Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu (cryptominer.gen)

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
brendon_pk
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 12 črc 2007 07:40
Kontaktovat uživatele:

Prosim o kontrolu (cryptominer.gen)

#1 Příspěvek od brendon_pk »

Pekný večer prajem. Asi sa mi niečo dostalo do PC lebo stále antivirak Avira vypisuje detekovaní CryptoMiner.gen

Vopred ďakujem za pomoc.
Vypis:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.09.2018
Ran by Braňo (administrator) on BRAŇO-PC (25-09-2018 21:50:37)
Running from E:\Instal
Loaded Profiles: Braňo (Available Profiles: Braňo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AddGadgets) E:\Prevzaté súbory\PCMeter\PCMeterV4\PCMeterV0.4.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BitTorrent, Inc.) E:\Programy\uTorrent\utorrent.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Windows\tsnpstd3.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
() E:\Programy\VirtualDub-1.10.4-AMD64-mp4\Veedub64.exe
(XnView, hxxp://www.xnview.com) C:\Program Files (x86)\XnView\xnview.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [262144 2006-06-19] ()
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3753280 2018-09-11] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [uTorrent] => E:\Programy\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [Google Update] => C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-18] (Google Inc.)
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46281248 2018-05-30] ()
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [643200 2017-09-26] ()
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [568904 2016-12-02] (ZONER software)
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\MountPoints2: {bd849ed5-f0fb-11e4-a36a-448a5bcda3c0} - Y:\autorun.exe V

