299904 _____ (Farbar) C:\Users\Brano\Downloads\FRST64.exe
2020-10-28 22:05 - 2020-10-29 08:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-10-26 17:46 - 2020-10-29 08:30 - 000003490 _____ C:\Windows\system32\Tasks\AutoKMS
2020-10-26 17:44 - 2020-10-26 17:44 - 000000000 ____D C:\Users\Brano\AppData\Local\CrashDumps
2020-10-26 17:32 - 2020-10-02 01:59 - 000449264 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-10-26 17:32 - 2020-10-01 07:54 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2020-10-26 16:07 - 2020-10-26 16:07 - 000000000 ____D C:\Users\Brano\ansel
2020-10-26 15:30 - 2020-10-26 17:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-26 15:30 - 2019-04-17 08:42 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2020-10-26 15:28 - 2020-10-26 17:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-26 15:27 - 2020-10-26 15:27 - 000000000 ____D C:\NVIDIA
2020-10-26 15:26 - 2020-10-26 15:26 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\gdrv2.sys
2020-10-26 15:26 - 2020-10-26 15:26 - 000000000 ____D C:\Users\Brano\Documents\temp
2020-10-26 14:09 - 2020-10-26 14:09 - 000000000 ____D C:\Users\Brano\AppData\Local\GIGABYTE
2020-10-25 10:13 - 2020-10-25 10:13 - 000000000 _____ C:\Users\Brano\Downloads\Detection.exe
2020-10-24 22:31 - 2020-10-24 22:33 - 000000000 ____D C:\Users\Brano\Downloads\Supernatural Season 13 COMPLETE S13 720P HEVC BLUURY
2020-10-24 22:25 - 2020-10-24 22:25 - 005116976 _____ (BitTorrent Inc.) C:\Users\Brano\Downloads\uTorrent.exe
2020-10-24 22:24 - 2020-10-24 22:24 - 000001820 _____ C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-10-24 22:23 - 2020-10-24 22:24 - 020625752 _____ (BitTorrent, Inc.) C:\Users\Brano\Downloads\utweb_installer.exe
2020-10-22 20:52 - 2020-10-22 20:52 - 000000000 ____D C:\Windows\pss
2020-10-22 17:46 - 2020-10-22 17:46 - 009968600 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Brano\Downloads\GPU-Z.2.35.0.exe
2020-10-22 17:46 - 2020-10-22 17:46 - 000000979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000967 _____ C:\Users\Public\Desktop\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000967 _____ C:\ProgramData\Desktop\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2020-10-21 09:02 - 2020-10-25 13:14 - 000000695 _____ C:\Users\Brano\Desktop\Nový textový dokument.txt
2020-10-18 15:08 - 2020-10-18 15:08 - 029689035 _____ C:\Users\Brano\Downloads\ISTQB Test(1).zip
2020-10-18 13:19 - 2020-10-18 13:19 - 000957963 _____ C:\Users\Brano\Downloads\ISTQB_CTFL_Syllabus_SK_2018_3.1-1.pdf
2020-10-13 16:41 - 2020-10-13 16:41 - 029689035 _____ C:\Users\Brano\Downloads\ISTQB Test.zip
2020-10-08 19:05 - 2020-10-08 19:08 - 000000000 ____D C:\Users\Brano\AppData\Local\CallofDuty4MW
2020-10-08 19:05 - 2020-10-08 19:05 - 000000000 ____D C:\Users\Brano\AppData\Local\CrashRpt
2020-10-08 18:03 - 2020-10-08 18:03 - 000000220 _____ C:\Users\Brano\Desktop\Call of Duty 4 Modern Warfare.url
2020-10-08 17:58 - 2020-10-08 17:58 - 000000985 _____ C:\Users\Brano\Desktop\Steam.lnk
2020-10-08 14:25 - 2020-09-24 05:40 - 162341713 _____ C:\Users\Brano\Desktop\FILE200924-063547-000004F.MOV
2020-10-08 14:24 - 2020-09-24 05:45 - 171017075 _____ C:\Users\Brano\Desktop\FILE200924-064047-000005F.MOV
2020-10-08 14:23 - 2020-09-24 15:21 - 294959245 _____ C:\Users\Brano\Desktop\FILE200924-161801-000028F.MOV
2020-10-07 22:11 - 2020-10-07 22:36 - 000000000 ____D C:\Users\Brano\AppData\Roaming\Winamp
2020-10-07 22:08 - 2020-10-07 22:09 - 008201952 _____ (Nullsoft, Inc.) C:\Users\Brano\Downloads\winamp58_3660_beta_full_en-us.exe
2020-10-07 22:05 - 2020-10-07 22:32 - 000000000 ____D C:\Users\Brano\Desktop\Stare pecky do auta

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-29 22:28 - 2015-09-20 14:52 - 000000000 ____D C:\FRST
2020-10-29 22:22 - 2018-01-12 09:32 - 000000388 _____ C:\Windows\Tasks\update-sys.job
2020-10-29 22:21 - 2016-11-25 19:19 - 000000000 ____D C:\Users\Brano\AppData\LocalLow\Mozilla
2020-10-29 22:17 - 2018-01-12 09:32 - 000000388 _____ C:\Windows\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job
2020-10-29 17:58 - 2020-02-06 17:31 - 000005012 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for Brano-PC-Brano Brano-PC
2020-10-29 08:40 - 2009-07-14 05:45 - 000035776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-10-29 08:40 - 2009-07-14 05:45 - 000035776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-10-29 08:36 - 2013-12-18 21:11 - 000000000 ____D C:\Users\Brano\AppData\Local\Adobe
2020-10-29 08:30 - 2009-07-14 06:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-29 08:30 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-10-29 08:24 - 2016-09-24 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-29 08:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-29 00:00 - 2019-08-14 16:24 - 000000000 ____D C:\Program Files (x86)\Steam
2020-10-29 00:00 - 2019-05-10 08:23 - 000000000 ____D C:\Users\Brano\AppData\Roaming\DMCache
2020-10-28 22:15 - 2014-07-08 07:52 - 000000000 ____D C:\Program Files\trend micro
2020-10-28 09:02 - 2018-05-02 08:56 - 000015834 _____ C:\Users\Brano\Desktop\MERANIE, 13 BIO TEST.txt
2020-10-26 20:46 - 2013-12-19 20:29 - 000000000 ____D C:\Users\Brano
2020-10-26 17:55 - 2014-05-26 08:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-26 17:34 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2020-10-25 08:31 - 2013-12-18 21:18 - 000000000 ____D C:\Users\Brano\AppData\Roaming\uTorrent
2020-10-24 22:30 - 2020-07-13 22:21 - 000000000 ____D C:\Users\Brano\AppData\LocalLow\uTorrent
2020-10-24 22:30 - 2019-05-24 18:20 - 000000000 ____D C:\Users\Brano\AppData\Local\BitTorrentHelper
2020-10-24 22:24 - 2020-07-13 22:21 - 000000000 ____D C:\ProgramData\Avast Software
2020-10-20 22:55 - 2013-12-18 20:52 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-17 07:52 - 2017-04-08 14:19 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-17 07:50 - 2014-05-11 17:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-14 07:49 - 2015-05-16 12:43 - 000003370 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e
2020-10-14 07:49 - 2015-05-16 12:43 - 000003242 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338
2020-10-08 19:02 - 2019-04-28 08:02 - 000000000 ____D C:\Users\Brano\Downloads\Compressed
2020-10-07 22:12 - 2013-12-19 11:31 - 000000000 ____D C:\Program Files (x86)\Winamp
2020-10-07 21:59 - 2018-05-09 19:20 - 000000000 ____D C:\Users\Brano\Downloads\Video
2020-10-07 21:52 - 2017-09-14 17:53 - 000000000 ____D C:\Users\Brano\Desktop\Jedalnicek
2020-10-07 21:48 - 2013-12-18 22:49 - 000000000 ___RD C:\Users\Brano\Filmy
2020-10-07 21:46 - 2013-12-18 21:37 - 000000000 ____D C:\Users\Brano\BStudio
2020-10-07 21:42 - 2020-08-19 20:55 - 000000000 ____D C:\Users\Brano\Desktop\Videa auto
2020-10-04 17:19 - 2018-04-23 16:04 - 000000000 ____D C:\Users\Brano\Documents\Bandicam

==================== Files in the root of some directories ========

2015-01-23 22:31 - 2018-09-08 12:39 - 000000132 _____ () C:\Users\Brano\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-05-18 17:24 - 2015-05-18 17:24 - 000000000 _____ () C:\Users\Brano\AppData\Roaming\AVSMediaPlayer.m3u
2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\Brano\AppData\Roaming\MafiaSetup.exe
2014-11-22 19:30 - 2014-11-22 19:34 - 000004096 ____H () C:\Users\Brano\AppData\Local\keyfile3.drm
2015-09-20 14:46 - 2015-09-20 14:50 - 000029696 _____ () C:\Users\Brano\AppData\Local\MSGBOX.EXE
2017-03-30 17:46 - 2017-03-30 17:46 - 000005487 _____ () C:\Users\Brano\AppData\Local\recently-used.xbel
2013-12-19 18:07 - 2013-12-24 22:21 - 000007597 _____ () C:\Users\Brano\AppData\Local\Resmon.ResmonCfg
2018-01-12 09:32 - 2018-01-12 09:32 - 000000003 _____ () C:\Users\Brano\AppData\Local\updater.log
2018-01-12 09:32 - 2018-04-25 13:22 - 000000425 _____ () C:\Users\Brano\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2010-11-21 04:24] - [2013-12-19 20:33] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 04:24] - [2013-12-19 20:33] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

LastRegBack: 2020-10-24 17:53
==================== End of FRST.txt ========================

ADDITION

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020
Ran by Brano (29-10-2020 22:30:33)
Running from C:\Users\Brano\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-19 19:29:50)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1572061999-2087841598-3217571495-500 - Administrator - Disabled)
Brano (S-1-5-21-1572061999-2087841598-3217571495-1000 - Administrator - Enabled) => C:\Users\Brano
Guest (S-1-5-21-1572061999-2087841598-3217571495-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1572061999-2087841598-3217571495-1006 - Limited - Enabled)
Oco (S-1-5-21-1572061999-2087841598-3217571495-1004 - Limited - Enabled) => C:\Users\Oco