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{2C55A034-B488-45DC-9AB6-0432B6B8A294}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FFAD67CB-4F88-4666-97DE-3BA6775E63BE}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ssy3ox7w.default-1516468971952
FF ProfilePath: C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952 [2018-09-25]
FF Session Restore: Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952 -> is enabled.
FF Extension: (Porn block) - C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952\Extensions\porn@vietbacsecurity.com.xpi [2018-01-27]
FF Extension: (uBlock Origin) - C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952\Extensions\uBlock0@raymondhill.net.xpi [2018-09-23]
FF Extension: (Firefox Monitor) - C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952\features\{91ef8349-aa4d-4b12-b521-fedba8c47329}\fxmonitor@mozilla.org.xpi [2018-09-22]
FF Extension: (Telemetry coverage) - C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952\features\{91ef8349-aa4d-4b12-b521-fedba8c47329}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-22] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-23] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1326493287-2803476095-4076014435-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Braňo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1326493287-2803476095-4076014435-1000: @talk.google.com/O1DPlugin -> C:\Users\Braňo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1326493287-2803476095-4076014435-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1326493287-2803476095-4076014435-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Braňo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Braňo\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
StartMenuInternet: Firefox-41C8AC8658796509 - C:\Users\Braňo\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default [2018-09-25]
CHR Extension: (Dokumenty) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-08]
CHR Extension: (YouTube) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-29]
CHR Extension: (Google Search) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Avira Browser Safety) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-07-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-08-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-15]
CHR Extension: (Gmail) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]
CHR Extension: (Chrome Media Router) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-09-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-09-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-09-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-09-08] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-28] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-09-11] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\Programy\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2013-01-25] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-29] (Intel(R) Corporation)
R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe [768320 2016-08-08] (YANDEX LLC)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199920 2018-07-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153040 2018-07-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-08] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-18] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
U0 aswVmm; no ImagePath
R3 WinRing0_1_2_0; \??\C:\Users\Braňo\AppData\Local\Temp\tmpB672.tmp [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-13 22:37 - 2018-09-13 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-09-13 19:50 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-09-13 19:50 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-09-13 19:50 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-09-13 19:50 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-09-13 19:50 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-09-13 19:50 - 2018-08-24 21:47 - 000398424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-13 19:50 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-09-13 19:50 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-13 19:50 - 2018-08-24 00:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-13 19:50 - 2018-08-24 00:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-13 19:50 - 2018-08-24 00:45 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-13 19:50 - 2018-08-24 00:44 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-13 19:50 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-13 19:50 - 2018-08-24 00:43 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-13 19:50 - 2018-08-24 00:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-13 19:50 - 2018-08-24 00:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-13 19:50 - 2018-08-24 00:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-13 19:50 - 2018-08-24 00:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-13 19:50 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-13 19:50 - 2018-08-24 00:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-13 19:50 - 2018-08-24 00:33 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-13 19:50 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-13 19:50 - 2018-08-24 00:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-13 19:50 - 2018-08-24 00:33 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-13 19:50 - 2018-08-24 00:27 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-13 19:50 - 2018-08-24 00:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-13 19:50 - 2018-08-24 00:19 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-13 19:50 - 2018-08-24 00:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-13 19:50 - 2018-08-24 00:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-13 19:50 - 2018-08-24 00:15 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-13 19:50 - 2018-08-24 00:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-13 19:50 - 2018-08-24 00:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-13 19:50 - 2018-08-24 00:12 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-13 19:50 - 2018-08-24 00:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-13 19:50 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-13 19:50 - 2018-08-24 00:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-13 19:50 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-13 19:50 - 2018-08-23 23:59 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-13 19:50 - 2018-08-23 23:59 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-13 19:50 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-13 19:50 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-13 19:50 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-13 19:50 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-09-13 19:50 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-09-13 19:50 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-09-13 19:50 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-09-13 19:50 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-09-13 19:50 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-09-13 19:50 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-09-13 19:50 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-09-13 19:50 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-09-13 19:50 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-09-13 19:50 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-09-13 19:50 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-09-13 19:50 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-09-13 19:50 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-09-13 19:50 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-09-13 19:50 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-09-13 19:50 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-09-13 19:50 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-09-13 19:50 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-09-13 19:50 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-09-13 19:50 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-09-13 19:50 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-09-13 19:50 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-09-13 19:50 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-09-13 19:50 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-09-13 19:50 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-09-13 19:50 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-09-13 19:50 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-09-13 19:50 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-09-13 19:50 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-09-13 19:50 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-09-13 19:50 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-09-13 19:50 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-09-13 19:50 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-09-13 19:50 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-13 19:50 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-13 19:50 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-13 19:50 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-09-13 19:50 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-09-13 19:50 - 2018-08-10 17:59 - 005552816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-13 19:50 - 2018-08-10 17:59 - 000154800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-13 19:50 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-13 19:50 - 2018-08-10 17:58 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-13 19:50 - 2018-08-10 17:58 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-13 19:50 - 2018-08-10 17:57 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-09-13 19:50 - 2018-08-10 17:57 - 000631624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-09-13 19:50 - 2018-08-10 17:56 - 001664296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-09-13 19:50 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-09-13 19:50 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-09-13 19:50 - 2018-08-10 17:42 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-09-13 19:50 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-09-13 19:50 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-09-13 19:50 - 2018-08-10 17:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-13 19:50 - 2018-08-10 17:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-13 19:50 - 2018-08-10 17:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-13 19:50 - 2018-08-10 17:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-13 19:50 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-09-13 19:50 - 2018-08-10 17:17 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-09-13 19:50 - 2018-08-10 17:17 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-13 19:50 - 2018-08-10 17:17 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-13 19:50 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-09-13 19:50 - 2018-08-10 17:13 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-13 19:50 - 2018-08-10 17:13 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-13 19:50 - 2018-08-10 17:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-13 19:50 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-09-13 19:50 - 2018-08-10 17:12 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-13 19:50 - 2018-08-10 17:12 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-13 19:50 - 2018-08-10 17:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-13 19:50 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-13 19:50 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-13 19:50 - 2018-08-10 17:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-13 19:50 - 2018-08-10 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-09-13 19:50 - 2018-08-10 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-09-13 19:50 - 2018-08-10 17:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-09-13 19:50 - 2018-08-10 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-09-13 19:50 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-09-13 19:50 - 2018-08-10 17:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-09-13 19:50 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-09-13 19:50 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-09-13 19:50 - 2018-06-27 15:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-09-13 19:50 - 2018-06-27 15:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-09-11 13:54 - 2018-09-11 13:54 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-09-11 13:54 - 2018-09-11 13:54 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-09-11 13:54 - 2018-09-11 13:54 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-08-28 20:20 - 2018-08-28 20:20 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-25 21:51 - 2017-08-28 23:26 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-09-25 21:50 - 2016-11-13 16:50 - 000000452 _____ C:\Windows\Tasks\Yandex Browser system update.job
2018-09-25 21:50 - 2015-07-06 20:08 - 000000000 ____D C:\FRST
2018-09-25 21:42 - 2016-11-19 16:00 - 000000000 ____D C:\Users\Braňo\AppData\LocalLow\Mozilla
2018-09-25 21:42 - 2016-11-18 23:36 - 000000000 ____D C:\Users\Braňo\AppData\Roaming\TeamViewer
2018-09-25 21:42 - 2016-10-05 12:42 - 000000000 ____D C:\Users\Braňo\AppData\Roaming\FileZilla
2018-09-25 21:41 - 2016-10-05 12:42 - 000000000 ____D C:\Users\Braňo\AppData\Local\CrashDumps
2018-09-25 21:41 - 2015-10-25 21:16 - 000000000 ____D C:\Windows\Minidump
2018-09-25 21:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-25 21:34 - 2015-03-23 00:15 - 000000000 ____D C:\Users\Braňo\AppData\Roaming\XnView
2018-09-25 21:00 - 2018-01-28 20:00 - 000024464 _____ C:\Users\Braňo\Network_Meter_Data.js
2018-09-25 20:32 - 2017-09-19 21:21 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-25 20:19 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-25 20:19 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-25 20:17 - 2009-07-14 07:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-25 20:12 - 2018-01-29 19:57 - 000029505 _____ C:\Users\Braňo\IP_Log_Data.js
2018-09-25 20:12 - 2017-08-28 23:26 - 000000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-09-25 20:11 - 2018-01-20 19:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-25 20:11 - 2016-11-13 16:50 - 000003544 _____ C:\Windows\System32\Tasks\Yandex Browser system update
2018-09-25 20:11 - 2016-11-08 14:37 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-09-25 20:11 - 2015-03-22 22:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-25 20:11 - 2015-03-22 22:01 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-25 20:11 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-25 20:10 - 2015-03-22 22:02 - 000000030 _____ C:\Users\Braňo\AppData\Roaming\Network Meter_Usage.ini
2018-09-22 10:46 - 2017-08-28 23:26 - 000003902 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 10:46 - 2017-08-28 23:26 - 000003650 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-20 18:02 - 2018-02-06 19:04 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-20 18:02 - 2018-02-06 19:04 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-20 16:37 - 2015-03-22 21:33 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-16 20:58 - 2015-03-24 22:23 - 000081408 _____ C:\Users\Braňo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-14 19:25 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-09-14 16:34 - 2015-03-24 20:44 - 000000000 ____D C:\Users\Braňo\AppData\Roaming\HandBrake
2018-09-13 22:37 - 2017-08-28 23:26 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-09-13 20:02 - 2015-03-22 23:05 - 000000000 ____D C:\Windows\system32\MRT
2018-09-13 19:58 - 2017-01-09 16:58 - 000004450 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-09-13 19:58 - 2015-06-14 18:22 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-13 19:58 - 2015-03-22 23:44 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-13 19:58 - 2015-03-22 23:44 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-13 19:58 - 2015-03-22 23:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-13 19:58 - 2015-03-22 23:44 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-13 19:54 - 2015-03-22 23:05 - 139184408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-13 19:51 - 2015-03-22 21:28 - 000766336 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-09-13 19:50 - 2018-03-13 20:50 - 000004462 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-08 18:53 - 2015-07-06 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-02 20:56 - 2015-08-01 20:40 - 000000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2018-01-29 19:57 - 2018-09-25 20:12 - 000029505 _____ () C:\Users\Braňo\IP_Log_Data.js
2018-01-28 20:00 - 2018-09-25 21:00 - 000024464 _____ () C:\Users\Braňo\Network_Meter_Data.js
2016-10-10 14:25 - 2017-07-16 19:42 - 000000132 _____ () C:\Users\Braňo\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-03-22 21:58 - 2015-03-22 22:22 - 000000624 _____ () C:\Users\Braňo\AppData\Roaming\All CPU MeterV3_Settings.ini
2015-03-22 21:58 - 2015-03-25 23:58 - 000000294 _____ () C:\Users\Braňo\AppData\Roaming\GPU MeterV2_Settings.ini
2015-03-22 21:59 - 2017-03-13 23:12 - 000001308 _____ () C:\Users\Braňo\AppData\Roaming\Network Meter_Settings.ini
2015-03-22 22:02 - 2018-09-25 20:10 - 000000030 _____ () C:\Users\Braňo\AppData\Roaming\Network Meter_Usage.ini
2015-03-24 22:23 - 2018-09-16 20:58 - 000081408 _____ () C:\Users\Braňo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-02 12:31 - 2018-06-01 20:00 - 000000600 _____ () C:\Users\Braňo\AppData\Local\PUTTY.RND
2015-03-25 00:07 - 2017-09-16 22:13 - 000007599 _____ () C:\Users\Braňo\AppData\Local\Resmon.ResmonCfg
2016-11-26 22:49 - 2016-12-10 23:06 - 000000037 _____ () C:\Users\Braňo\AppData\Local\X-Plane Installer.prf
2016-11-26 22:49 - 2016-12-10 23:07 - 000000015 _____ () C:\Users\Braňo\AppData\Local\X-Plane_drm_11.prf
2016-11-26 22:14 - 2016-12-10 22:13 - 000000057 _____ () C:\Users\Braňo\AppData\Local\x-plane_install_11.txt

Some files in TEMP:
====================
2018-02-07 00:32 - 2018-02-07 00:32 - 000624128 _____ () C:\Users\Braňo\AppData\Local\Temp\photolab1_splashscreen.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-20 18:54