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Airy (HKLM-x32\...\Airy_is1) (Version: 2.1.206 - Airy Team)
AMD Catalyst Install Manager (HKLM\...\{EDC0E654-60C7-758D-6B81-C8D3ACCEDEE5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
balenaEtcher 1.5.19 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.19 - Balena Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.3.1025 - Bandisoft.com)
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.5.0.592 - Bandicam.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bigasoft Total Video Converter 3.7.16.4643 (HKLM-x32\...\{a72ce741-1f32-4d79-bffb-a714375c678d}_is1) (Version: - Bigasoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
CD Bremse 1.49 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\CD Bremse_is1) (Version: 1.49 - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
dr.fone toolkit for Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.2.31.0 - ESET, spol. s r.o.)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FonePaw for Android 2.9.0 (HKLM-x32\...\{10E7BD57-C5FE-484f-A3F2-A1755286C0A7}_is1) (Version: 2.9.0 - FonePaw)
Font Validator (HKLM-x32\...\{330A929A-F800-4457-9706-DF19224D9770}) (Version: 1.0.0 - Microsoft)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free YouTube Downloader 4.1.559 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Git version 2.12.2 (HKLM\...\Git_is1) (Version: 2.12.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HeidiSQL 10.1.0.5464 (HKLM\...\HeidiSQL_is1) (Version: 10.1 - Ansgar Becker)
HP DeskJet 2600 series Basic Device Software (HKLM\...\{8DA7A239-79C2-49FC-826B-DD26A559FF60}) (Version: 43.2.2474.17192 - HP Inc.)
HP DeskJet 2600 series Help (HKLM-x32\...\{9A36A9D9-787C-4E75-914B-CF133FA88FC9}) (Version: 44.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{C68BD3B6-3CC4-4871-94D1-3412A571001F}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{763E42DC-F6DB-49E5-AAFD-CC3273F858CB}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{1E02EFE9-1EDB-4EE4-B02F-1B23C9AF3CD5}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{ADA6C223-3EEA-4CAF-822A-5380A7A40342}) (Version: 36.0.100.66344 - HP)
HP OneDrive Plugin (HKLM-x32\...\{16DB1A9B-1180-43E7-BE29-7201EE339206}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1F73FB9B-71BC-47F8-8AA6-DA9076E4E52B}) (Version: 43.0.0.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation)
Java SE Development Kit 7 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.2 (64-bit) (HKLM\...\{71307D56-8005-5F5E-9227-BFA2754D6E54}) (Version: 10.0.2.0 - Oracle Corporation)
JetBrains PhpStorm 2018.2.4 (HKLM-x32\...\PhpStorm 2018.2.4) (Version: 182.4505.42 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
K-Lite Mega Codec Pack 14.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.5 - KLCP)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Magic Video Converter 12.1.11.2 (HKLM-x32\...\Magic Video Converter_is1) (Version: - )
Mendeley Desktop 1.17.12 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.12 - Mendeley Ltd.)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneNote 2016 pre študentov a domácnosti - sk-sk (HKLM\...\OneNoteFreeRetail - sk-sk) (Version: 16.0.12527.21236 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.28.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.3.2217.1010 - Microsoft Corporation)
MKVToolNix 6.5.0 (HKLM-x32\...\MKVToolNix) (Version: 6.5.0 - Moritz Bunkus)
MobiKin Doctor for Android (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MobiKin Doctor for Android) (Version: 3.1.13 - MobiKin)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 82.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 82.0.2 (x86 sk)) (Version: 82.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 7 Premium (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51051}) (Version: 7.02.6446 - Nero AG)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PIXresizer (HKLM-x32\...\PIXresizer_is1) (Version: 2.0.8 - Bluefive software)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{EC27E742-EB04-4A2C-BA64-20271929528A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Product Improvement Study for HP DeskJet 2600 series (HKLM\...\{DF44980B-A87A-4945-937A-4812C29F4F32}) (Version: 43.2.2474.17192 - HP Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Sonic Foundry Preset Manager 1.0 (HKLM-x32\...\{7266C898-F9CB-4122-9452-2AA1DACE245E}) (Version: 1.0.73 - Sonic Foundry)
SourceTree (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SourceTree) (Version: 3.3.9 - Atlassian)
Sparx Systems Keystore Service (HKLM-x32\...\{F2043888-7783-4936-9B63-3B33FDB9EC4D}) (Version: 2.2.5 - Sparx Systems Pty Ltd)
STATISTICA 12.5.192.5 64-bit (HKLM\...\{BA4824C0-D7E0-B895-0692-DC95D557E10A}) (Version: 12.5.192.5 - StatSoft, Inc.)
STATNOVAPDF (novaPDF 7.7 printer) (HKLM\...\STATNOVAPDF_is1) (Version: - Softland)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
UltData - Windows 7.1.0.18 (HKLM-x32\...\{UltData - Windows}_is1) (Version: 7.1.0.18 - Tenorshare, Inc.)
Unity 2019.2.0b5 (HKLM-x32\...\Unity 2019.2.0b5) (Version: 2019.2.0b5 - Unity Technologies ApS)
Unity Hub 2.1.3 (HKLM\...\Unity Technologies - Hub) (Version: 2.1.3 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{ECBF7F4D-CD2F-4B70-9060-A2C69AD26F9E}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
VdhCoApp 1.2.2 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VideoProc (HKLM-x32\...\VideoProc) (Version: 3.5 - Digiarty, Inc.)
Visual Studio Community 2017 (HKLM-x32\...\06e29a39) (Version: 15.9.28307.905 - Microsoft Corporation)
Visual Studio Community 2019 (HKLM-x32\...\bd67fa66) (Version: 16.3.29424.173 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{D19BAD98-BFDD-4C70-B66C-EE75F851B9BC}) (Version: 16.3.29311 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DBA97C17-13F0-407B-8BC4-0C2E01A298A5}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{AD3B73B9-D5C8-4FF9-AB73-7A1DC39F3E02}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{6B065DCD-E730-4FCE-905D-2B3F30A91110}) (Version: 16.3.29230 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
Web Accessibility Toolbar 2.0 (HKLM-x32\...\Accessibility Toolbar_is1) (Version: 2.03.0 - Web Accessibility Tools Consortium (WAT-C))
Web Companion (HKLM-x32\...\{e18a90e3-7d5c-44d9-a915-b855ab3b1496}) (Version: 4.10.2225.4082 - Lavasoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 5.00 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare Video Converter Ultimate(Build 10.5.0.204) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.5.0.204 - Wondershare Software)
Wondershare Video Converter Ultimate(Build 6.0.3.2) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.0.3.2 - Wondershare Software)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.10-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers1: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2012-11-20] (Wondershare Software Co., Ltd. -> )
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Record To CD] -> {34F4B935-17DC-4885-8BC9-CCD1ADF42F93} => C:\Program Files\Alex Feinman\ISO Recorder\ISORecorder.dll [2010-06-08] (Alex Feinman) [File not signed]
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Create ISO Image from directory] -> {34F4B935-17DC-4885-8BC9-CCD1ADF42F93} => C:\Program Files\Alex Feinman\ISO Recorder\ISORecorder.dll [2010-06-08] (Alex Feinman) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1572061999-2087841598-3217571495-1000: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [70712 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [25640 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [70200 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2008-11-24] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2008-11-24] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2008-11-24] (NCT Company) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2008-11-24] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2008-11-24] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [66104 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [23080 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [66104 2013-08-05] (Bandisoft -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Brano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-04-22 12:13 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-04-22 12:13 - 2017-03-23 08:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2013-08-30 01:49 - 2013-08-30 01:49 - 000103424 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-08-30 01:40 - 2013-08-30 01:40 - 000834048 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-08-30 01:39 - 2013-08-30 01:39 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2017-09-28 15:52 - 2017-09-28 15:52 - 000128000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DXGIDebug.dll
2010-11-21 04:24 - 2013-12-19 20:33 - 001008640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2010-11-21 04:24 - 2013-12-19 20:33 - 000833024 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\USER32.dll
2019-03-09 17:11 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2018-01-12 09:32 - 2017-05-23 13:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-01-12 09:32 - 2017-05-23 13:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2019-03-09 17:11 - 2017-06-21 09:24 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2019-03-09 17:11 - 2017-06-21 09:24 - 000198144 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll
2019-04-22 12:13 - 2017-03-23 08:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.sk
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-05] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files\StatSoft\STATISTICA 12\StaBHO.dll [2014-04-19] (StatSoft, Inc. -> StatSoft, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-05] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll [2014-04-18] (StatSoft, Inc. -> StatSoft, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - Web Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files (x86)\Accessibility_Toolbar\Accessibility_Toolbar.dll [2007-06-19] (NILS Accessible Information Solutions) [File not signed]
Toolbar: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> No Name - {11352A67-0178-46B1-8855-D50B2F81C054} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-05-22 13:40 - 000000826 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\VDownloader;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Git\cmd;C:\xampp\php
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^Users^Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do aplikácie OneNote.lnk => C:\Windows\pss\Odoslanie do aplikácie OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do programu OneNote.lnk => C:\Windows\pss\Odoslanie do programu OneNote.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: uTorrent => "C:\Users\Brano\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D21B1771-2522-4491-B7A9-CADA137FAB33}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7013C732-79A0-4166-8C32-FF5F279992E7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{81EA731B-2141-4DD3-9739-7002AE39C819}] => (Allow) LPort=2869
FirewallRules: [{1FD47E96-0F51-4272-BC53-85810245B588}] => (Allow) LPort=1900
FirewallRules: [{1328E9CB-4665-4C27-BEF0-48157B231204}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1984EEB3-357C-4403-AF31-82115796A1C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6BC82C89-EF94-4205-90AA-78A57D42CC2A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB3D65B-EFAC-41CB-87EE-F7E0CAE1DE4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ACF18DC0-B385-40A4-9A8A-E0F912113193}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D45DDDE6-B05D-4300-99EB-1F69731A5380}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5339F94B-2FEE-4088-80EE-7BDA611C2B0C}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{845793B6-51AD-440E-A04A-5E6F8EC1CBEB}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{EB009958-651C-49D6-A31B-CC34C58BC010}] => (Allow) LPort=5357
FirewallRules: [{AB5DC447-2A99-45AF-BFA4-4121CFACFD31}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{26E0A095-01D0-430A-BA5E-736CA96FF0A4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{18CC0322-FF19-492B-AFE9-6097B8931B23}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{18971426-E9DA-4512-ADBA-1AB480A7EF5E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{8D62D761-74A4-4B31-B334-D57ECD411C25}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{C066FC4A-6062-4C3C-AEE2-1CDEDE4BCE3B}C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe
FirewallRules: [UDP Query User{2EB691A6-27AB-4E01-AB2D-6A05F0B57D09}C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe
FirewallRules: [TCP Query User{0F5BA401-5B5A-441D-8281-306D939663D0}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{CD348FCD-B073-412B-97E9-A334B0F0B99F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{32357E38-D5CD-4CB7-8446-2776D1BA8DA3}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [File not signed]
FirewallRules: [UDP Query User{AA5DE1E0-9F4A-47C8-B7AC-AB3A383AC2D9}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [File not signed]
FirewallRules: [TCP Query User{BFB8D076-53D2-40D4-B0B4-3B019DF4545C}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{D312778A-E90D-4C5B-A1B3-25230A5ADCD2}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{1733422F-A960-4A29-AD7C-9BEF581DBB5C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{288EA8B1-370F-41E0-A944-500459ECC311}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CD136CA1-536B-4858-A648-9207F380F2BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5ED74209-4945-4194-9871-512FE127DCA3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B93E31C-D226-43C7-B3A2-402C85446F38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8F6D240D-7EA5-4A17-ABFE-C7BCB26BDA12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{33272BC3-EB1B-482A-88E6-21EE1C0BBE27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{A792A035-3B2B-4244-BE9D-BE6FE1EB1EA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{4D59EE0F-B3B5-4A6B-85B8-5FAD66714C3E}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{007FBBDB-0B0F-4088-9E9F-7B4F6FEE5144}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{879029F2-381D-4E5B-8314-3096E383852A}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{CD1A30BE-791A-4A60-B016-9D5D4BF38CF6}] => (Allow) C:\Program Files\Unity\Hub\Editor\2019.2.0b5\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{82ED7ED6-63E9-4AAE-B312-DC5F38BFDEB6}] => (Block) C:\Program Files\Unity\Hub\Editor\2019.2.0b5\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{67A09A73-CB53-445C-ABDC-D2B9FCF6A6FB}C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{67AF297A-5066-451F-B3DC-9C0AD8540F9A}C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{687EAE79-40B2-4441-AA44-44608AEA369B}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{DF5E86FE-BF94-4EF6-8F8D-9613D3BC8A28}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4CF2952D-B9B3-438E-BB89-569A7876A1E5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{5FD36215-D857-4D03-960F-C9D92C586111}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{850BD309-3F3F-41F1-9EA4-BDE09ADACF3A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{1DD1E010-622F-4AF1-B0D3-ADABB737461F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{A1159810-3E9D-4A00-AF3E-7C78DC29B5FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{391AA469-8C15-480D-B2E2-F1B85086867B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{06F771F2-1999-4DC2-8370-C86F6E843875}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{A276FD26-8714-49DA-A800-8CF421098C3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{4F087E74-5FBE-4E99-A172-563CA6999866}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-10-2020 17:58:08 Plánovaný kontrolný bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/29/2020 10:03:04 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-05T07:29:04Z. Error Code: 0x80041321.

Error: (10/29/2020 08:05:39 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-05T07:29:39Z. Error Code: 0x80041321.

Error: (10/29/2020 08:40:35 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-05T07:29:35Z. Error Code: 0x80041321.

Error: (10/29/2020 08:34:59 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-05T07:28:59Z. Error Code: 0x80041321.

Error: (10/29/2020 08:30:53 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/29/2020 08:30:52 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/29/2020 08:26:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/28/2020 06:57:58 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-04T07:33:58Z. Error Code: 0x80041321.

System errors:
=============
Error: (10/29/2020 09:11:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/29/2020 06:03:56 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/29/2020 06:03:56 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/29/2020 05:58:38 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/29/2020 05:58:38 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/29/2020 05:58:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (10/29/2020 08:25:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (10/29/2020 08:25:54 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Windows Defender:
===================================
Date: 2014-07-09 17:33:24.219
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:26:00.305
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:18:42.187
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:18:36.747
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:Systém nemôže nájsť zadaný súbor.
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2020-10-26 17:24:16.653
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:16.606
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:15.701
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:15.654
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:03.801
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:03.754
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:02.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:02.693
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 5301 10/10/2012
Motherboard: ASUSTeK COMPUTER INC. F2A55
Processor: AMD Athlon(tm) X4 740 Quad Core Processor
Percentage of memory in use: 48%
Total physical RAM: 12240.01 MB
Available physical RAM: 6334.06 MB
Total Virtual: 24478.22 MB
Available Virtual: 17688.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:146.59 GB) NTFS

\\?\Volume{e3d1d243-6853-11e3-8e4f-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DDF9D34A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#4 Příspěvek od **Rudy** » 30 říj 2020 10:06

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

branno · #5 Příspěvek od **branno** » 30 říj 2020 21:46

Ked som dal scan, tak som ziadne opravy a cistenie tam uz potom nemal,

po minute mi nabehlo okno Vysledky testovanie a mozem to iba zrusit alebo dat do karanteny
Najdene polozky 15

v karte subory denika som nasiel akurat tento log:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-30-2020
# Duration: 00:00:57
# OS: Windows 7 Home Premium
# Scanned: 31837
# Detected: 15

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\Brano\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion C:\Users\Brano\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{e18a90e3-7d5c-44d9-a915-b855ab3b1496}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{e18a90e3-7d5c-44d9-a915-b855ab3b1496}|DisplayName
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.YTDToolbar HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
PUP.Optional.YTDToolbar HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

#6 Příspěvek od **Rudy** » 30 říj 2020 21:53

Dejte do karantény a pak dejte nové logy FRST+Addition.

branno · #7 Příspěvek od **branno** » 31 říj 2020 09:26

Nech sa paci

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2020
Ran by Brano (administrator) on BRANO-PC (31-10-2020 09:14:11)
Running from C:\Users\Brano\Downloads
Loaded Profiles: Brano
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe
() [File not signed] C:\Windows\AutoKMS\AutoKMS.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Brano\Downloads\adwcleaner_8.0.8.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe <3>
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [180736 2020-03-07] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-08-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4064368 2019-05-05] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {003ea3d3-2aa6-11e4-afed-08606e8674f7} - E:\Startme.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {09e382df-f190-11e9-9abb-08606e8674f7} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {9e493240-6f1d-11e5-b102-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {b52b1a40-689a-11e3-b963-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {df8de1ea-d312-11e9-a8d5-08606e8674f7} - G:\Setup.exe
HKLM\...\Print\Monitors\HP 0053 Status Monitor: C:\Windows\system32\hpinksts0053LM.dll [485048 2016-10-14] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 2600 series): C:\Windows\system32\HPDiscoPM0053.dll [983176 2017-07-11] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\Windows\system32\novamnk7.dll [29504 2013-02-13] (Softland S.R.L. -> Softland)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe [2020-10-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Cartridge Alerts - HP DJ 2600 series.lnk [2020-10-31]
ShortcutAndArgument: Monitor Cartridge Alerts - HP DJ 2600 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP DeskJet 2600 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN81S4B63V06PS;CONNECTION=USB;MONITOR=1;
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02802E82-0A48-4E6F-AFCB-5FB450C74309} - System32\Tasks\{C84DF89B-871E-440B-8E9B-BDECE65199C4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\Instaluj.cz - 18054.exe" -d C:\Users\Brano\Downloads
Task: {09AC0BE8-1CD6-47A9-B238-82E0E676DD59} - System32\Tasks\GoogleUpdateTaskMachineCore1d042dc124dc7db => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {163EFA2C-38AA-413F-BDAD-BA54D6394F11} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {23BF5ECF-B0AC-427C-892C-69348CBDDBC3} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3334144 2015-11-08] () [File not signed]
Task: {2411C867-4DDC-47FD-B60B-41DEDD588EDD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2411C867-4DDC-47FD-B60B-41DEDD588EDD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {2411C867-4DDC-47FD-B60B-41DEDD588EDD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {250A440C-F21A-4E9B-85AF-11BA22B5CD1C} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {2724522B-134A-474C-9EB6-DA7E9FACE99F} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4ab95c120830 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {32441C47-2F8F-4469-B5B1-58C49153D824} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-13] (Adobe Inc. -> Adobe)
Task: {3E0BB8CC-BAAF-4755-9F67-95D7BAEB7025} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {405E13AC-8341-4B41-86DB-6906D50DF8C8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Brano-PC-Brano Brano-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {42DB5FF9-8672-4397-B127-FA54497FE901} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {42DB5FF9-8672-4397-B127-FA54497FE901} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {43BEF70E-7D7D-4844-80F7-DD54EC6A612A} - System32\Tasks\{DED9697D-1B88-4E5D-BC6B-283BA8F77FCB} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\cdbremse149.exe -d C:\Users\Brano\Downloads
Task: {444EE762-E700-43C5-AAA6-1E6B77ADB65F} - System32\Tasks\{C0FFF6C3-F189-469A-96CE-CF1023355F9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content\setup.exe" -d "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content"
Task: {462D39BE-6953-43CC-A06B-5D5128B4E36F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {478C3314-719B-4268-AC6B-76F41366753D} - System32\Tasks\{65F998B0-31C9-4897-81A5-C23132EBB797} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6\SETUP.EXE" -d "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6"
Task: {53535CE9-845F-4C20-B59D-EA690EA063B2} - System32\Tasks\HPCustPartic.exe_{E0D756EE-C284-4474-A930-0C4FB6A121F5} => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653064 2017-07-11] (Hewlett Packard -> HP Inc.)
Task: {58666CC9-C7CA-4EA7-B96E-2FF60D61FBA7} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653064 2017-07-11] (Hewlett Packard -> HP Inc.)
Task: {5C2AA820-6EDF-4565-B181-CEBCD60CD391} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2019-11-02] (Microsoft Corporation -> Microsoft)
Task: {662B7186-D8CE-45C9-9E4D-DBA79C0998CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {68A5B2D3-4CB8-4A5C-ABF2-79C1DFE6BA92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-13] (Adobe Inc. -> Adobe)
Task: {72D8AE31-A8C5-4B8A-9FA4-0CDEC4451D9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7619288 2017-05-19] (Piriform Ltd -> Piriform Ltd)
Task: {7BEC0D92-4600-4FCD-8F1D-762A0E1A0CC8} - System32\Tasks\{FDCFB939-C3C8-4E2C-AA87-30D7C63DB24C} => C:\Windows\system32\pcalua.exe -a F:\crack\crack\crack.exe -d F:\crack\crack
Task: {85AC58AD-A5CB-4041-BFC4-B01E33235F2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {85AC58AD-A5CB-4041-BFC4-B01E33235F2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {917062CA-8659-4C76-9C5C-071644AAA348} - System32\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {91F46D62-9AA5-4149-B8F3-7D67FEB099C3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {962D6EB6-5306-4D7F-8068-FD78EDFD8B26} - System32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {9BE904E5-0D6F-4578-A965-AE6E5384DE16} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BEE5AFF-A0A0-420F-9AF9-835D69EC27A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CA94012-1D15-4BCF-8CCC-C305482EE4EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A452A26B-12F5-4101-9FB0-33D758A989D5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115024 2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8087BE9-A643-4AC6-B4F2-1F1FECBCECE9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {AF10A9F9-D562-4C90-B5A4-13384DB689D3} - System32\Tasks\GoogleUpdateTaskMachineUA1cfffe641e69724 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B25DAD4D-AA08-4D93-9F4F-30626FAF15E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B33731B4-8588-421E-8A13-564665B5017D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115024 2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B909C1D2-71D1-415D-97FF-B099390953D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC66F365-810F-49E4-82A7-1CAAC6AB7A47} - System32\Tasks\{E7B74B5B-714F-413B-96C8-B96B5097D740} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\NetBeans 7.3.1\uninstall.exe"
Task: {D470150A-A015-4744-905F-E80EF2BF96B1} - System32\Tasks\{5CEF075C-C815-44AA-B567-3E1ADA22EC10} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTA IV čeština.exe" -d "C:\Users\Brano\Downloads\GTA IV"
Task: {DB86EA97-9714-452B-901D-E5CB9A1010EB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {DD849DB8-3AAE-4B53-AB66-9350FCC54043} - System32\Tasks\AdobeAAMUpdater-1.0-Brano-PC-Brano => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E25F9E5B-416F-4945-9E4A-F480DB92FA65} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {EB4235C3-D593-49CE-90C0-93636392E569} - System32\Tasks\{B8836964-1947-45DC-A13F-730BE3FAEC06} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\WAT20.exe -d C:\Users\Brano\Downloads
Task: {EFDC00BA-EC82-48B9-9276-3EF237F634F5} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {FB33DE0A-443E-44E7-8BB4-EB95E0E9EB6D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FB5D0226-28C7-4084-9DAD-B72FAAF9E695} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4ab95ae36ed2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{9B9F017D-318D-4653-90E8-C8604C546AC6}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{E3DF3D7D-4BAF-48EC-AE63-2096B45D5CF1}: [DhcpNameServer] 192.168.1.1 195.146.128.62

FireFox:
========
FF DefaultProfile: 6ibij09m.default-1474735892871
FF ProfilePath: C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 [2020-10-31]
FF Homepage: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> www.google.sk
FF NewTab: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> www.google.sk
FF Notifications: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> hxxps://badoo.com; hxxps://www.instagram.com; hxxps://tinder.com; hxxps://www.aliexpress.com; hxxps://www.youtube.com; hxxps://www.facebook.com
FF Extension: (Video DownloadHelper) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-30]
FF Extension: (Web Developer) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2020-01-17]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-05-02] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Brano\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Brano\AppData\Roaming\IDM\idmmzcc5 [2019-05-10] [Legacy] [not signed]
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-13] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-10-31]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default [2020-09-28]
CHR DownloadDir: C:\Users\Brano\Desktop\LENOVO
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com
CHR Extension: (Dokumenty) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-30]
CHR Extension: (Disk Google) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Adblock pre Youtube™) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-03-22]
CHR Extension: (Google Search) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (Mendeley Web Importer) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2020-09-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-20]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-20]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-20]
CHR Extension: (IDM Integration Module) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (Scopus Document Download Manager) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojplelelocihfchkdaebocpankipadmp [2020-09-19]
CHR Extension: (Gmail) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-20]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-05]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-13] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-02-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2433232 2020-03-07] (ESET, spol. s r.o. -> ESET)
R2 HFGService; C:\Windows\System32\HFGService.dll [535552 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 Sparx Keystore; C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [446464 2014-05-19] () [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [416072 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [52224 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [78848 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2018-01-12] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-07-26] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50136 2018-04-29] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-04-29] (ESET, spol. s r.o. -> ESET)
S4 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61520 2018-04-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [113336 2019-07-26] (ESET, spol. s r.o. -> ESET)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-10-26] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S1 prodrv06; C:\Windows\SysWOW64\drivers\prodrv06.sys [52128 2003-10-10] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [62720 2003-10-10] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-19] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
U3 ah2iil13; C:\Windows\System32\Drivers\ah2iil13.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
S3 GVCIDrv; \??\C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys [X]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-31 09:14 - 2020-10-31 09:14 - 000003490 _____ C:\Windows\system32\Tasks\AutoKMS
2020-10-31 09:13 - 2020-10-31 09:13 - 002299904 _____ (Farbar) C:\Users\Brano\Downloads\FRST64(1).exe
2020-10-30 21:24 - 2020-10-30 21:24 - 008447152 _____ (Malwarebytes) C:\Users\Brano\Downloads\adwcleaner_8.0.8.exe
2020-10-30 19:27 - 2020-10-30 19:27 - 029689035 _____ C:\Users\Brano\Downloads\ISTQB Test(2).zip
2020-10-29 22:30 - 2020-10-29 22:34 - 000062528 _____ C:\Users\Brano\Downloads\Addition.txt
2020-10-29 22:26 - 2020-10-31 09:17 - 000036249 _____ C:\Users\Brano\Downloads\FRST.txt
2020-10-29 22:25 - 2020-10-29 22:25 - 002299904 _____ (Farbar) C:\Users\Brano\Downloads\FRST64.exe
2020-10-28 22:05 - 2020-10-29 08:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-10-26 17:44 - 2020-10-26 17:44 - 000000000 ____D C:\Users\Brano\AppData\Local\CrashDumps
2020-10-26 17:32 - 2020-10-02 01:59 - 000449264 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-10-26 17:32 - 2020-10-01 07:54 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2020-10-26 16:07 - 2020-10-26 16:07 - 000000000 ____D C:\Users\Brano\ansel
2020-10-26 15:30 - 2020-10-26 17:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-26 15:30 - 2019-04-17 08:42 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2020-10-26 15:28 - 2020-10-26 17:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-26 15:27 - 2020-10-26 15:27 - 000000000 ____D C:\NVIDIA
2020-10-26 15:26 - 2020-10-26 15:26 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\gdrv2.sys
2020-10-26 15:26 - 2020-10-26 15:26 - 000000000 ____D C:\Users\Brano\Documents\temp
2020-10-26 14:09 - 2020-10-26 14:09 - 000000000 ____D C:\Users\Brano\AppData\Local\GIGABYTE
2020-10-25 10:13 - 2020-10-25 10:13 - 000000000 _____ C:\Users\Brano\Downloads\Detection.exe
2020-10-24 22:31 - 2020-10-24 22:33 - 000000000 ____D C:\Users\Brano\Downloads\Supernatural Season 13 COMPLETE S13 720P HEVC BLUURY
2020-10-24 22:24 - 2020-10-24 22:24 - 000001820 _____ C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-10-22 20:52 - 2020-10-22 20:52 - 000000000 ____D C:\Windows\pss
2020-10-22 17:46 - 2020-10-22 17:46 - 009968600 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Brano\Downloads\GPU-Z.2.35.0.exe
2020-10-22 17:46 - 2020-10-22 17:46 - 000000979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000967 _____ C:\Users\Public\Desktop\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000967 _____ C:\ProgramData\Desktop\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2020-10-21 09:02 - 2020-10-25 13:14 - 000000695 _____ C:\Users\Brano\Desktop\Nový textový dokument.txt
2020-10-18 15:08 - 2020-10-18 15:08 - 029689035 _____ C:\Users\Brano\Downloads\ISTQB Test(1).zip
2020-10-18 13:19 - 2020-10-18 13:19 - 000957963 _____ C:\Users\Brano\Downloads\ISTQB_CTFL_Syllabus_SK_2018_3.1-1.pdf
2020-10-13 16:41 - 2020-10-13 16:41 - 029689035 _____ C:\Users\Brano\Downloads\ISTQB Test.zip
2020-10-08 19:05 - 2020-10-08 19:08 - 000000000 ____D C:\Users\Brano\AppData\Local\CallofDuty4MW
2020-10-08 19:05 - 2020-10-08 19:05 - 000000000 ____D C:\Users\Brano\AppData\Local\CrashRpt
2020-10-08 18:03 - 2020-10-08 18:03 - 000000220 _____ C:\Users\Brano\Desktop\Call of Duty 4 Modern Warfare.url
2020-10-08 17:58 - 2020-10-08 17:58 - 000000985 _____ C:\Users\Brano\Desktop\Steam.lnk
2020-10-08 14:25 - 2020-09-24 05:40 - 162341713 _____ C:\Users\Brano\Desktop\FILE200924-063547-000004F.MOV
2020-10-08 14:24 - 2020-09-24 05:45 - 171017075 _____ C:\Users\Brano\Desktop\FILE200924-064047-000005F.MOV
2020-10-08 14:23 - 2020-09-24 15:21 - 294959245 _____ C:\Users\Brano\Desktop\FILE200924-161801-000028F.MOV
2020-10-07 22:11 - 2020-10-07 22:36 - 000000000 ____D C:\Users\Brano\AppData\Roaming\Winamp
2020-10-07 22:08 - 2020-10-07 22:09 - 008201952 _____ (Nullsoft, Inc.) C:\Users\Brano\Downloads\winamp58_3660_beta_full_en-us.exe
2020-10-07 22:05 - 2020-10-07 22:32 - 000000000 ____D C:\Users\Brano\Desktop\Stare pecky do auta