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018
Ran by Braňo (25-09-2018 21:51:31)
Running from E:\Instal
Windows 7 Home Premium Service Pack 1 (X64) (2015-03-22 19:19:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1326493287-2803476095-4076014435-500 - Administrator - Disabled)
Braňo (S-1-5-21-1326493287-2803476095-4076014435-1000 - Administrator - Enabled) => C:\Users\Braňo
Guest (S-1-5-21-1326493287-2803476095-4076014435-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Any Video Converter 6.0.6 (HKLM-x32\...\Any Video Converter) (Version: 6.0.6 - Anvsoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Auto Mouse Clicker v3.4 (HKLM-x32\...\{E00EA780-9C24-47BA-B9C8-210316D1C461}_is1) (Version: - MurGee Softwares)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.2 - GPL Public release.)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - )
Canon MP Navigator 2.2 (HKLM-x32\...\MP Navigator 2.2) (Version: - )
Canon MP530 (HKLM\...\{3215EBED-1D06-42fb-A05C-A752A46FB24C}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskMark 4.0.3a (HKLM\...\CrystalDiskMark4_is1) (Version: 4.0.3a - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DiskCheckup v3.3 (HKLM-x32\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 57.4.89 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
DxO PhotoLab (HKLM\...\{883D7A53-050B-4B37-BA45-CD125E20F03D}) (Version: 1.1.1 - DxO)
DxO PhotoLab plug-in for Adobe Lightroom (HKLM-x32\...\{91E4E071-DE20-45D9-91A1-F1A3BBD8333A}) (Version: 1.0.38 - DxO Labs)
EaseUS Partition Master 12.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
ffdshow (remove only) (HKLM-x32\...\ffdshow) (Version: - )
FileZilla Client 3.33.0 (HKLM-x32\...\FileZilla Client) (Version: 3.33.0 - Tim Kosse)
Free Auto Clicker 4.1.6 (HKLM-x32\...\Free Auto Clicker_is1) (Version: - FreeAutoClicker Co., Ltd.)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.12.0.84 - NVIDIA Corporation) Hidden
gmax (HKLM-x32\...\{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}) (Version: 4.4.0.125 - Discreet)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Spoločnosť Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version: - Ansgar Becker)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Intel Extreme Tuning Utility (HKLM-x32\...\{2E27A606-77E7-41B0-8C2A-11703585288D}) (Version: 5.1.1.25 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.19 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION
KMPFaster (HKLM-x32\...\simplitec POWER SUITE_is1) (Version: 2.3.2.860 - simplitec GmbH) <==== ATTENTION
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{4847BBB9-EADD-4C92-90BF-4223B0892FF6}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Hyperlapse Pro (HKLM\...\{33503317-BA83-44C8-873E-581B3D8EB837}) (Version: 1.3.5764 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mike Crash's Vegas Filters Uninstall (HKLM-x32\...\Mike Crash Vegas Filters) (Version: - )
Mozilla Firefox 54.0 (x64 sk) (HKLM\...\Mozilla Firefox 54.0 (x64 sk)) (Version: 54.0 - Mozilla)
Mozilla Firefox 57.0.4 (x64 sk) (HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Mozilla Firefox 57.0.4 (x64 sk)) (Version: 57.0.4 - Mozilla)
Mozilla Firefox 62.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 62.0.2 (x64 sk)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version: - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version: - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version: - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version: - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version: - )
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafický ovládač 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{456408C1-3BDE-48CC-9A5A-79B1BB4C4787}) (Version: 4.11.9775 - Apache Software Foundation)
OpenVPN 2.4.4-I601 (HKLM\...\OpenVPN) (Version: 2.4.4-I601 - OpenVPN Technologies, Inc.)
Ovládací panel NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PenguiNet v2.70 (HKLM-x32\...\PenguiNet_is1) (Version: v2.70 - Silicon Circus Ltd.)
Photoshop_CC_2018_01-cz (HKLM\...\{E85E77C2-0DAD-4802-A09C-598D85869454}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
PTGui Pro 10.0.7 (HKLM-x32\...\PTGui) (Version: - New House Internet Services B.V.)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{CCD797F1-171F-4B3A-BD30-4F59F653E1A0}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{F45761DC-2470-47FF-9E9B-F4016568C29A}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{4692B750-DE88-4DCF-9163-745AF5604B24}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.35 - Piriform)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarCam Clip (HKLM-x32\...\{7AEF344E-DB20-4D76-9077-30BD339DFD99}) (Version: 5.16.0.301 - )
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.109 - KMP Media co., Ltd)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50 RC2 (release candidate 2) - C. Ghisler & Co.)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Transiciones Marbuendy (HKLM-x32\...\Transiciones Marbuendy) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 9.0 (64-bit) (HKLM\...\{88EAF577-71FA-46F2-8E42-AEA33E35AFB1}) (Version: 9.0.895 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VueScan x64 (HKLM\...\VueScan x64) (Version: - )
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Watchtower Library - Slovenčina (HKLM-x32\...\{641C691C-7C9F-450D-9B79-57D2DC4D0202}) (Version: 18.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - v slovenčine (HKLM-x32\...\{A2A0612C-7E82-4314-B6BD-18D0C5EC3B04}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - v slovenčine (HKLM-x32\...\{B5248B17-EBF7-4929-B2D1-1B2C059898A6}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Windows 7 Codec Pack 4.1.5 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.1.5 - Windows 7 Codec Pack)
WinRAR 5.21 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XnView 1.96.2 (HKLM-x32\...\XnView_is1) (Version: 1.96.2 - Gougelet Pierre-e)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_SK_is1) (Version: 18.0.1.10 - ZONER software)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1612.2.11 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.4\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-11-02] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-08] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.24.0.dll [2018-09-11] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-08] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {079AC1C2-942A-4E15-82E8-9AC8D4EE6857} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-08] (Avira Operations GmbH & Co. KG)
Task: {0B545657-2B86-4CED-84C1-311FE3EB8AE2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1326493287-2803476095-4076014435-1000Core => C:\Users\Braňo\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-03] (Google Inc.)
Task: {0B75345E-E0DF-494A-9AF1-C1E964695350} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2018-02-19] ()
Task: {18846C5B-F0AC-40F9-9C06-E71680B3C871} - System32\Tasks\{260E8D26-9864-4F72-B8B4-E1EF3E2003C8} => "c:\program files (x86)\internet\firefox mozilla\firefox.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/sk/abandoninstall?page=tsMain
Task: {1FFB6D6D-79BF-4097-A2F7-32D23401667A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {341514AD-D920-4883-ABB5-FE9CADB4C9D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {40D3C55E-EEF1-4A77-8ED6-6FE068AF27B1} - System32\Tasks\PCMeter\Startup => E:\Prevzaté súbory\PCMeter\PCMeterV4\PCMeterV0.4.exe [2015-03-22] (AddGadgets)
Task: {55285FEB-0E83-4CBE-A17D-6FD227BEAE3B} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe [2015-08-28] (simplitec GmbH) <==== ATTENTION
Task: {55FD9D1D-726F-492D-A40D-249955DB7BF0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1326493287-2803476095-4076014435-1000UA => C:\Users\Braňo\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-03] (Google Inc.)
Task: {57D170AF-AD19-46B2-9D1A-5D2531749636} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe [2015-08-28] (simplitec GmbH) <==== ATTENTION
Task: {5ACBA1A3-2B65-4522-9C6D-CF6B3A75488E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6697196E-108D-4AD2-917F-3E5D91ED4B21} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-13] (Adobe Systems Incorporated)
Task: {6ADEE43C-5417-4031-90D3-2678F6FE1743} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-13] (Adobe Systems Incorporated)
Task: {98963144-833F-4389-A456-D4735E950F69} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {A61EE958-003E-4003-B8EF-B6EEB499C727} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-28] (Dropbox, Inc.)
Task: {BA6FD8C0-1B10-422B-94E5-66E6F8B052A3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-13] (Adobe Systems Incorporated)
Task: {C7ECB9A2-057F-4098-AD3B-E48453E14505} - System32\Tasks\Yandex Browser system update => C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe [2016-08-08] (YANDEX LLC)
Task: {CCA4ECF2-CF98-4EED-937D-FDB0BFE26561} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-28] (Dropbox, Inc.)
Task: {CD21B1D0-4FB4-48DF-917B-7936E042A924} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {E4022CB3-DC49-4B2F-B335-D9190A0D987C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-09-24] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Yandex Browser system update.job => C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-01-25 09:12 - 2013-01-25 09:12 - 000248704 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2018-05-07 10:53 - 2018-05-07 10:53 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-03-22 21:57 - 2015-03-22 21:57 - 000012520 _____ () C:\Users\Braňo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2015-03-22 21:57 - 2015-03-22 21:57 - 000015080 _____ () C:\Users\Braňo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2015-03-22 21:57 - 2015-03-22 21:57 - 000014056 _____ () C:\Users\Braňo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2018-05-30 11:03 - 2018-05-30 11:03 - 046281248 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2016-08-23 20:00 - 2006-06-19 11:43 - 000262144 _____ () C:\Windows\tsnpstd3.exe
2017-07-17 19:02 - 2014-11-18 14:44 - 000255072 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
2018-09-25 20:12 - 2018-09-25 20:12 - 000113152 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\_ctypes.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000080896 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\bz2.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 001585152 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\_hashlib.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000128512 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32api.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000137728 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\pywintypes27.dll
2018-09-25 20:12 - 2018-09-25 20:12 - 000548864 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\pythoncom27.dll
2018-09-25 20:12 - 2018-09-25 20:12 - 000689664 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\unicodedata.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000438784 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32com.shell.shell.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 001489408 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\wx._core_.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 001007104 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\wx._gdi_.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 001039872 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\wx._windows_.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 001325056 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\wx._controls_.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000916992 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\wx._misc_.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 001084416 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\pysqlite2._sqlite.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000149504 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32file.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000136192 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32security.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000007680 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\hashobjs_ext.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000020992 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\thumbnails_ext.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000118784 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\usb_ext.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000047616 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\_socket.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 002224640 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\_ssl.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000014848 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\common.time34.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000023040 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32event.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000034304 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\windows.conditional.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000020480 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\windows.winwrap.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000110080 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\windows.volumes.