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-31 09:16 - 2015-09-20 14:52 - 000000000 ____D C:\FRST
2020-10-31 09:15 - 2020-02-06 17:31 - 000005012 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for Brano-PC-Brano Brano-PC
2020-10-31 09:15 - 2009-07-14 06:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-31 09:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-10-31 09:14 - 2009-07-14 05:45 - 000035776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-10-31 09:14 - 2009-07-14 05:45 - 000035776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-10-31 09:10 - 2016-11-25 19:19 - 000000000 ____D C:\Users\Brano\AppData\LocalLow\Mozilla
2020-10-31 09:08 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-31 09:07 - 2020-04-16 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-10-31 09:07 - 2020-04-16 18:26 - 000000000 ____D C:\Users\Brano\AppData\Roaming\Lavasoft
2020-10-31 09:07 - 2020-04-16 18:26 - 000000000 ____D C:\Users\Brano\AppData\Local\Lavasoft
2020-10-31 09:07 - 2020-04-16 18:26 - 000000000 ____D C:\ProgramData\Lavasoft
2020-10-31 09:07 - 2020-04-16 18:26 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-10-31 08:38 - 2013-12-18 21:11 - 000000000 ____D C:\Users\Brano\AppData\Local\Adobe
2020-10-31 00:01 - 2019-08-14 16:24 - 000000000 ____D C:\Program Files (x86)\Steam
2020-10-31 00:01 - 2019-05-10 08:23 - 000000000 ____D C:\Users\Brano\AppData\Roaming\DMCache
2020-10-30 22:22 - 2018-01-12 09:32 - 000000388 _____ C:\Windows\Tasks\update-sys.job
2020-10-30 22:17 - 2018-01-12 09:32 - 000000388 _____ C:\Windows\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job
2020-10-30 21:25 - 2015-09-13 17:17 - 000000000 ____D C:\AdwCleaner
2020-10-29 08:24 - 2016-09-24 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-28 22:15 - 2014-07-08 07:52 - 000000000 ____D C:\Program Files\trend micro
2020-10-28 09:02 - 2018-05-02 08:56 - 000015834 _____ C:\Users\Brano\Desktop\MERANIE, 13 BIO TEST.txt
2020-10-26 20:46 - 2013-12-19 20:29 - 000000000 ____D C:\Users\Brano
2020-10-26 17:55 - 2014-05-26 08:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-26 17:34 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2020-10-25 08:31 - 2013-12-18 21:18 - 000000000 ____D C:\Users\Brano\AppData\Roaming\uTorrent
2020-10-24 22:30 - 2020-07-13 22:21 - 000000000 ____D C:\Users\Brano\AppData\LocalLow\uTorrent
2020-10-24 22:30 - 2019-05-24 18:20 - 000000000 ____D C:\Users\Brano\AppData\Local\BitTorrentHelper
2020-10-24 22:24 - 2020-07-13 22:21 - 000000000 ____D C:\ProgramData\Avast Software
2020-10-20 22:55 - 2013-12-18 20:52 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-17 07:52 - 2017-04-08 14:19 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-17 07:50 - 2014-05-11 17:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-14 07:49 - 2015-05-16 12:43 - 000003370 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e
2020-10-14 07:49 - 2015-05-16 12:43 - 000003242 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338
2020-10-08 19:02 - 2019-04-28 08:02 - 000000000 ____D C:\Users\Brano\Downloads\Compressed
2020-10-07 22:12 - 2013-12-19 11:31 - 000000000 ____D C:\Program Files (x86)\Winamp
2020-10-07 21:59 - 2018-05-09 19:20 - 000000000 ____D C:\Users\Brano\Downloads\Video
2020-10-07 21:52 - 2017-09-14 17:53 - 000000000 ____D C:\Users\Brano\Desktop\Jedalnicek
2020-10-07 21:48 - 2013-12-18 22:49 - 000000000 ___RD C:\Users\Brano\Filmy
2020-10-07 21:46 - 2013-12-18 21:37 - 000000000 ____D C:\Users\Brano\BStudio
2020-10-07 21:42 - 2020-08-19 20:55 - 000000000 ____D C:\Users\Brano\Desktop\Videa auto
2020-10-04 17:19 - 2018-04-23 16:04 - 000000000 ____D C:\Users\Brano\Documents\Bandicam

==================== Files in the root of some directories ========

2015-01-23 22:31 - 2018-09-08 12:39 - 000000132 _____ () C:\Users\Brano\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-05-18 17:24 - 2015-05-18 17:24 - 000000000 _____ () C:\Users\Brano\AppData\Roaming\AVSMediaPlayer.m3u
2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\Brano\AppData\Roaming\MafiaSetup.exe
2014-11-22 19:30 - 2014-11-22 19:34 - 000004096 ____H () C:\Users\Brano\AppData\Local\keyfile3.drm
2015-09-20 14:46 - 2015-09-20 14:50 - 000029696 _____ () C:\Users\Brano\AppData\Local\MSGBOX.EXE
2017-03-30 17:46 - 2017-03-30 17:46 - 000005487 _____ () C:\Users\Brano\AppData\Local\recently-used.xbel
2013-12-19 18:07 - 2013-12-24 22:21 - 000007597 _____ () C:\Users\Brano\AppData\Local\Resmon.ResmonCfg
2018-01-12 09:32 - 2018-01-12 09:32 - 000000003 _____ () C:\Users\Brano\AppData\Local\updater.log
2018-01-12 09:32 - 2018-04-25 13:22 - 000000425 _____ () C:\Users\Brano\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2010-11-21 04:24] - [2013-12-19 20:33] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 04:24] - [2013-12-19 20:33] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

LastRegBack: 2020-10-24 17:53
==================== End of FRST.txt ========================

ADDITION

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020
Ran by Brano (31-10-2020 09:19:35)
Running from C:\Users\Brano\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-19 19:29:50)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1572061999-2087841598-3217571495-500 - Administrator - Disabled)
Brano (S-1-5-21-1572061999-2087841598-3217571495-1000 - Administrator - Enabled) => C:\Users\Brano
Guest (S-1-5-21-1572061999-2087841598-3217571495-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1572061999-2087841598-3217571495-1006 - Limited - Enabled)
Oco (S-1-5-21-1572061999-2087841598-3217571495-1004 - Limited - Enabled) => C:\Users\Oco

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Airy (HKLM-x32\...\Airy_is1) (Version: 2.1.206 - Airy Team)
AMD Catalyst Install Manager (HKLM\...\{EDC0E654-60C7-758D-6B81-C8D3ACCEDEE5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
balenaEtcher 1.5.19 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.19 - Balena Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.3.1025 - Bandisoft.com)
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.5.0.592 - Bandicam.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bigasoft Total Video Converter 3.7.16.4643 (HKLM-x32\...\{a72ce741-1f32-4d79-bffb-a714375c678d}_is1) (Version: - Bigasoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
CD Bremse 1.49 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\CD Bremse_is1) (Version: 1.49 - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
dr.fone toolkit for Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.2.31.0 - ESET, spol. s r.o.)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FonePaw for Android 2.9.0 (HKLM-x32\...\{10E7BD57-C5FE-484f-A3F2-A1755286C0A7}_is1) (Version: 2.9.0 - FonePaw)
Font Validator (HKLM-x32\...\{330A929A-F800-4457-9706-DF19224D9770}) (Version: 1.0.0 - Microsoft)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free YouTube Downloader 4.1.559 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Git version 2.12.2 (HKLM\...\Git_is1) (Version: 2.12.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HeidiSQL 10.1.0.5464 (HKLM\...\HeidiSQL_is1) (Version: 10.1 - Ansgar Becker)
HP DeskJet 2600 series Basic Device Software (HKLM\...\{8DA7A239-79C2-49FC-826B-DD26A559FF60}) (Version: 43.2.2474.17192 - HP Inc.)
HP DeskJet 2600 series Help (HKLM-x32\...\{9A36A9D9-787C-4E75-914B-CF133FA88FC9}) (Version: 44.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{C68BD3B6-3CC4-4871-94D1-3412A571001F}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{763E42DC-F6DB-49E5-AAFD-CC3273F858CB}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{1E02EFE9-1EDB-4EE4-B02F-1B23C9AF3CD5}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{ADA6C223-3EEA-4CAF-822A-5380A7A40342}) (Version: 36.0.100.66344 - HP)
HP OneDrive Plugin (HKLM-x32\...\{16DB1A9B-1180-43E7-BE29-7201EE339206}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1F73FB9B-71BC-47F8-8AA6-DA9076E4E52B}) (Version: 43.0.0.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation)
Java SE Development Kit 7 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.2 (64-bit) (HKLM\...\{71307D56-8005-5F5E-9227-BFA2754D6E54}) (Version: 10.0.2.0 - Oracle Corporation)
JetBrains PhpStorm 2018.2.4 (HKLM-x32\...\PhpStorm 2018.2.4) (Version: 182.4505.42 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
K-Lite Mega Codec Pack 14.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.5 - KLCP)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Magic Video Converter 12.1.11.2 (HKLM-x32\...\Magic Video Converter_is1) (Version: - )
Mendeley Desktop 1.17.12 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.12 - Mendeley Ltd.)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneNote 2016 pre študentov a domácnosti - sk-sk (HKLM\...\OneNoteFreeRetail - sk-sk) (Version: 16.0.12527.21236 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.28.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.3.2217.1010 - Microsoft Corporation)
MKVToolNix 6.5.0 (HKLM-x32\...\MKVToolNix) (Version: 6.5.0 - Moritz Bunkus)
MobiKin Doctor for Android (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MobiKin Doctor for Android) (Version: 3.1.13 - MobiKin)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 82.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 82.0.2 (x86 sk)) (Version: 82.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 7 Premium (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51051}) (Version: 7.02.6446 - Nero AG)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PIXresizer (HKLM-x32\...\PIXresizer_is1) (Version: 2.0.8 - Bluefive software)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{EC27E742-EB04-4A2C-BA64-20271929528A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Product Improvement Study for HP DeskJet 2600 series (HKLM\...\{DF44980B-A87A-4945-937A-4812C29F4F32}) (Version: 43.2.2474.17192 - HP Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Sonic Foundry Preset Manager 1.0 (HKLM-x32\...\{7266C898-F9CB-4122-9452-2AA1DACE245E}) (Version: 1.0.73 - Sonic Foundry)
SourceTree (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SourceTree) (Version: 3.3.9 - Atlassian)
Sparx Systems Keystore Service (HKLM-x32\...\{F2043888-7783-4936-9B63-3B33FDB9EC4D}) (Version: 2.2.5 - Sparx Systems Pty Ltd)
STATISTICA 12.5.192.5 64-bit (HKLM\...\{BA4824C0-D7E0-B895-0692-DC95D557E10A}) (Version: 12.5.192.5 - StatSoft, Inc.)
STATNOVAPDF (novaPDF 7.7 printer) (HKLM\...\STATNOVAPDF_is1) (Version: - Softland)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
UltData - Windows 7.1.0.18 (HKLM-x32\...\{UltData - Windows}_is1) (Version: 7.1.0.18 - Tenorshare, Inc.)
Unity 2019.2.0b5 (HKLM-x32\...\Unity 2019.2.0b5) (Version: 2019.2.0b5 - Unity Technologies ApS)
Unity Hub 2.1.3 (HKLM\...\Unity Technologies - Hub) (Version: 2.1.3 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{ECBF7F4D-CD2F-4B70-9060-A2C69AD26F9E}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
VdhCoApp 1.2.2 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VideoProc (HKLM-x32\...\VideoProc) (Version: 3.5 - Digiarty, Inc.)
Visual Studio Community 2017 (HKLM-x32\...\06e29a39) (Version: 15.9.28307.905 - Microsoft Corporation)
Visual Studio Community 2019 (HKLM-x32\...\bd67fa66) (Version: 16.3.29424.173 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{D19BAD98-BFDD-4C70-B66C-EE75F851B9BC}) (Version: 16.3.29311 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DBA97C17-13F0-407B-8BC4-0C2E01A298A5}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{AD3B73B9-D5C8-4FF9-AB73-7A1DC39F3E02}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{6B065DCD-E730-4FCE-905D-2B3F30A91110}) (Version: 16.3.29230 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
Web Accessibility Toolbar 2.0 (HKLM-x32\...\Accessibility Toolbar_is1) (Version: 2.03.0 - Web Accessibility Tools Consortium (WAT-C))
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 5.00 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare Video Converter Ultimate(Build 10.5.0.204) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.5.0.204 - Wondershare Software)
Wondershare Video Converter Ultimate(Build 6.0.3.2) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.0.3.2 - Wondershare Software)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.10-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers1: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2012-11-20] (Wondershare Software Co., Ltd. -> )
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Record To CD] -> {34F4B935-17DC-4885-8BC9-CCD1ADF42F93} => C:\Program Files\Alex Feinman\ISO Recorder\ISORecorder.dll [2010-06-08] (Alex Feinman) [File not signed]
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Create ISO Image from directory] -> {34F4B935-17DC-4885-8BC9-CCD1ADF42F93} => C:\Program Files\Alex Feinman\ISO Recorder\ISORecorder.dll [2010-06-08] (Alex Feinman) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1572061999-2087841598-3217571495-1000: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [70712 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [25640 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [70200 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2008-11-24] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2008-11-24] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2008-11-24] (NCT Company) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2008-11-24] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2008-11-24] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [66104 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [23080 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [66104 2013-08-05] (Bandisoft -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Brano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-04-22 12:13 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-04-22 12:13 - 2017-03-23 08:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2013-08-30 01:49 - 2013-08-30 01:49 - 000103424 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2017-09-28 15:52 - 2017-09-28 15:52 - 000128000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DXGIDebug.dll
2010-11-21 04:24 - 2013-12-19 20:33 - 001008640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2010-11-21 04:24 - 2013-12-19 20:33 - 000833024 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\USER32.dll
2019-03-09 17:11 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2018-01-12 09:32 - 2017-05-23 13:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-01-12 09:32 - 2017-05-23 13:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2019-03-09 17:11 - 2017-06-21 09:24 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2019-03-09 17:11 - 2017-06-21 09:24 - 000198144 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll
2019-04-22 12:13 - 2017-03-23 08:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.sk
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-05] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files\StatSoft\STATISTICA 12\StaBHO.dll [2014-04-19] (StatSoft, Inc. -> StatSoft, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-05] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll [2014-04-18] (StatSoft, Inc. -> StatSoft, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - Web Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files (x86)\Accessibility_Toolbar\Accessibility_Toolbar.dll [2007-06-19] (NILS Accessible Information Solutions) [File not signed]
Toolbar: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> No Name - {11352A67-0178-46B1-8855-D50B2F81C054} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-05-22 13:40 - 000000826 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\VDownloader;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Git\cmd;C:\xampp\php
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^Users^Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do aplikácie OneNote.lnk => C:\Windows\pss\Odoslanie do aplikácie OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do programu OneNote.lnk => C:\Windows\pss\Odoslanie do programu OneNote.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: uTorrent => "C:\Users\Brano\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D21B1771-2522-4491-B7A9-CADA137FAB33}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7013C732-79A0-4166-8C32-FF5F279992E7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{81EA731B-2141-4DD3-9739-7002AE39C819}] => (Allow) LPort=2869
FirewallRules: [{1FD47E96-0F51-4272-BC53-85810245B588}] => (Allow) LPort=1900
FirewallRules: [{1328E9CB-4665-4C27-BEF0-48157B231204}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1984EEB3-357C-4403-AF31-82115796A1C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6BC82C89-EF94-4205-90AA-78A57D42CC2A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB3D65B-EFAC-41CB-87EE-F7E0CAE1DE4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ACF18DC0-B385-40A4-9A8A-E0F912113193}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D45DDDE6-B05D-4300-99EB-1F69731A5380}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5339F94B-2FEE-4088-80EE-7BDA611C2B0C}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{845793B6-51AD-440E-A04A-5E6F8EC1CBEB}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{EB009958-651C-49D6-A31B-CC34C58BC010}] => (Allow) LPort=5357
FirewallRules: [{AB5DC447-2A99-45AF-BFA4-4121CFACFD31}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{26E0A095-01D0-430A-BA5E-736CA96FF0A4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{18CC0322-FF19-492B-AFE9-6097B8931B23}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{18971426-E9DA-4512-ADBA-1AB480A7EF5E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{8D62D761-74A4-4B31-B334-D57ECD411C25}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{C066FC4A-6062-4C3C-AEE2-1CDEDE4BCE3B}C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe
FirewallRules: [UDP Query User{2EB691A6-27AB-4E01-AB2D-6A05F0B57D09}C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe
FirewallRules: [TCP Query User{0F5BA401-5B5A-441D-8281-306D939663D0}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{CD348FCD-B073-412B-97E9-A334B0F0B99F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{32357E38-D5CD-4CB7-8446-2776D1BA8DA3}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [File not signed]
FirewallRules: [UDP Query User{AA5DE1E0-9F4A-47C8-B7AC-AB3A383AC2D9}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [File not signed]
FirewallRules: [TCP Query User{BFB8D076-53D2-40D4-B0B4-3B019DF4545C}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{D312778A-E90D-4C5B-A1B3-25230A5ADCD2}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{1733422F-A960-4A29-AD7C-9BEF581DBB5C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{288EA8B1-370F-41E0-A944-500459ECC311}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CD136CA1-536B-4858-A648-9207F380F2BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5ED74209-4945-4194-9871-512FE127DCA3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B93E31C-D226-43C7-B3A2-402C85446F38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8F6D240D-7EA5-4A17-ABFE-C7BCB26BDA12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{33272BC3-EB1B-482A-88E6-21EE1C0BBE27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{A792A035-3B2B-4244-BE9D-BE6FE1EB1EA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{4D59EE0F-B3B5-4A6B-85B8-5FAD66714C3E}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{007FBBDB-0B0F-4088-9E9F-7B4F6FEE5144}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{879029F2-381D-4E5B-8314-3096E383852A}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{CD1A30BE-791A-4A60-B016-9D5D4BF38CF6}] => (Allow) C:\Program Files\Unity\Hub\Editor\2019.2.0b5\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{82ED7ED6-63E9-4AAE-B312-DC5F38BFDEB6}] => (Block) C:\Program Files\Unity\Hub\Editor\2019.2.0b5\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{67A09A73-CB53-445C-ABDC-D2B9FCF6A6FB}C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{67AF297A-5066-451F-B3DC-9C0AD8540F9A}C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{687EAE79-40B2-4441-AA44-44608AEA369B}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{DF5E86FE-BF94-4EF6-8F8D-9613D3BC8A28}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4CF2952D-B9B3-438E-BB89-569A7876A1E5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{5FD36215-D857-4D03-960F-C9D92C586111}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{850BD309-3F3F-41F1-9EA4-BDE09ADACF3A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{1DD1E010-622F-4AF1-B0D3-ADABB737461F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{A1159810-3E9D-4A00-AF3E-7C78DC29B5FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{391AA469-8C15-480D-B2E2-F1B85086867B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{06F771F2-1999-4DC2-8370-C86F6E843875}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{A276FD26-8714-49DA-A800-8CF421098C3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{4F087E74-5FBE-4E99-A172-563CA6999866}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-10-2020 17:58:08 Plánovaný kontrolný bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/31/2020 09:19:13 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-07T08:13:13Z. Error Code: 0x80041321.

Error: (10/31/2020 09:15:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/31/2020 09:15:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/31/2020 09:10:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/31/2020 08:42:22 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-07T07:32:22Z. Error Code: 0x80041321.

Error: (10/31/2020 08:34:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/31/2020 08:34:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/31/2020 08:28:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (10/31/2020 09:09:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
edevmon
prodrv06
prohlp02
prosync1
sfhlp01

Error: (10/31/2020 09:08:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMChameleon zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.

Error: (10/31/2020 09:08:22 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/31/2020 09:07:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Media Player - služba zdieľania v sieti zlyhalo kvôli nasledujúcej chybe:
Pretože zlyhalo prihlásenie, službu sa nepodarilo spustiť.

Error: (10/31/2020 09:07:57 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe WMPNetworkSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako NT AUTHORITY\NetworkService kvôli nasledujúcej chybe:
Požiadavka nie je podporovaná.

Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).

Error: (10/31/2020 09:07:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (10/31/2020 09:07:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player - služba zdieľania v sieti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (10/31/2020 09:07:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Windows Defender:
===================================
Date: 2014-07-09 17:33:24.219
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:26:00.305
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:18:42.187
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:18:36.747
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:Systém nemôže nájsť zadaný súbor.
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2020-10-26 17:24:16.653
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:16.606
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:15.701
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:15.654
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:03.801
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:03.754
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:02.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:02.693
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 5301 10/10/2012
Motherboard: ASUSTeK COMPUTER INC. F2A55
Processor: AMD Athlon(tm) X4 740 Quad Core Processor
Percentage of memory in use: 44%
Total physical RAM: 12240.01 MB
Available physical RAM: 6783.05 MB
Total Virtual: 24478.22 MB
Available Virtual: 17798.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:143.86 GB) NTFS

\\?\Volume{e3d1d243-6853-11e3-8e4f-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DDF9D34A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 31 říj 2020 11:30

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Windows\AutoKMS
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {003ea3d3-2aa6-11e4-afed-08606e8674f7} - E:\Startme.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {09e382df-f190-11e9-9abb-08606e8674f7} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {9e493240-6f1d-11e5-b102-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {b52b1a40-689a-11e3-b963-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {df8de1ea-d312-11e9-a8d5-08606e8674f7} - G:\Setup.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {02802E82-0A48-4E6F-AFCB-5FB450C74309} - System32\Tasks\{C84DF89B-871E-440B-8E9B-BDECE65199C4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\Instaluj.cz - 18054.exe" -d C:\Users\Brano\Downloads
Task: {09AC0BE8-1CD6-47A9-B238-82E0E676DD59} - System32\Tasks\GoogleUpdateTaskMachineCore1d042dc124dc7db => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {43BEF70E-7D7D-4844-80F7-DD54EC6A612A} - System32\Tasks\{DED9697D-1B88-4E5D-BC6B-283BA8F77FCB} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\cdbremse149.exe -d C:\Users\Brano\Downloads
Task: {444EE762-E700-43C5-AAA6-1E6B77ADB65F} - System32\Tasks\{C0FFF6C3-F189-469A-96CE-CF1023355F9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content\setup.exe" -d "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content"
Task: {478C3314-719B-4268-AC6B-76F41366753D} - System32\Tasks\{65F998B0-31C9-4897-81A5-C23132EBB797} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6\SETUP.EXE" -d "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6"
Task: {7BEC0D92-4600-4FCD-8F1D-762A0E1A0CC8} - System32\Tasks\{FDCFB939-C3C8-4E2C-AA87-30D7C63DB24C} => C:\Windows\system32\pcalua.exe -a F:\crack\crack\crack.exe -d F:\crack\crack
F:\crack\crack\crack.exe
Task: {962D6EB6-5306-4D7F-8068-FD78EDFD8B26} - System32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {AF10A9F9-D562-4C90-B5A4-13384DB689D3} - System32\Tasks\GoogleUpdateTaskMachineUA1cfffe641e69724 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B25DAD4D-AA08-4D93-9F4F-30626FAF15E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {CC66F365-810F-49E4-82A7-1CAAC6AB7A47} - System32\Tasks\{E7B74B5B-714F-413B-96C8-B96B5097D740} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\NetBeans 7.3.1\uninstall.exe"
Task: {D470150A-A015-4744-905F-E80EF2BF96B1} - System32\Tasks\{5CEF075C-C815-44AA-B567-3E1ADA22EC10} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTA IV čeština.exe" -d "C:\Users\Brano\Downloads\GTA IV"
Task: {EB4235C3-D593-49CE-90C0-93636392E569} - System32\Tasks\{B8836964-1947-45DC-A13F-730BE3FAEC06} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\WAT20.exe -d C:\Users\Brano\Downloads
Task: {FB5D0226-28C7-4084-9DAD-B72FAAF9E695} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4ab95ae36ed2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
U3 ah2iil13; C:\Windows\System32\Drivers\ah2iil13.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\Windows\system32\Tasks\AutoKMS
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers1: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
Toolbar: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> No Name - {11352A67-0178-46B1-8855-D50B2F81C054} - No File

EmptyTemp:
End

Uložte do C:\Users\Brano\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

branno · #9 Příspěvek od **branno** » 01 lis 2020 22:30

C:\Users\Brano\Downloads takyto adresar som nenasiel na danej ceste

iba ak:

C:\Users\Brano\dokumenty'\Downloads
C:\Users\Brano\.nbi\Downloads

nemoze to byt nieco z tohto?

#10 Příspěvek od **Rudy** » 02 lis 2020 10:42

Adresář by měl být C:\Users\Brano\Downloads. Stáhl jste si do něj FRST. V hlavičce logu je toto:

Running from C:\Users\Brano\Downloads

Z jiného adresáře vám Fix nepojede.

branno · #11 Příspěvek od **branno** » 03 lis 2020 00:02

Tak sa mi to podarilo nakoniec najst

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2020
Ran by Brano (administrator) on BRANO-PC (31-10-2020 09:14:11)
Running from C:\Users\Brano\Downloads
Loaded Profiles: Brano
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe
() [File not signed] C:\Windows\AutoKMS\AutoKMS.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\Brano\Downloads\adwcleaner_8.0.8.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe <3>
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(StarWind Software) [File not signed] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [180736 2020-03-07] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [676608 2013-08-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4064368 2019-05-05] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {003ea3d3-2aa6-11e4-afed-08606e8674f7} - E:\Startme.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {09e382df-f190-11e9-9abb-08606e8674f7} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {9e493240-6f1d-11e5-b102-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {b52b1a40-689a-11e3-b963-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {df8de1ea-d312-11e9-a8d5-08606e8674f7} - G:\Setup.exe
HKLM\...\Print\Monitors\HP 0053 Status Monitor: C:\Windows\system32\hpinksts0053LM.dll [485048 2016-10-14] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 2600 series): C:\Windows\system32\HPDiscoPM0053.dll [983176 2017-07-11] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\Windows\system32\novamnk7.dll [29504 2013-02-13] (Softland S.R.L. -> Softland)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe [2020-10-20] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Cartridge Alerts - HP DJ 2600 series.lnk [2020-10-31]
ShortcutAndArgument: Monitor Cartridge Alerts - HP DJ 2600 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP DeskJet 2600 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN81S4B63V06PS;CONNECTION=USB;MONITOR=1;
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02802E82-0A48-4E6F-AFCB-5FB450C74309} - System32\Tasks\{C84DF89B-871E-440B-8E9B-BDECE65199C4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\Instaluj.cz - 18054.exe" -d C:\Users\Brano\Downloads
Task: {09AC0BE8-1CD6-47A9-B238-82E0E676DD59} - System32\Tasks\GoogleUpdateTaskMachineCore1d042dc124dc7db => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {163EFA2C-38AA-413F-BDAD-BA54D6394F11} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {23BF5ECF-B0AC-427C-892C-69348CBDDBC3} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [3334144 2015-11-08] () [File not signed]
Task: {2411C867-4DDC-47FD-B60B-41DEDD588EDD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2411C867-4DDC-47FD-B60B-41DEDD588EDD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {2411C867-4DDC-47FD-B60B-41DEDD588EDD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {250A440C-F21A-4E9B-85AF-11BA22B5CD1C} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {2724522B-134A-474C-9EB6-DA7E9FACE99F} - System32\Tasks\GoogleUpdateTaskMachineUA1cf4ab95c120830 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {32441C47-2F8F-4469-B5B1-58C49153D824} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe [1457208 2019-08-13] (Adobe Inc. -> Adobe)
Task: {3E0BB8CC-BAAF-4755-9F67-95D7BAEB7025} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {405E13AC-8341-4B41-86DB-6906D50DF8C8} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Brano-PC-Brano Brano-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {42DB5FF9-8672-4397-B127-FA54497FE901} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {42DB5FF9-8672-4397-B127-FA54497FE901} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {43BEF70E-7D7D-4844-80F7-DD54EC6A612A} - System32\Tasks\{DED9697D-1B88-4E5D-BC6B-283BA8F77FCB} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\cdbremse149.exe -d C:\Users\Brano\Downloads
Task: {444EE762-E700-43C5-AAA6-1E6B77ADB65F} - System32\Tasks\{C0FFF6C3-F189-469A-96CE-CF1023355F9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content\setup.exe" -d "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content"
Task: {462D39BE-6953-43CC-A06B-5D5128B4E36F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {478C3314-719B-4268-AC6B-76F41366753D} - System32\Tasks\{65F998B0-31C9-4897-81A5-C23132EBB797} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6\SETUP.EXE" -d "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6"
Task: {53535CE9-845F-4C20-B59D-EA690EA063B2} - System32\Tasks\HPCustPartic.exe_{E0D756EE-C284-4474-A930-0C4FB6A121F5} => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653064 2017-07-11] (Hewlett Packard -> HP Inc.)
Task: {58666CC9-C7CA-4EA7-B96E-2FF60D61FBA7} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653064 2017-07-11] (Hewlett Packard -> HP Inc.)
Task: {5C2AA820-6EDF-4565-B181-CEBCD60CD391} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64920 2019-11-02] (Microsoft Corporation -> Microsoft)
Task: {662B7186-D8CE-45C9-9E4D-DBA79C0998CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {68A5B2D3-4CB8-4A5C-ABF2-79C1DFE6BA92} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-13] (Adobe Inc. -> Adobe)
Task: {72D8AE31-A8C5-4B8A-9FA4-0CDEC4451D9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7619288 2017-05-19] (Piriform Ltd -> Piriform Ltd)
Task: {7BEC0D92-4600-4FCD-8F1D-762A0E1A0CC8} - System32\Tasks\{FDCFB939-C3C8-4E2C-AA87-30D7C63DB24C} => C:\Windows\system32\pcalua.exe -a F:\crack\crack\crack.exe -d F:\crack\crack
Task: {85AC58AD-A5CB-4041-BFC4-B01E33235F2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {85AC58AD-A5CB-4041-BFC4-B01E33235F2D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation)
Task: {917062CA-8659-4C76-9C5C-071644AAA348} - System32\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {91F46D62-9AA5-4149-B8F3-7D67FEB099C3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {962D6EB6-5306-4D7F-8068-FD78EDFD8B26} - System32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {9BE904E5-0D6F-4578-A965-AE6E5384DE16} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BEE5AFF-A0A0-420F-9AF9-835D69EC27A3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CA94012-1D15-4BCF-8CCC-C305482EE4EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A452A26B-12F5-4101-9FB0-33D758A989D5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115024 2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8087BE9-A643-4AC6-B4F2-1F1FECBCECE9} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {AF10A9F9-D562-4C90-B5A4-13384DB689D3} - System32\Tasks\GoogleUpdateTaskMachineUA1cfffe641e69724 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B25DAD4D-AA08-4D93-9F4F-30626FAF15E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B33731B4-8588-421E-8A13-564665B5017D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115024 2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B909C1D2-71D1-415D-97FF-B099390953D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC66F365-810F-49E4-82A7-1CAAC6AB7A47} - System32\Tasks\{E7B74B5B-714F-413B-96C8-B96B5097D740} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\NetBeans 7.3.1\uninstall.exe"
Task: {D470150A-A015-4744-905F-E80EF2BF96B1} - System32\Tasks\{5CEF075C-C815-44AA-B567-3E1ADA22EC10} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTA IV čeština.exe" -d "C:\Users\Brano\Downloads\GTA IV"
Task: {DB86EA97-9714-452B-901D-E5CB9A1010EB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {DD849DB8-3AAE-4B53-AB66-9350FCC54043} - System32\Tasks\AdobeAAMUpdater-1.0-Brano-PC-Brano => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E25F9E5B-416F-4945-9E4A-F480DB92FA65} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {EB4235C3-D593-49CE-90C0-93636392E569} - System32\Tasks\{B8836964-1947-45DC-A13F-730BE3FAEC06} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\WAT20.exe -d C:\Users\Brano\Downloads
Task: {EFDC00BA-EC82-48B9-9276-3EF237F634F5} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5642272 2013-08-13] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {FB33DE0A-443E-44E7-8BB4-EB95E0E9EB6D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1572061999-2087841598-3217571495-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FB5D0226-28C7-4084-9DAD-B72FAAF9E695} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4ab95ae36ed2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{9B9F017D-318D-4653-90E8-C8604C546AC6}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{E3DF3D7D-4BAF-48EC-AE63-2096B45D5CF1}: [DhcpNameServer] 192.168.1.1 195.146.128.62