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000223232 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32gui.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000173568 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\_elementtree.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000169472 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\pyexpat.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000048128 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32inet.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000103424 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\wx._html2.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000046080 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\_psutil_windows.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000633272 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\windows._cacheinvalidation.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000011776 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32crypt.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000301568 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\PIL._imaging.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000032256 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\_multiprocessing.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 005458944 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\cello.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000026112 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\_yappi.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000044032 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32process.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000027648 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32pipe.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000010752 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\select.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000029696 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32pdh.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000038400 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\windows.connectivity.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000073216 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\windows.device_monitor.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000020480 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32profile.pyd
2018-09-25 20:12 - 2018-09-25 20:12 - 000026624 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI46122\win32ts.pyd
2017-09-26 03:52 - 2017-09-26 03:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-09-26 12:07 - 2017-09-26 12:07 - 000643200 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2017-09-26 12:07 - 2017-09-26 12:07 - 000226208 _____ () C:\Program Files\OpenVPN\bin\liblzo2-2.dll
2017-09-26 12:07 - 2017-09-26 12:07 - 000128016 _____ () C:\Program Files\OpenVPN\bin\libpkcs11-helper-1.dll
2015-03-28 19:53 - 2013-10-27 17:00 - 004261888 _____ () E:\Programy\VirtualDub-1.10.4-AMD64-mp4\Veedub64.exe
2018-08-16 19:13 - 2018-08-16 19:13 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2018-08-16 19:13 - 2018-08-16 19:13 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2015-04-15 20:23 - 2015-08-27 02:37 - 000011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-09-20 03:42 - 2017-09-20 03:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-07-17 19:02 - 2014-02-13 15:27 - 000222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\traynet.dll
2017-07-17 19:02 - 2014-02-13 15:27 - 000275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\libcurl.dll
2017-07-17 19:02 - 2014-02-13 15:27 - 000113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\zlib1.dll
2017-07-17 19:02 - 2014-02-13 15:27 - 000249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\uexper.dll
2018-09-13 22:37 - 2018-09-11 13:54 - 001113928 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-09-13 22:37 - 2018-09-11 13:54 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-16 17:54 - 2018-09-11 13:57 - 000023888 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:55 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:55 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:54 - 000117272 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-05-16 17:54 - 2018-09-11 13:54 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:54 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-05-16 17:54 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:55 - 000026312 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:57 - 000401608 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:54 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:55 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:57 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000052424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 003822784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-08-01 21:38 - 2018-09-11 13:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:55 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:54 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-11 13:58 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:54 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-16 17:54 - 2018-09-11 13:58 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:55 - 000441672 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-16 17:54 - 2018-09-11 13:58 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-09-13 22:37 - 2018-09-11 13:56 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-16 17:54 - 2018-09-11 13:58 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-09-13 22:37 - 2018-09-11 13:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2017-09-06 19:11 - 2017-09-06 19:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 04:04 - 2017-09-20 04:04 - 000110688 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2017-09-06 19:11 - 2017-09-06 19:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2014-04-03 17:48 - 2014-04-03 17:48 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-23 00:09 - 2009-07-02 16:05 - 000237568 _____ () C:\Program Files (x86)\XnView\language\xnviewsk.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 20:18 - 2017-10-22 23:16 - 000000000 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Braňo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: VegSrv90.exe => "C:\Program Files\Audio a Video\Sony\Vegas Pro 9.0\VegSrv90.exe" -AutoRun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2513979C-2389-4399-B60F-7A814E952246}] => (Allow) C:\Program Files (x86)\Internet\Firefox mozilla\firefox.exe
FirewallRules: [TCP Query User{099922CE-1B16-4D83-B1B3-F5FCCA583F2A}C:\program files\audio a video\sony\vegas pro 9.0\vegsrv90.exe] => (Allow) C:\program files\audio a video\sony\vegas pro 9.0\vegsrv90.exe
FirewallRules: [UDP Query User{5DB948B7-BE85-4038-BE17-A106F14E8D47}C:\program files\audio a video\sony\vegas pro 9.0\vegsrv90.exe] => (Allow) C:\program files\audio a video\sony\vegas pro 9.0\vegsrv90.exe
FirewallRules: [TCP Query User{732F6AC8-9F20-46D2-BB43-86AB583E4D34}E:\programy\utorrent\utorrent.exe] => (Allow) E:\programy\utorrent\utorrent.exe
FirewallRules: [UDP Query User{ED122587-FEAA-4FBE-80A7-C7C42D3BDE23}E:\programy\utorrent\utorrent.exe] => (Allow) E:\programy\utorrent\utorrent.exe
FirewallRules: [{9AD41035-8CF0-4F76-98D1-4D4EF457CB98}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72C32FBD-4AB5-47BE-A54A-329EAAE3B0F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F389D6EC-54E3-46AF-9BE2-DCAEC8549C82}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{670F3895-5E78-4621-B6A3-8C8565A3E7F7}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{DCACB71E-0B0A-4362-BF39-1F234967EF6B}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{15A7EC06-E5FC-44AD-9AE8-84ED86D2F385}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{43479EAD-04E4-4C81-81CC-77E9C81AA60F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8241005C-F125-44CA-911E-CE617F301418}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3175E36B-6779-454A-83AF-945EE2B93715}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0E9F72AD-AC23-4BBB-9E0B-5F9D1ED1EE2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1E826EFA-91EA-4F16-96E6-2E6C2039514A}] => (Allow) C:\Program Files (x86)\Internet\Firefox mozilla\firefox.exe
FirewallRules: [{63AE46FD-A69F-4901-B52F-1FC7BF8E1A4B}] => (Allow) C:\Program Files (x86)\Internet\Firefox mozilla\firefox.exe
FirewallRules: [TCP Query User{D142201D-44BA-4C91-AB91-6C98CC9EDD0C}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{75C85D59-A22E-42C7-BB27-3252D3AEBF5F}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{2862184E-C829-4AF6-BA69-B78B01F3B739}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
FirewallRules: [{9A5FFD72-E97F-4DF4-AE63-90D318879D89}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
FirewallRules: [{FFDDC7FD-D274-49A8-B3C8-8C0C2DBC2E24}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{B6F7942C-B72C-489E-AB72-88C8E6DF6D9B}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{F749CB44-5D6E-4F75-A838-52E7BCFB1DD8}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{29A5DE5B-30E8-4AF0-AF58-4720CD2E585A}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{CA7E7BFB-1DA7-4840-825A-3C00BEC2FBC3}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{B6CB2038-6483-4946-A27B-BB19ABA608B5}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{2281696A-C605-4200-A1A9-A0631F048538}] => (Allow) C:\Users\Braňo\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
FirewallRules: [TCP Query User{5606F15D-F55E-4E9C-B62E-F4DA53F95CA2}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{01CF9143-91C8-46BA-98D2-03CF66F4B2CE}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [{5EA784A6-F9A3-4937-8244-D2413F43C243}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{E3913002-3D8F-40F5-B9CB-80A570F25F10}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [TCP Query User{616C120C-1EA3-4E08-B505-3F66B6476FF2}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{536EA678-C621-4931-B759-E4566D5666A4}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [{03CCC1F8-A608-4372-976E-0DBA31B0F11A}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{C8C3E05F-39EA-4D19-8805-1C9CA8E38C24}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [TCP Query User{75AB30FC-E13E-49C0-B5EF-8C1B7725CB9A}C:\users\braňo\desktop\x-plane 11\x-plane.exe] => (Allow) C:\users\braňo\desktop\x-plane 11\x-plane.exe
FirewallRules: [UDP Query User{4FC2EB44-07DE-44F3-A016-B8FA0F14ECF8}C:\users\braňo\desktop\x-plane 11\x-plane.exe] => (Allow) C:\users\braňo\desktop\x-plane 11\x-plane.exe
FirewallRules: [TCP Query User{025CAEA6-8E1D-40E3-9517-BFD558DA2314}E:\hry\x-plane 11\x-plane.exe] => (Block) E:\hry\x-plane 11\x-plane.exe
FirewallRules: [UDP Query User{8243D645-F75C-4874-A898-206BF725CE88}E:\hry\x-plane 11\x-plane.exe] => (Block) E:\hry\x-plane 11\x-plane.exe
FirewallRules: [{68FDAC9C-852F-4F7A-835D-DEC6CA29455C}] => (Allow) C:\Users\Braňo\firefox.exe
FirewallRules: [{C65B50E7-4578-4EC4-8A8F-8AB52DBA263B}] => (Allow) C:\Users\Braňo\firefox.exe
FirewallRules: [TCP Query User{B1DB2E6F-36C3-4345-ADD3-774B8ECD1873}C:\users\braňo\firefox.exe] => (Block) C:\users\braňo\firefox.exe
FirewallRules: [UDP Query User{7320960A-AE80-43CC-95FE-64A2AEED5AE0}C:\users\braňo\firefox.exe] => (Block) C:\users\braňo\firefox.exe
FirewallRules: [TCP Query User{6F430FED-76CD-4DB7-AF16-5DFAAD9F0AAE}C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe] => (Allow) C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [UDP Query User{AABCC5B9-4AE7-426A-BF64-7C514D0DED84}C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe] => (Allow) C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [{C4F57B21-87D0-4EA1-906C-CCD9A88A3DF9}] => (Block) C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [{5B575931-7409-4FDA-931B-160984BC7E82}] => (Block) C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [TCP Query User{C59FE7DB-6B13-442B-B849-F38B766AB996}E:\hry\mashinky.v15.11.2017\mashinky.exe] => (Allow) E:\hry\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [UDP Query User{3CDD7F73-F14F-4AB8-84ED-5C1E3540ABCE}E:\hry\mashinky.v15.11.2017\mashinky.exe] => (Allow) E:\hry\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [{D0B7B031-D1F7-4D6E-89B9-7D3F0275DC6E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2412B3D8-1336-40F7-846F-07F315766DD5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{249F5462-357F-483B-84BA-96F366E66C62}] => (Allow) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{0BB39B00-D67F-4E92-8902-18784D8DD909}] => (Allow) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{59BC3F8D-48D7-4E28-A2F4-2928A1CA5AC6}] => (Allow) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E6B0C8F9-A528-4E82-9985-CE602D2E184D}] => (Allow) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9079B5D7-174C-4130-B4A2-4FE2EA8A63F2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{755C6F58-F5AE-4538-90E6-C60E2B6D8762}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Windows Defender:
===================================
Date: 2018-01-29 21:39:11.489
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{F03F5C76-1208-44FE-8989-8975BDD431D1}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2018-07-05 09:17:55.966
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.14901.4
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

Date: 2018-07-05 09:17:29.507
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

Date: 2018-07-05 09:17:29.507
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Update Source:User
Error Code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 52%
Total physical RAM: 16335.81 MB
Available physical RAM: 7779.41 MB
Total Virtual: 32669.77 MB
Available Virtual: 23109.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.02 GB) (Free:32.03 GB) NTFS
Drive d: (DATA BIG) (Fixed) (Total:931.51 GB) (Free:195.8 GB) NTFS
Drive e: (DATA VERY BIG) (Fixed) (Total:2794.52 GB) (Free:419.32 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 0BA530BC)

Partition: GPT.

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 32EDFE40)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 9FC73FC9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu (cryptominer.gen)

#2 Příspěvek od Conder »

Ahoj :)

:arrow: V akom presne umiestneni Avira detekuje tuto hrozbu?

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

brendon_pk
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 12 črc 2007 07:40
Kontaktovat uživatele:

Re: Prosim o kontrolu (cryptominer.gen)

#3 Příspěvek od brendon_pk »

Bolo to spojene Mozilla Firefox. Vyhadzovalo to každú chvíľu teraz je pokoj. Obrázok priložený kde detekoval daný problém. Prikladám výpis. Dúfam, že je správny.

# AdwCleaner v6.030 - *Logfile created 11/11/2016 *at 14:44:47
# *Updated on 19/10/2016 by Malwarebytes
# *Database : 2016-11-10.1 [*Server]
# *Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# *Username : Braňo - BRAŇO-PC
# *Running from : C:\Users\Braňo\Desktop\adwcleaner_6.030.exe
# *Mode: Scan
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****

*Service Found: PanService


***** [ *Folders ] *****

*Folder Found: C:\Users\Braňo\AppData\Local\RegistryDr
*Folder Found: C:\Users\Braňo\Documents\RegistryDr
*Folder Found: C:\Program Files (x86)\PANDORA.TV
*Folder Found: C:\Program Files (x86)\Registry Dr
*Folder Found: C:\Windows\SysWOW64\C2MP


***** [ *Files ] *****

*File Found: C:\Windows\SysNative\LavasoftTcpService64.dll
*File Found: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
*File Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
*File Found: C:\Windows\SysWOW64\lavasofttcpservice.dll
*File Found: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini


***** [ DLL ] *****

*No malicious DLLs found.