FireFox:
========
FF DefaultProfile: 6ibij09m.default-1474735892871
FF ProfilePath: C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 [2020-10-31]
FF Homepage: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> www.google.sk
FF NewTab: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> www.google.sk
FF Notifications: Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871 -> hxxps://badoo.com; hxxps://www.instagram.com; hxxps://tinder.com; hxxps://www.aliexpress.com; hxxps://www.youtube.com; hxxps://www.facebook.com
FF Extension: (Video DownloadHelper) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-30]
FF Extension: (Web Developer) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2020-01-17]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Brano\AppData\Roaming\Mozilla\Firefox\Profiles\6ibij09m.default-1474735892871\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-05-02] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Brano\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Brano\AppData\Roaming\IDM\idmmzcc5 [2019-05-10] [Legacy] [not signed]
FF HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_238.dll [2019-08-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_238.dll [2019-08-13] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-10-31]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default [2020-09-28]
CHR DownloadDir: C:\Users\Brano\Desktop\LENOVO
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com
CHR Extension: (Dokumenty) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-30]
CHR Extension: (Disk Google) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Adblock pre Youtube™) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-03-22]
CHR Extension: (Google Search) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (Mendeley Web Importer) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dagcmkpagjlhakfdhnbomgmjdpkdklff [2020-09-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-20]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-09-20]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-09-20]
CHR Extension: (IDM Integration Module) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-09-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (Scopus Document Download Manager) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojplelelocihfchkdaebocpankipadmp [2020-09-19]
CHR Extension: (Gmail) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-05]
CHR Extension: (Chrome Media Router) - C:\Users\Brano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-20]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-05]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-05-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-13] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-02-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2433232 2020-03-07] (ESET, spol. s r.o. -> ESET)
R2 HFGService; C:\Windows\System32\HFGService.dll [535552 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 Sparx Keystore; C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [446464 2014-05-19] () [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [416072 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [52224 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [78848 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [120416 2018-01-12] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-07-26] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50136 2018-04-29] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-04-29] (ESET, spol. s r.o. -> ESET)
S4 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61520 2018-04-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [113336 2019-07-26] (ESET, spol. s r.o. -> ESET)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-10-26] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S1 prodrv06; C:\Windows\SysWOW64\drivers\prodrv06.sys [52128 2003-10-10] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [62720 2003-10-10] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2009-11-19] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-12-19] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [442848 2018-05-02] (Bitdefender SRL -> BitDefender S.R.L.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
U3 ah2iil13; C:\Windows\System32\Drivers\ah2iil13.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
S3 GVCIDrv; \??\C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys [X]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-31 09:14 - 2020-10-31 09:14 - 000003490 _____ C:\Windows\system32\Tasks\AutoKMS
2020-10-31 09:13 - 2020-10-31 09:13 - 002299904 _____ (Farbar) C:\Users\Brano\Downloads\FRST64(1).exe
2020-10-30 21:24 - 2020-10-30 21:24 - 008447152 _____ (Malwarebytes) C:\Users\Brano\Downloads\adwcleaner_8.0.8.exe
2020-10-30 19:27 - 2020-10-30 19:27 - 029689035 _____ C:\Users\Brano\Downloads\ISTQB Test(2).zip
2020-10-29 22:30 - 2020-10-29 22:34 - 000062528 _____ C:\Users\Brano\Downloads\Addition.txt
2020-10-29 22:26 - 2020-10-31 09:17 - 000036249 _____ C:\Users\Brano\Downloads\FRST.txt
2020-10-29 22:25 - 2020-10-29 22:25 - 002299904 _____ (Farbar) C:\Users\Brano\Downloads\FRST64.exe
2020-10-28 22:05 - 2020-10-29 08:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-10-26 17:44 - 2020-10-26 17:44 - 000000000 ____D C:\Users\Brano\AppData\Local\CrashDumps
2020-10-26 17:32 - 2020-10-02 01:59 - 000449264 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-10-26 17:32 - 2020-10-01 07:54 - 000067456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2020-10-26 16:07 - 2020-10-26 16:07 - 000000000 ____D C:\Users\Brano\ansel
2020-10-26 15:30 - 2020-10-26 17:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-10-26 15:30 - 2019-04-17 08:42 - 000069840 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2020-10-26 15:28 - 2020-10-26 17:55 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-10-26 15:27 - 2020-10-26 15:27 - 000000000 ____D C:\NVIDIA
2020-10-26 15:26 - 2020-10-26 15:26 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\gdrv2.sys
2020-10-26 15:26 - 2020-10-26 15:26 - 000000000 ____D C:\Users\Brano\Documents\temp
2020-10-26 14:09 - 2020-10-26 14:09 - 000000000 ____D C:\Users\Brano\AppData\Local\GIGABYTE
2020-10-25 10:13 - 2020-10-25 10:13 - 000000000 _____ C:\Users\Brano\Downloads\Detection.exe
2020-10-24 22:31 - 2020-10-24 22:33 - 000000000 ____D C:\Users\Brano\Downloads\Supernatural Season 13 COMPLETE S13 720P HEVC BLUURY
2020-10-24 22:24 - 2020-10-24 22:24 - 000001820 _____ C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-10-22 20:52 - 2020-10-22 20:52 - 000000000 ____D C:\Windows\pss
2020-10-22 17:46 - 2020-10-22 17:46 - 009968600 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Brano\Downloads\GPU-Z.2.35.0.exe
2020-10-22 17:46 - 2020-10-22 17:46 - 000000979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000967 _____ C:\Users\Public\Desktop\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000967 _____ C:\ProgramData\Desktop\TechPowerUp GPU-Z.lnk
2020-10-22 17:46 - 2020-10-22 17:46 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2020-10-21 09:02 - 2020-10-25 13:14 - 000000695 _____ C:\Users\Brano\Desktop\Nový textový dokument.txt
2020-10-18 15:08 - 2020-10-18 15:08 - 029689035 _____ C:\Users\Brano\Downloads\ISTQB Test(1).zip
2020-10-18 13:19 - 2020-10-18 13:19 - 000957963 _____ C:\Users\Brano\Downloads\ISTQB_CTFL_Syllabus_SK_2018_3.1-1.pdf
2020-10-13 16:41 - 2020-10-13 16:41 - 029689035 _____ C:\Users\Brano\Downloads\ISTQB Test.zip
2020-10-08 19:05 - 2020-10-08 19:08 - 000000000 ____D C:\Users\Brano\AppData\Local\CallofDuty4MW
2020-10-08 19:05 - 2020-10-08 19:05 - 000000000 ____D C:\Users\Brano\AppData\Local\CrashRpt
2020-10-08 18:03 - 2020-10-08 18:03 - 000000220 _____ C:\Users\Brano\Desktop\Call of Duty 4 Modern Warfare.url
2020-10-08 17:58 - 2020-10-08 17:58 - 000000985 _____ C:\Users\Brano\Desktop\Steam.lnk
2020-10-08 14:25 - 2020-09-24 05:40 - 162341713 _____ C:\Users\Brano\Desktop\FILE200924-063547-000004F.MOV
2020-10-08 14:24 - 2020-09-24 05:45 - 171017075 _____ C:\Users\Brano\Desktop\FILE200924-064047-000005F.MOV
2020-10-08 14:23 - 2020-09-24 15:21 - 294959245 _____ C:\Users\Brano\Desktop\FILE200924-161801-000028F.MOV
2020-10-07 22:11 - 2020-10-07 22:36 - 000000000 ____D C:\Users\Brano\AppData\Roaming\Winamp
2020-10-07 22:08 - 2020-10-07 22:09 - 008201952 _____ (Nullsoft, Inc.) C:\Users\Brano\Downloads\winamp58_3660_beta_full_en-us.exe
2020-10-07 22:05 - 2020-10-07 22:32 - 000000000 ____D C:\Users\Brano\Desktop\Stare pecky do auta

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-31 09:16 - 2015-09-20 14:52 - 000000000 ____D C:\FRST
2020-10-31 09:15 - 2020-02-06 17:31 - 000005012 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for Brano-PC-Brano Brano-PC
2020-10-31 09:15 - 2009-07-14 06:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-31 09:15 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-10-31 09:14 - 2009-07-14 05:45 - 000035776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-10-31 09:14 - 2009-07-14 05:45 - 000035776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-10-31 09:10 - 2016-11-25 19:19 - 000000000 ____D C:\Users\Brano\AppData\LocalLow\Mozilla
2020-10-31 09:08 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-31 09:07 - 2020-04-16 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2020-10-31 09:07 - 2020-04-16 18:26 - 000000000 ____D C:\Users\Brano\AppData\Roaming\Lavasoft
2020-10-31 09:07 - 2020-04-16 18:26 - 000000000 ____D C:\Users\Brano\AppData\Local\Lavasoft
2020-10-31 09:07 - 2020-04-16 18:26 - 000000000 ____D C:\ProgramData\Lavasoft
2020-10-31 09:07 - 2020-04-16 18:26 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2020-10-31 08:38 - 2013-12-18 21:11 - 000000000 ____D C:\Users\Brano\AppData\Local\Adobe
2020-10-31 00:01 - 2019-08-14 16:24 - 000000000 ____D C:\Program Files (x86)\Steam
2020-10-31 00:01 - 2019-05-10 08:23 - 000000000 ____D C:\Users\Brano\AppData\Roaming\DMCache
2020-10-30 22:22 - 2018-01-12 09:32 - 000000388 _____ C:\Windows\Tasks\update-sys.job
2020-10-30 22:17 - 2018-01-12 09:32 - 000000388 _____ C:\Windows\Tasks\update-S-1-5-21-1572061999-2087841598-3217571495-1000.job
2020-10-30 21:25 - 2015-09-13 17:17 - 000000000 ____D C:\AdwCleaner
2020-10-29 08:24 - 2016-09-24 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-28 22:15 - 2014-07-08 07:52 - 000000000 ____D C:\Program Files\trend micro
2020-10-28 09:02 - 2018-05-02 08:56 - 000015834 _____ C:\Users\Brano\Desktop\MERANIE, 13 BIO TEST.txt
2020-10-26 20:46 - 2013-12-19 20:29 - 000000000 ____D C:\Users\Brano
2020-10-26 17:55 - 2014-05-26 08:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-10-26 17:34 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2020-10-25 08:31 - 2013-12-18 21:18 - 000000000 ____D C:\Users\Brano\AppData\Roaming\uTorrent
2020-10-24 22:30 - 2020-07-13 22:21 - 000000000 ____D C:\Users\Brano\AppData\LocalLow\uTorrent
2020-10-24 22:30 - 2019-05-24 18:20 - 000000000 ____D C:\Users\Brano\AppData\Local\BitTorrentHelper
2020-10-24 22:24 - 2020-07-13 22:21 - 000000000 ____D C:\ProgramData\Avast Software
2020-10-20 22:55 - 2013-12-18 20:52 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-17 07:52 - 2017-04-08 14:19 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-17 07:50 - 2014-05-11 17:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-14 07:49 - 2015-05-16 12:43 - 000003370 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e
2020-10-14 07:49 - 2015-05-16 12:43 - 000003242 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338
2020-10-08 19:02 - 2019-04-28 08:02 - 000000000 ____D C:\Users\Brano\Downloads\Compressed
2020-10-07 22:12 - 2013-12-19 11:31 - 000000000 ____D C:\Program Files (x86)\Winamp
2020-10-07 21:59 - 2018-05-09 19:20 - 000000000 ____D C:\Users\Brano\Downloads\Video
2020-10-07 21:52 - 2017-09-14 17:53 - 000000000 ____D C:\Users\Brano\Desktop\Jedalnicek
2020-10-07 21:48 - 2013-12-18 22:49 - 000000000 ___RD C:\Users\Brano\Filmy
2020-10-07 21:46 - 2013-12-18 21:37 - 000000000 ____D C:\Users\Brano\BStudio
2020-10-07 21:42 - 2020-08-19 20:55 - 000000000 ____D C:\Users\Brano\Desktop\Videa auto
2020-10-04 17:19 - 2018-04-23 16:04 - 000000000 ____D C:\Users\Brano\Documents\Bandicam

==================== Files in the root of some directories ========

2015-01-23 22:31 - 2018-09-08 12:39 - 000000132 _____ () C:\Users\Brano\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-05-18 17:24 - 2015-05-18 17:24 - 000000000 _____ () C:\Users\Brano\AppData\Roaming\AVSMediaPlayer.m3u
2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\Brano\AppData\Roaming\MafiaSetup.exe
2014-11-22 19:30 - 2014-11-22 19:34 - 000004096 ____H () C:\Users\Brano\AppData\Local\keyfile3.drm
2015-09-20 14:46 - 2015-09-20 14:50 - 000029696 _____ () C:\Users\Brano\AppData\Local\MSGBOX.EXE
2017-03-30 17:46 - 2017-03-30 17:46 - 000005487 _____ () C:\Users\Brano\AppData\Local\recently-used.xbel
2013-12-19 18:07 - 2013-12-24 22:21 - 000007597 _____ () C:\Users\Brano\AppData\Local\Resmon.ResmonCfg
2018-01-12 09:32 - 2018-01-12 09:32 - 000000003 _____ () C:\Users\Brano\AppData\Local\updater.log
2018-01-12 09:32 - 2018-04-25 13:22 - 000000425 _____ () C:\Users\Brano\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2010-11-21 04:24] - [2013-12-19 20:33] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 04:24] - [2013-12-19 20:33] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

LastRegBack: 2020-10-24 17:53
==================== End of FRST.txt ========================

addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020
Ran by Brano (31-10-2020 09:19:35)
Running from C:\Users\Brano\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-19 19:29:50)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1572061999-2087841598-3217571495-500 - Administrator - Disabled)
Brano (S-1-5-21-1572061999-2087841598-3217571495-1000 - Administrator - Enabled) => C:\Users\Brano
Guest (S-1-5-21-1572061999-2087841598-3217571495-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1572061999-2087841598-3217571495-1006 - Limited - Enabled)
Oco (S-1-5-21-1572061999-2087841598-3217571495-1004 - Limited - Enabled) => C:\Users\Oco

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.238 - Adobe)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Airy (HKLM-x32\...\Airy_is1) (Version: 2.1.206 - Airy Team)
AMD Catalyst Install Manager (HKLM\...\{EDC0E654-60C7-758D-6B81-C8D3ACCEDEE5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
balenaEtcher 1.5.19 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.19 - Balena Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.3.1025 - Bandisoft.com)
Bandicut (HKLM-x32\...\Bandicut) (Version: 3.5.0.592 - Bandicam.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bigasoft Total Video Converter 3.7.16.4643 (HKLM-x32\...\{a72ce741-1f32-4d79-bffb-a714375c678d}_is1) (Version: - Bigasoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
CD Bremse 1.49 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\CD Bremse_is1) (Version: 1.49 - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
dr.fone toolkit for Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 12.2.31.0 - ESET, spol. s r.o.)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FonePaw for Android 2.9.0 (HKLM-x32\...\{10E7BD57-C5FE-484f-A3F2-A1755286C0A7}_is1) (Version: 2.9.0 - FonePaw)
Font Validator (HKLM-x32\...\{330A929A-F800-4457-9706-DF19224D9770}) (Version: 1.0.0 - Microsoft)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free YouTube Downloader 4.1.559 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
Git version 2.12.2 (HKLM\...\Git_is1) (Version: 2.12.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HeidiSQL 10.1.0.5464 (HKLM\...\HeidiSQL_is1) (Version: 10.1 - Ansgar Becker)
HP DeskJet 2600 series Basic Device Software (HKLM\...\{8DA7A239-79C2-49FC-826B-DD26A559FF60}) (Version: 43.2.2474.17192 - HP Inc.)
HP DeskJet 2600 series Help (HKLM-x32\...\{9A36A9D9-787C-4E75-914B-CF133FA88FC9}) (Version: 44.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{C68BD3B6-3CC4-4871-94D1-3412A571001F}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{763E42DC-F6DB-49E5-AAFD-CC3273F858CB}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{1E02EFE9-1EDB-4EE4-B02F-1B23C9AF3CD5}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{ADA6C223-3EEA-4CAF-822A-5380A7A40342}) (Version: 36.0.100.66344 - HP)
HP OneDrive Plugin (HKLM-x32\...\{16DB1A9B-1180-43E7-BE29-7201EE339206}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1F73FB9B-71BC-47F8-8AA6-DA9076E4E52B}) (Version: 43.0.0.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
Java 10.0.2 (64-bit) (HKLM\...\{EECB2736-D013-5AC5-9917-7656712F6931}) (Version: 10.0.2.0 - Oracle Corporation)
Java SE Development Kit 7 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Java SE Development Kit 8 Update 111 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180111}) (Version: 8.0.1110.14 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.2 (64-bit) (HKLM\...\{71307D56-8005-5F5E-9227-BFA2754D6E54}) (Version: 10.0.2.0 - Oracle Corporation)
JetBrains PhpStorm 2018.2.4 (HKLM-x32\...\PhpStorm 2018.2.4) (Version: 182.4505.42 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
K-Lite Mega Codec Pack 14.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.5 - KLCP)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Magic Video Converter 12.1.11.2 (HKLM-x32\...\Magic Video Converter_is1) (Version: - )
Mendeley Desktop 1.17.12 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.12 - Mendeley Ltd.)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneNote 2016 pre študentov a domácnosti - sk-sk (HKLM\...\OneNoteFreeRetail - sk-sk) (Version: 16.0.12527.21236 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.28.2 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.3.2217.1010 - Microsoft Corporation)
MKVToolNix 6.5.0 (HKLM-x32\...\MKVToolNix) (Version: 6.5.0 - Moritz Bunkus)
MobiKin Doctor for Android (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MobiKin Doctor for Android) (Version: 3.1.13 - MobiKin)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 82.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 82.0.2 (x86 sk)) (Version: 82.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nero 7 Premium (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51051}) (Version: 7.02.6446 - Nero AG)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.6 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PIXresizer (HKLM-x32\...\PIXresizer_is1) (Version: 2.0.8 - Bluefive software)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Product Improvement Study for HP Deskjet 1510 series (HKLM\...\{EC27E742-EB04-4A2C-BA64-20271929528A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Product Improvement Study for HP DeskJet 2600 series (HKLM\...\{DF44980B-A87A-4945-937A-4812C29F4F32}) (Version: 43.2.2474.17192 - HP Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.1.312 - Jan Fiala)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Sonic Foundry Preset Manager 1.0 (HKLM-x32\...\{7266C898-F9CB-4122-9452-2AA1DACE245E}) (Version: 1.0.73 - Sonic Foundry)
SourceTree (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\SourceTree) (Version: 3.3.9 - Atlassian)
Sparx Systems Keystore Service (HKLM-x32\...\{F2043888-7783-4936-9B63-3B33FDB9EC4D}) (Version: 2.2.5 - Sparx Systems Pty Ltd)
STATISTICA 12.5.192.5 64-bit (HKLM\...\{BA4824C0-D7E0-B895-0692-DC95D557E10A}) (Version: 12.5.192.5 - StatSoft, Inc.)
STATNOVAPDF (novaPDF 7.7 printer) (HKLM\...\STATNOVAPDF_is1) (Version: - Softland)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\TimeAdjuster) (Version: - IrekSoftware.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
UltData - Windows 7.1.0.18 (HKLM-x32\...\{UltData - Windows}_is1) (Version: 7.1.0.18 - Tenorshare, Inc.)
Unity 2019.2.0b5 (HKLM-x32\...\Unity 2019.2.0b5) (Version: 2019.2.0b5 - Unity Technologies ApS)
Unity Hub 2.1.3 (HKLM\...\Unity Technologies - Hub) (Version: 2.1.3 - Unity Technologies Inc.)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{ECBF7F4D-CD2F-4B70-9060-A2C69AD26F9E}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
VdhCoApp 1.2.2 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VideoProc (HKLM-x32\...\VideoProc) (Version: 3.5 - Digiarty, Inc.)
Visual Studio Community 2017 (HKLM-x32\...\06e29a39) (Version: 15.9.28307.905 - Microsoft Corporation)
Visual Studio Community 2019 (HKLM-x32\...\bd67fa66) (Version: 16.3.29424.173 - Microsoft Corporation)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VS Script Debugging Common (HKLM\...\{D8B26CBD-15D2-440B-BCBD-5616D74EFC7D}) (Version: 16.0.98.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{D19BAD98-BFDD-4C70-B66C-EE75F851B9BC}) (Version: 16.3.29311 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{DBA97C17-13F0-407B-8BC4-0C2E01A298A5}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{AD3B73B9-D5C8-4FF9-AB73-7A1DC39F3E02}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{692A0FB3-E6A2-4D41-AC03-4136B4312DC0}) (Version: 16.3.29209 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{6B065DCD-E730-4FCE-905D-2B3F30A91110}) (Version: 16.3.29230 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{EC04CD66-C03A-470D-B0D2-4BBC87F6382D}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
Web Accessibility Toolbar 2.0 (HKLM-x32\...\Accessibility Toolbar_is1) (Version: 2.03.0 - Web Accessibility Tools Consortium (WAT-C))
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 5.00 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare Video Converter Ultimate(Build 10.5.0.204) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.5.0.204 - Wondershare Software)
Wondershare Video Converter Ultimate(Build 6.0.3.2) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.0.3.2 - Wondershare Software)
XAMPP (HKLM-x32\...\xampp) (Version: 7.2.10-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2019-05-02] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-04-21] (Notepad++ -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers1: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2012-11-20] (Wondershare Software Co., Ltd. -> )
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2013-09-17] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Record To CD] -> {34F4B935-17DC-4885-8BC9-CCD1ADF42F93} => C:\Program Files\Alex Feinman\ISO Recorder\ISORecorder.dll [2010-06-08] (Alex Feinman) [File not signed]
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-02-11] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Create ISO Image from directory] -> {34F4B935-17DC-4885-8BC9-CCD1ADF42F93} => C:\Program Files\Alex Feinman\ISO Recorder\ISORecorder.dll [2010-06-08] (Alex Feinman) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2020-03-07] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1572061999-2087841598-3217571495-1000: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [70712 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [25640 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [70200 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2008-11-24] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2008-11-24] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2008-11-24] (NCT Company) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2008-11-24] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2008-11-24] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2008-11-24] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [66104 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [23080 2013-08-05] (Bandisoft -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [66104 2013-08-05] (Bandisoft -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Brano\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-04-22 12:13 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-04-22 12:13 - 2017-03-23 08:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2013-08-30 01:49 - 2013-08-30 01:49 - 000103424 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2017-09-28 15:52 - 2017-09-28 15:52 - 000128000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DXGIDebug.dll
2010-11-21 04:24 - 2013-12-19 20:33 - 001008640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2010-11-21 04:24 - 2013-12-19 20:33 - 000833024 _____ (Microsoft Corporation) [File not signed] C:\Windows\syswow64\USER32.dll
2019-03-09 17:11 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2018-01-12 09:32 - 2017-05-23 13:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2018-01-12 09:32 - 2017-05-23 13:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2019-03-09 17:11 - 2017-06-21 09:24 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2019-03-09 17:11 - 2017-06-21 09:24 - 000198144 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll
2019-04-22 12:13 - 2017-03-23 08:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.sk
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2019-05-05] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files\StatSoft\STATISTICA 12\StaBHO.dll [2014-04-19] (StatSoft, Inc. -> StatSoft, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2019-05-05] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: STATISTICA Browser Helper -> {990A8747-93BF-4EF7-B72E-94A6884B98C2} -> C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll [2014-04-18] (StatSoft, Inc. -> StatSoft, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-10-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - Web Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files (x86)\Accessibility_Toolbar\Accessibility_Toolbar.dll [2007-06-19] (NILS Accessible Information Solutions) [File not signed]
Toolbar: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> No Name - {11352A67-0178-46B1-8855-D50B2F81C054} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-05-22 13:40 - 000000826 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\VDownloader;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Git\cmd;C:\xampp\php
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brano\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^Users^Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do aplikácie OneNote.lnk => C:\Windows\pss\Odoslanie do aplikácie OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brano^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odoslanie do programu OneNote.lnk => C:\Windows\pss\Odoslanie do programu OneNote.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: uTorrent => "C:\Users\Brano\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D21B1771-2522-4491-B7A9-CADA137FAB33}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7013C732-79A0-4166-8C32-FF5F279992E7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{81EA731B-2141-4DD3-9739-7002AE39C819}] => (Allow) LPort=2869
FirewallRules: [{1FD47E96-0F51-4272-BC53-85810245B588}] => (Allow) LPort=1900
FirewallRules: [{1328E9CB-4665-4C27-BEF0-48157B231204}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1984EEB3-357C-4403-AF31-82115796A1C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6BC82C89-EF94-4205-90AA-78A57D42CC2A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB3D65B-EFAC-41CB-87EE-F7E0CAE1DE4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ACF18DC0-B385-40A4-9A8A-E0F912113193}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D45DDDE6-B05D-4300-99EB-1F69731A5380}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5339F94B-2FEE-4088-80EE-7BDA611C2B0C}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{845793B6-51AD-440E-A04A-5E6F8EC1CBEB}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{EB009958-651C-49D6-A31B-CC34C58BC010}] => (Allow) LPort=5357
FirewallRules: [{AB5DC447-2A99-45AF-BFA4-4121CFACFD31}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{26E0A095-01D0-430A-BA5E-736CA96FF0A4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{18CC0322-FF19-492B-AFE9-6097B8931B23}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{18971426-E9DA-4512-ADBA-1AB480A7EF5E}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [UDP Query User{8D62D761-74A4-4B31-B334-D57ECD411C25}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> )
FirewallRules: [TCP Query User{C066FC4A-6062-4C3C-AEE2-1CDEDE4BCE3B}C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe
FirewallRules: [UDP Query User{2EB691A6-27AB-4E01-AB2D-6A05F0B57D09}C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_33956269\javaw.exe
FirewallRules: [TCP Query User{0F5BA401-5B5A-441D-8281-306D939663D0}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{CD348FCD-B073-412B-97E9-A334B0F0B99F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{32357E38-D5CD-4CB7-8446-2776D1BA8DA3}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [File not signed]
FirewallRules: [UDP Query User{AA5DE1E0-9F4A-47C8-B7AC-AB3A383AC2D9}C:\xampp\filezillaftp\filezillaserver.exe] => (Block) C:\xampp\filezillaftp\filezillaserver.exe (FileZilla Project) [File not signed]
FirewallRules: [TCP Query User{BFB8D076-53D2-40D4-B0B4-3B019DF4545C}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{D312778A-E90D-4C5B-A1B3-25230A5ADCD2}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{1733422F-A960-4A29-AD7C-9BEF581DBB5C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{288EA8B1-370F-41E0-A944-500459ECC311}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CD136CA1-536B-4858-A648-9207F380F2BF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5ED74209-4945-4194-9871-512FE127DCA3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B93E31C-D226-43C7-B3A2-402C85446F38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8F6D240D-7EA5-4A17-ABFE-C7BCB26BDA12}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{33272BC3-EB1B-482A-88E6-21EE1C0BBE27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{A792A035-3B2B-4244-BE9D-BE6FE1EB1EA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Day of Defeat Source\hl2.exe (Valve -> )
FirewallRules: [{4D59EE0F-B3B5-4A6B-85B8-5FAD66714C3E}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [TCP Query User{007FBBDB-0B0F-4088-9E9F-7B4F6FEE5144}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [UDP Query User{879029F2-381D-4E5B-8314-3096E383852A}C:\program files\unity hub\unity hub.exe] => (Allow) C:\program files\unity hub\unity hub.exe (Unity Technologies SF -> Unity Technologies Inc.)
FirewallRules: [{CD1A30BE-791A-4A60-B016-9D5D4BF38CF6}] => (Allow) C:\Program Files\Unity\Hub\Editor\2019.2.0b5\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [{82ED7ED6-63E9-4AAE-B312-DC5F38BFDEB6}] => (Block) C:\Program Files\Unity\Hub\Editor\2019.2.0b5\Editor\Unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{67A09A73-CB53-445C-ABDC-D2B9FCF6A6FB}C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [UDP Query User{67AF297A-5066-451F-B3DC-9C0AD8540F9A}C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe] => (Allow) C:\program files\unity\hub\editor\2019.2.0b5\editor\unity.exe (Unity Technologies Aps -> Unity Technologies ApS)
FirewallRules: [TCP Query User{687EAE79-40B2-4441-AA44-44608AEA369B}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{DF5E86FE-BF94-4EF6-8F8D-9613D3BC8A28}C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2017\community\common7\ide\devenv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4CF2952D-B9B3-438E-BB89-569A7876A1E5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{5FD36215-D857-4D03-960F-C9D92C586111}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{850BD309-3F3F-41F1-9EA4-BDE09ADACF3A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{1DD1E010-622F-4AF1-B0D3-ADABB737461F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{A1159810-3E9D-4A00-AF3E-7C78DC29B5FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{391AA469-8C15-480D-B2E2-F1B85086867B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{06F771F2-1999-4DC2-8370-C86F6E843875}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{A276FD26-8714-49DA-A800-8CF421098C3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{4F087E74-5FBE-4E99-A172-563CA6999866}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