***** [ WMI ] *****

*No malicious keys found.


***** [ *Shortcuts ] *****

*No infected shortcut found.


***** [ *Scheduled tasks ] *****

*Task Found: RegistryDr_Popup
*Task Found: RegistryDr_Start


***** [ *Registry ] *****

*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
*Key Found: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
*Key Found: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
*Key Found: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
*Key Found: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
*Key Found: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\Software\RegistryDrLanguage
*Key Found: HKCU\Software\RegistryDrLanguage
*Key Found: HKLM\SOFTWARE\Lavasoft\Web Companion
*Key Found: [x64] HKCU\Software\RegistryDrLanguage
*Key Found: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
*Key Found: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
*Key Found: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
*Key Found: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
*Key Found: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
*Value Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Codec Settings UAC Manager]
*Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
*Key Found: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com


***** [ *Web browsers ] *****

*No malicious Firefox based browser items found.
*No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [5991 *Bytes] - [11/11/2016 14:44:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6065 *Bytes] ##########
Přílohy
Zachytiť-1.jpg
Zachytiť-1.jpg (111.17 KiB) Zobrazeno 2153 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu (cryptominer.gen)

#4 Příspěvek od Conder »

Pouzil si nejaku starsiu verziu AdwCleaneru:
# AdwCleaner v6.030 - *Logfile created 11/11/2016 *at 14:44:47
Aktualna verzia AdwCleaneru je 7.2.4.0, stiahni este raz z https://toolslib.net/downloads/viewdown ... dwcleaner/ alebo https://www.malwarebytes.com/adwcleaner/ a opakuj postup.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

brendon_pk
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 12 črc 2007 07:40
Kontaktovat uživatele:

Re: Prosim o kontrolu (cryptominer.gen)

#5 Příspěvek od brendon_pk »

No musel som najst ten log na disku lebo som preklikol a už potom nechcel zobraziť a nevšimol som si, že som starý klikol.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-26-2018
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 16
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Braňo\AppData\Roaming\Carambis
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Auto Clicker
Deleted C:\Program Files (x86)\Free Auto Clicker
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService

***** [ Files ] *****

Deleted C:\Users\Braňo\AppData\Roaming\Microsoft\Windows\Start Menu\Free Auto Clicker.lnk
Deleted C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\e54q3iav.default\searchplugins\google-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Carambis
Deleted HKCU\Software\csastats
Deleted HKCU\Software\ICSW1.23
Deleted HKLM\Software\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2620 octets] - [26/09/2018 16:39:51]
AdwCleaner[S01].txt - [2681 octets] - [26/09/2018 16:40:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

brendon_pk
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 12 črc 2007 07:40
Kontaktovat uživatele:

Re: Prosim o kontrolu (cryptominer.gen)

#6 Příspěvek od brendon_pk »

alebo


# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-26-2018
# Duration: 00:00:06
# OS: Windows 7 Home Premium
# Scanned: 42059
# Detected: 16


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Carambis C:\Users\Braňo\AppData\Roaming\Carambis
PUP.Optional.FreeAutoClicker C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Auto Clicker
PUP.Optional.FreeAutoClicker C:\Program Files (x86)\Free Auto Clicker
PUP.Optional.WebCompanion C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService

***** [ Files ] *****

PUP.Optional.FreeAutoClicker C:\Users\Braňo\AppData\Roaming\Microsoft\Windows\Start Menu\Free Auto Clicker.lnk
PUP.Optional.Legacy C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\e54q3iav.default\searchplugins\google-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Carambis HKCU\Software\Carambis
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\ICSW1.23
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\MediaPlayer\ShimInclusionList\browser.exe
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Classes\AppID\LavasoftTcpService.exe
PUP.Optional.WebCompanion HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
PUP.Optional.WebCompanion HKLM\Software\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [2620 octets] - [26/09/2018 16:39:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu (cryptominer.gen)

#7 Příspěvek od Conder »

OK. Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

brendon_pk
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 12 črc 2007 07:40
Kontaktovat uživatele:

Re: Prosim o kontrolu (cryptominer.gen)

#8 Příspěvek od brendon_pk »

OK. Inak mi ten cryptominer.gen prestalo vyhadzovat.

A logy su tuto:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.09.2018
Ran by Braňo (administrator) on BRAŇO-PC (27-09-2018 22:55:59)
Running from E:\Instal
Loaded Profiles: Braňo (Available Profiles: Braňo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(TeamViewer GmbH) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(YANDEX LLC) C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
(AddGadgets) E:\Prevzaté súbory\PCMeter\PCMeterV4\PCMeterV0.4.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Windows\tsnpstd3.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [262144 2006-06-19] ()
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3753280 2018-09-25] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [uTorrent] => E:\Programy\uTorrent\utorrent.exe [416168 2015-02-22] (BitTorrent, Inc.)
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [Google Update] => C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-18] (Google Inc.)
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46281248 2018-05-30] ()
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [643200 2017-09-26] ()
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [568904 2016-12-02] (ZONER software)
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\MountPoints2: {bd849ed5-f0fb-11e4-a36a-448a5bcda3c0} - Y:\autorun.exe V