29-10-2020 17:58:08 Plánovaný kontrolný bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/31/2020 09:19:13 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-07T08:13:13Z. Error Code: 0x80041321.

Error: (10/31/2020 09:15:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/31/2020 09:15:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/31/2020 09:10:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/31/2020 08:42:22 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2020-11-07T07:32:22Z. Error Code: 0x80041321.

Error: (10/31/2020 08:34:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/31/2020 08:34:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/31/2020 08:28:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

System errors:
=============
Error: (10/31/2020 09:09:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
edevmon
prodrv06
prohlp02
prosync1
sfhlp01

Error: (10/31/2020 09:08:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby MBAMChameleon zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.

Error: (10/31/2020 09:08:22 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/31/2020 09:07:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Media Player - služba zdieľania v sieti zlyhalo kvôli nasledujúcej chybe:
Pretože zlyhalo prihlásenie, službu sa nepodarilo spustiť.

Error: (10/31/2020 09:07:57 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe WMPNetworkSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako NT AUTHORITY\NetworkService kvôli nasledujúcej chybe:
Požiadavka nie je podporovaná.

Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).

Error: (10/31/2020 09:07:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (10/31/2020 09:07:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player - služba zdieľania v sieti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (10/31/2020 09:07:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Windows Defender:
===================================
Date: 2014-07-09 17:33:24.219
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:26:00.305
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:18:42.187
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.
Signature version:1.169.394.0
Engine version:1.1.10201.0

Date: 2014-07-09 17:18:36.747
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:Systém nemôže nájsť zadaný súbor.
Signature version:0.0.0.0
Engine version:0.0.0.0

CodeIntegrity:
===================================

Date: 2020-10-26 17:24:16.653
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:16.606
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:15.701
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 17:24:15.654
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:03.801
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:03.754
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:02.771
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-26 15:42:02.693
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 5301 10/10/2012
Motherboard: ASUSTeK COMPUTER INC. F2A55
Processor: AMD Athlon(tm) X4 740 Quad Core Processor
Percentage of memory in use: 44%
Total physical RAM: 12240.01 MB
Available physical RAM: 6783.05 MB
Total Virtual: 24478.22 MB
Available Virtual: 17798.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:143.86 GB) NTFS

\\?\Volume{e3d1d243-6853-11e3-8e4f-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DDF9D34A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#12 Příspěvek od **Rudy** » 03 lis 2020 10:24

Potřebuji vidět obsah souboru fixlog.txt. Měl by být ve stejném adresáři.

branno · #13 Příspěvek od **branno** » 03 lis 2020 20:18

Nech sa paci:

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2020
Ran by Brano (02-11-2020 22:59:37) Run:3
Running from C:\Users\Brano\Downloads
Loaded Profiles: Brano
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Windows\AutoKMS
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {003ea3d3-2aa6-11e4-afed-08606e8674f7} - E:\Startme.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {09e382df-f190-11e9-9abb-08606e8674f7} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {9e493240-6f1d-11e5-b102-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {b52b1a40-689a-11e3-b963-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\...\MountPoints2: {df8de1ea-d312-11e9-a8d5-08606e8674f7} - G:\Setup.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {02802E82-0A48-4E6F-AFCB-5FB450C74309} - System32\Tasks\{C84DF89B-871E-440B-8E9B-BDECE65199C4} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\Instaluj.cz - 18054.exe" -d C:\Users\Brano\Downloads
Task: {09AC0BE8-1CD6-47A9-B238-82E0E676DD59} - System32\Tasks\GoogleUpdateTaskMachineCore1d042dc124dc7db => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {43BEF70E-7D7D-4844-80F7-DD54EC6A612A} - System32\Tasks\{DED9697D-1B88-4E5D-BC6B-283BA8F77FCB} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\cdbremse149.exe -d C:\Users\Brano\Downloads
Task: {444EE762-E700-43C5-AAA6-1E6B77ADB65F} - System32\Tasks\{C0FFF6C3-F189-469A-96CE-CF1023355F9D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content\setup.exe" -d "C:\Users\Brano\Downloads\GTA IV\GTAIV_PC_Patch1\Content"
Task: {478C3314-719B-4268-AC6B-76F41366753D} - System32\Tasks\{65F998B0-31C9-4897-81A5-C23132EBB797} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6\SETUP.EXE" -d "C:\Users\Brano\Desktop\StatSoft Statistica 12.5\INSTALL6"
Task: {7BEC0D92-4600-4FCD-8F1D-762A0E1A0CC8} - System32\Tasks\{FDCFB939-C3C8-4E2C-AA87-30D7C63DB24C} => C:\Windows\system32\pcalua.exe -a F:\crack\crack\crack.exe -d F:\crack\crack
F:\crack\crack\crack.exe
Task: {962D6EB6-5306-4D7F-8068-FD78EDFD8B26} - System32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {AF10A9F9-D562-4C90-B5A4-13384DB689D3} - System32\Tasks\GoogleUpdateTaskMachineUA1cfffe641e69724 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {B25DAD4D-AA08-4D93-9F4F-30626FAF15E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {CC66F365-810F-49E4-82A7-1CAAC6AB7A47} - System32\Tasks\{E7B74B5B-714F-413B-96C8-B96B5097D740} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\NetBeans 7.3.1\uninstall.exe"
Task: {D470150A-A015-4744-905F-E80EF2BF96B1} - System32\Tasks\{5CEF075C-C815-44AA-B567-3E1ADA22EC10} => C:\Windows\system32\pcalua.exe -a "C:\Users\Brano\Downloads\GTA IV\GTA IV �e�tina.exe" -d "C:\Users\Brano\Downloads\GTA IV"
Task: {EB4235C3-D593-49CE-90C0-93636392E569} - System32\Tasks\{B8836964-1947-45DC-A13F-730BE3FAEC06} => C:\Windows\system32\pcalua.exe -a C:\Users\Brano\Downloads\WAT20.exe -d C:\Users\Brano\Downloads
Task: {FB5D0226-28C7-4084-9DAD-B72FAAF9E695} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4ab95ae36ed2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
U3 ah2iil13; C:\Windows\System32\Drivers\ah2iil13.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\Windows\system32\Tasks\AutoKMS
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => -> No File
ContextMenuHandlers1: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers2: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers3: [AdAwareContextMenu] -> {5B64240D-5B36-4B9F-A75F-4925B6A53D5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [SysPlayerMenuExt] -> {F6607505-0E5B-47E6-809E-EAEE53F1E4D7} => -> No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
SearchScopes: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM ... -SearchBox
Toolbar: HKU\S-1-5-21-1572061999-2087841598-3217571495-1000 -> No Name - {11352A67-0178-46B1-8855-D50B2F81C054} - No File

EmptyTemp:
End
*****************

Processes closed successfully.
"C:\Windows\AutoKMS" => not found
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{003ea3d3-2aa6-11e4-afed-08606e8674f7} => not found
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{09e382df-f190-11e9-9abb-08606e8674f7} => not found
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9e493240-6f1d-11e5-b102-806e6f6e6963} => not found
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b52b1a40-689a-11e3-b963-806e6f6e6963} => not found
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df8de1ea-d312-11e9-a8d5-08606e8674f7} => not found
HKLM\SOFTWARE\Policies\Mozilla => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02802E82-0A48-4E6F-AFCB-5FB450C74309}" => not found
"C:\Windows\System32\Tasks\{C84DF89B-871E-440B-8E9B-BDECE65199C4}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C84DF89B-871E-440B-8E9B-BDECE65199C4}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09AC0BE8-1CD6-47A9-B238-82E0E676DD59}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d042dc124dc7db" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d042dc124dc7db" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43BEF70E-7D7D-4844-80F7-DD54EC6A612A}" => not found
"C:\Windows\System32\Tasks\{DED9697D-1B88-4E5D-BC6B-283BA8F77FCB}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DED9697D-1B88-4E5D-BC6B-283BA8F77FCB}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{444EE762-E700-43C5-AAA6-1E6B77ADB65F}" => not found
"C:\Windows\System32\Tasks\{C0FFF6C3-F189-469A-96CE-CF1023355F9D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C0FFF6C3-F189-469A-96CE-CF1023355F9D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{478C3314-719B-4268-AC6B-76F41366753D}" => not found
"C:\Windows\System32\Tasks\{65F998B0-31C9-4897-81A5-C23132EBB797}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{65F998B0-31C9-4897-81A5-C23132EBB797}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BEC0D92-4600-4FCD-8F1D-762A0E1A0CC8}" => not found
"C:\Windows\System32\Tasks\{FDCFB939-C3C8-4E2C-AA87-30D7C63DB24C}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FDCFB939-C3C8-4E2C-AA87-30D7C63DB24C}" => not found
"F:\crack\crack\crack.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{962D6EB6-5306-4D7F-8068-FD78EDFD8B26}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d08fcd839de28e" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF10A9F9-D562-4C90-B5A4-13384DB689D3}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfffe641e69724" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1cfffe641e69724" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B25DAD4D-AA08-4D93-9F4F-30626FAF15E6}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d08fcd82e08338" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC66F365-810F-49E4-82A7-1CAAC6AB7A47}" => not found
"C:\Windows\System32\Tasks\{E7B74B5B-714F-413B-96C8-B96B5097D740}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E7B74B5B-714F-413B-96C8-B96B5097D740}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D470150A-A015-4744-905F-E80EF2BF96B1}" => not found
"C:\Windows\System32\Tasks\{5CEF075C-C815-44AA-B567-3E1ADA22EC10}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5CEF075C-C815-44AA-B567-3E1ADA22EC10}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB4235C3-D593-49CE-90C0-93636392E569}" => not found
"C:\Windows\System32\Tasks\{B8836964-1947-45DC-A13F-730BE3FAEC06}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B8836964-1947-45DC-A13F-730BE3FAEC06}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB5D0226-28C7-4084-9DAD-B72FAAF9E695}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf4ab95ae36ed2" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1cf4ab95ae36ed2" => not found
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => not found
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}" => not found
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf => not found
ah2iil13 => service not found.
"C:\Windows\system32\Tasks\AutoKMS" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d08fcd839de28e" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d08fcd82e08338" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MRAICQCMenu => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SysPlayerMenuExt => not found
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AdAwareContextMenu => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\AdAwareContextMenu => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SysPlayerMenuExt => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SysPlayerMenuExt => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
"HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-1572061999-2087841598-3217571495-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{11352A67-0178-46B1-8855-D50B2F81C054}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3152288 B
Java, Flash, Steam htmlcache => 8863407 B
Windows/system/drivers => 35116 B
Edge => 0 B
Chrome => 0 B
Firefox => 7356419 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 1446 B
Brano => 28462542434 B
Oco => 28471290150 B

RecycleBin => 2722507 B
EmptyTemp: => 53.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 23:38:03 ====

#14 Příspěvek od **Rudy** » 03 lis 2020 20:57

Smazáno. Nastala nějaká změna?

branno · #15 Příspěvek od **branno** » 04 lis 2020 22:05

Skor mam pocit, ze problem pretrevava :/
Po zapnuti pc 3 gb ram pamate vytazene, a to si pri spusteni vypinam zbytocne aplikacie.
Ked si pozriem spravcu uloh a spustene procesy, tak tie ani tolko pamate nevytazuju.

Aktualne mam len prehliadac zapnuty a vyse 4 gb z ram pamate je fuc

VIRY.CZ

Vytazenie RAM pamate

Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate

Re: Vytazenie RAM pamate