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{2C55A034-B488-45DC-9AB6-0432B6B8A294}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FFAD67CB-4F88-4666-97DE-3BA6775E63BE}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ssy3ox7w.default-1516468971952
FF ProfilePath: C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952 [2018-09-27]
FF Session Restore: Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952 -> is enabled.
FF Extension: (Porn block) - C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952\Extensions\porn@vietbacsecurity.com.xpi [2018-01-27]
FF Extension: (uBlock Origin) - C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952\Extensions\uBlock0@raymondhill.net.xpi [2018-09-23]
FF Extension: (Firefox Monitor) - C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952\features\{0f291087-39f5-4d17-8942-6167c3598a74}\fxmonitor@mozilla.org.xpi [2018-09-26]
FF Extension: (Telemetry coverage) - C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ssy3ox7w.default-1516468971952\features\{0f291087-39f5-4d17-8942-6167c3598a74}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-26] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-03-23] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1326493287-2803476095-4076014435-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Braňo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1326493287-2803476095-4076014435-1000: @talk.google.com/O1DPlugin -> C:\Users\Braňo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1326493287-2803476095-4076014435-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1326493287-2803476095-4076014435-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Braňo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Braňo\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
StartMenuInternet: Firefox-41C8AC8658796509 - C:\Users\Braňo\firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default [2018-09-27]
CHR Extension: (Dokumenty) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-08]
CHR Extension: (YouTube) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-29]
CHR Extension: (Google Search) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Avira Browser Safety) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-07-20]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-08-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-15]
CHR Extension: (Gmail) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]
CHR Extension: (Chrome Media Router) - C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-25]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-09-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-09-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-09-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-09-08] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-28] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-09-25] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [73856 2017-09-26] (The OpenVPN Project)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\Programy\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2013-01-25] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-29] (Intel(R) Corporation)
R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe [768320 2016-08-08] (YANDEX LLC)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-16] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199920 2018-07-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153040 2018-07-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-08] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-18] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
U0 aswVmm; no ImagePath
R3 WinRing0_1_2_0; \??\C:\Users\Braňo\AppData\Local\Temp\tmpD29.tmp [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-27 16:48 - 2018-09-27 16:48 - 007592144 _____ (Malwarebytes) C:\Users\Braňo\Desktop\adwcleaner_7.2.4.0.exe
2018-09-26 19:40 - 2018-09-26 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-09-26 16:42 - 2018-09-26 16:42 - 000067872 _____ C:\Users\Braňo\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-26 16:42 - 2018-09-26 16:42 - 000000000 ____D C:\Users\Braňo\AppData\Local\Yandex
2018-09-26 16:41 - 2018-09-26 16:41 - 004921296 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-25 13:52 - 2018-09-25 13:52 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-09-25 13:52 - 2018-09-25 13:52 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-09-25 13:52 - 2018-09-25 13:52 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-09-25 13:52 - 2018-09-25 13:52 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-09-13 19:50 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-09-13 19:50 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-09-13 19:50 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-09-13 19:50 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-09-13 19:50 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-09-13 19:50 - 2018-08-24 21:47 - 000398424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-13 19:50 - 2018-08-24 20:47 - 000350296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-09-13 19:50 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-13 19:50 - 2018-08-24 00:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-13 19:50 - 2018-08-24 00:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-13 19:50 - 2018-08-24 00:45 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-13 19:50 - 2018-08-24 00:44 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-13 19:50 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-13 19:50 - 2018-08-24 00:43 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-13 19:50 - 2018-08-24 00:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-13 19:50 - 2018-08-24 00:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-13 19:50 - 2018-08-24 00:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-13 19:50 - 2018-08-24 00:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-13 19:50 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-13 19:50 - 2018-08-24 00:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-13 19:50 - 2018-08-24 00:33 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-13 19:50 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-13 19:50 - 2018-08-24 00:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-13 19:50 - 2018-08-24 00:33 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-13 19:50 - 2018-08-24 00:27 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-13 19:50 - 2018-08-24 00:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-13 19:50 - 2018-08-24 00:19 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-13 19:50 - 2018-08-24 00:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-13 19:50 - 2018-08-24 00:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-13 19:50 - 2018-08-24 00:15 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-13 19:50 - 2018-08-24 00:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-13 19:50 - 2018-08-24 00:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-13 19:50 - 2018-08-24 00:12 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-13 19:50 - 2018-08-24 00:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-13 19:50 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-13 19:50 - 2018-08-24 00:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-13 19:50 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-13 19:50 - 2018-08-23 23:59 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-13 19:50 - 2018-08-23 23:59 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-13 19:50 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-13 19:50 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-13 19:50 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-13 19:50 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-09-13 19:50 - 2018-08-23 23:25 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-09-13 19:50 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-09-13 19:50 - 2018-08-23 23:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-09-13 19:50 - 2018-08-23 23:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-09-13 19:50 - 2018-08-23 23:14 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-09-13 19:50 - 2018-08-23 23:13 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-09-13 19:50 - 2018-08-23 23:12 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-09-13 19:50 - 2018-08-23 23:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-09-13 19:50 - 2018-08-23 23:09 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-09-13 19:50 - 2018-08-23 23:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-09-13 19:50 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-09-13 19:50 - 2018-08-23 23:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-09-13 19:50 - 2018-08-23 23:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-09-13 19:50 - 2018-08-23 23:00 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-09-13 19:50 - 2018-08-23 22:56 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-09-13 19:50 - 2018-08-23 22:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-09-13 19:50 - 2018-08-23 22:55 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-09-13 19:50 - 2018-08-23 22:54 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-09-13 19:50 - 2018-08-23 22:53 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-09-13 19:50 - 2018-08-23 22:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-09-13 19:50 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-09-13 19:50 - 2018-08-23 22:51 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-09-13 19:50 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-09-13 19:50 - 2018-08-23 22:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-09-13 19:50 - 2018-08-23 22:44 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-09-13 19:50 - 2018-08-23 22:44 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-09-13 19:50 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-09-13 19:50 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-09-13 19:50 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-09-13 19:50 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-09-13 19:50 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-09-13 19:50 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-09-13 19:50 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-09-13 19:50 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-09-13 19:50 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-09-13 19:50 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-13 19:50 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-13 19:50 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-13 19:50 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-09-13 19:50 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-09-13 19:50 - 2018-08-10 17:59 - 005552816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-13 19:50 - 2018-08-10 17:59 - 000154800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-13 19:50 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-13 19:50 - 2018-08-10 17:58 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-13 19:50 - 2018-08-10 17:58 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-13 19:50 - 2018-08-10 17:57 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-09-13 19:50 - 2018-08-10 17:57 - 000631624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-09-13 19:50 - 2018-08-10 17:56 - 001664296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-09-13 19:50 - 2018-08-10 17:55 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-13 19:50 - 2018-08-10 17:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-09-13 19:50 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-09-13 19:50 - 2018-08-10 17:44 - 003961440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-09-13 19:50 - 2018-08-10 17:42 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-09-13 19:50 - 2018-08-10 17:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-09-13 19:50 - 2018-08-10 17:39 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-09-13 19:50 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-09-13 19:50 - 2018-08-10 17:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-13 19:50 - 2018-08-10 17:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-13 19:50 - 2018-08-10 17:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-13 19:50 - 2018-08-10 17:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-13 19:50 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-09-13 19:50 - 2018-08-10 17:17 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-09-13 19:50 - 2018-08-10 17:17 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-13 19:50 - 2018-08-10 17:17 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-13 19:50 - 2018-08-10 17:15 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-09-13 19:50 - 2018-08-10 17:13 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-13 19:50 - 2018-08-10 17:13 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-13 19:50 - 2018-08-10 17:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-13 19:50 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-09-13 19:50 - 2018-08-10 17:12 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-13 19:50 - 2018-08-10 17:12 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-13 19:50 - 2018-08-10 17:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-13 19:50 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-13 19:50 - 2018-08-10 17:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-13 19:50 - 2018-08-10 17:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-13 19:50 - 2018-08-10 17:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-09-13 19:50 - 2018-08-10 17:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-09-13 19:50 - 2018-08-10 17:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-09-13 19:50 - 2018-08-10 17:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-09-13 19:50 - 2018-08-10 17:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-09-13 19:50 - 2018-08-10 17:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-09-13 19:50 - 2018-08-10 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-09-13 19:50 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-09-13 19:50 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-09-13 19:50 - 2018-06-27 15:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-09-13 19:50 - 2018-06-27 15:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-08-28 20:20 - 2018-08-28 20:20 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-27 22:55 - 2015-07-06 20:08 - 000000000 ____D C:\FRST
2018-09-27 22:54 - 2015-03-23 00:15 - 000000000 ____D C:\Users\Braňo\AppData\Roaming\XnView
2018-09-27 22:51 - 2017-08-28 23:26 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-09-27 22:44 - 2017-09-19 21:21 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-27 22:00 - 2018-01-28 20:00 - 000025010 _____ C:\Users\Braňo\Network_Meter_Data.js
2018-09-27 21:50 - 2016-11-13 16:50 - 000000452 _____ C:\Windows\Tasks\Yandex Browser system update.job
2018-09-27 16:50 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-27 16:50 - 2009-07-14 06:45 - 000021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-27 16:48 - 2016-11-19 16:00 - 000000000 ____D C:\Users\Braňo\AppData\LocalLow\Mozilla
2018-09-27 16:44 - 2018-01-29 19:57 - 000029745 _____ C:\Users\Braňo\IP_Log_Data.js
2018-09-26 19:40 - 2017-08-28 23:26 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-09-26 16:48 - 2009-07-14 07:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-26 16:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-26 16:42 - 2017-08-28 23:26 - 000000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-09-26 16:42 - 2016-11-13 16:50 - 000003544 _____ C:\Windows\System32\Tasks\Yandex Browser system update
2018-09-26 16:42 - 2016-11-08 14:37 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-09-26 16:41 - 2015-03-22 22:01 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-26 16:41 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-26 16:39 - 2016-11-11 15:44 - 000000000 ____D C:\AdwCleaner
2018-09-25 21:42 - 2016-11-18 23:36 - 000000000 ____D C:\Users\Braňo\AppData\Roaming\TeamViewer
2018-09-25 21:42 - 2016-10-05 12:42 - 000000000 ____D C:\Users\Braňo\AppData\Roaming\FileZilla
2018-09-25 21:41 - 2016-10-05 12:42 - 000000000 ____D C:\Users\Braňo\AppData\Local\CrashDumps
2018-09-25 21:41 - 2015-10-25 21:16 - 000000000 ____D C:\Windows\Minidump
2018-09-25 20:11 - 2018-01-20 19:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-25 20:11 - 2015-03-22 22:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-25 20:10 - 2015-03-22 22:02 - 000000030 _____ C:\Users\Braňo\AppData\Roaming\Network Meter_Usage.ini
2018-09-22 10:46 - 2017-08-28 23:26 - 000003902 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-09-22 10:46 - 2017-08-28 23:26 - 000003650 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-09-20 18:02 - 2018-02-06 19:04 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-20 18:02 - 2018-02-06 19:04 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-20 16:37 - 2015-03-22 21:33 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-16 20:58 - 2015-03-24 22:23 - 000081408 _____ C:\Users\Braňo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-14 19:25 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-09-14 16:34 - 2015-03-24 20:44 - 000000000 ____D C:\Users\Braňo\AppData\Roaming\HandBrake
2018-09-13 20:02 - 2015-03-22 23:05 - 000000000 ____D C:\Windows\system32\MRT
2018-09-13 19:58 - 2017-01-09 16:58 - 000004450 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-09-13 19:58 - 2015-06-14 18:22 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-09-13 19:58 - 2015-03-22 23:44 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-13 19:58 - 2015-03-22 23:44 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-13 19:58 - 2015-03-22 23:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-13 19:58 - 2015-03-22 23:44 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-13 19:54 - 2015-03-22 23:05 - 139184408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-13 19:51 - 2015-03-22 21:28 - 000766336 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-09-13 19:50 - 2018-03-13 20:50 - 000004462 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-08 18:53 - 2015-07-06 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-02 20:56 - 2015-08-01 20:40 - 000000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2018-01-29 19:57 - 2018-09-27 16:44 - 000029745 _____ () C:\Users\Braňo\IP_Log_Data.js
2018-01-28 20:00 - 2018-09-27 22:00 - 000025010 _____ () C:\Users\Braňo\Network_Meter_Data.js
2016-10-10 14:25 - 2017-07-16 19:42 - 000000132 _____ () C:\Users\Braňo\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-03-22 21:58 - 2015-03-22 22:22 - 000000624 _____ () C:\Users\Braňo\AppData\Roaming\All CPU MeterV3_Settings.ini
2015-03-22 21:58 - 2015-03-25 23:58 - 000000294 _____ () C:\Users\Braňo\AppData\Roaming\GPU MeterV2_Settings.ini
2015-03-22 21:59 - 2017-03-13 23:12 - 000001308 _____ () C:\Users\Braňo\AppData\Roaming\Network Meter_Settings.ini
2015-03-22 22:02 - 2018-09-25 20:10 - 000000030 _____ () C:\Users\Braňo\AppData\Roaming\Network Meter_Usage.ini
2015-03-24 22:23 - 2018-09-16 20:58 - 000081408 _____ () C:\Users\Braňo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-02 12:31 - 2018-06-01 20:00 - 000000600 _____ () C:\Users\Braňo\AppData\Local\PUTTY.RND
2015-03-25 00:07 - 2017-09-16 22:13 - 000007599 _____ () C:\Users\Braňo\AppData\Local\Resmon.ResmonCfg
2016-11-26 22:49 - 2016-12-10 23:06 - 000000037 _____ () C:\Users\Braňo\AppData\Local\X-Plane Installer.prf
2016-11-26 22:49 - 2016-12-10 23:07 - 000000015 _____ () C:\Users\Braňo\AppData\Local\X-Plane_drm_11.prf
2016-11-26 22:14 - 2016-12-10 22:13 - 000000057 _____ () C:\Users\Braňo\AppData\Local\x-plane_install_11.txt

Some files in TEMP:
====================
2018-02-07 00:32 - 2018-02-07 00:32 - 000624128 _____ () C:\Users\Braňo\AppData\Local\Temp\photolab1_splashscreen.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-27 22:20

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018
Ran by Braňo (27-09-2018 22:56:17)
Running from E:\Instal
Windows 7 Home Premium Service Pack 1 (X64) (2015-03-22 19:19:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1326493287-2803476095-4076014435-500 - Administrator - Disabled)
Braňo (S-1-5-21-1326493287-2803476095-4076014435-1000 - Administrator - Enabled) => C:\Users\Braňo
Guest (S-1-5-21-1326493287-2803476095-4076014435-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 18.011.20063 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0_1) (Version: 19.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Any Video Converter 6.0.6 (HKLM-x32\...\Any Video Converter) (Version: 6.0.6 - Anvsoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Auto Mouse Clicker v3.4 (HKLM-x32\...\{E00EA780-9C24-47BA-B9C8-210316D1C461}_is1) (Version: - MurGee Softwares)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.2 - GPL Public release.)
Backup and Sync from Google (HKLM\...\{AEFBDB5B-899F-4AE6-B789-BA56A652A476}) (Version: 3.42.9858.3671 - Google, Inc.)
Canon Inkjet Printer Driver Add-On Module (HKLM\...\CANONIJINBOXADDON100) (Version: - )
Canon MP Navigator 2.2 (HKLM-x32\...\MP Navigator 2.2) (Version: - )
Canon MP530 (HKLM\...\{3215EBED-1D06-42fb-A05C-A752A46FB24C}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
CrystalDiskMark 4.0.3a (HKLM\...\CrystalDiskMark4_is1) (Version: 4.0.3a - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DiskCheckup v3.3 (HKLM-x32\...\DiskCheckup_is1) (Version: 3.3.1000 - PassMark Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 58.4.92 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
DxO PhotoLab (HKLM\...\{883D7A53-050B-4B37-BA45-CD125E20F03D}) (Version: 1.1.1 - DxO)
DxO PhotoLab plug-in for Adobe Lightroom (HKLM-x32\...\{91E4E071-DE20-45D9-91A1-F1A3BBD8333A}) (Version: 1.0.38 - DxO Labs)
EaseUS Partition Master 12.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
ffdshow (remove only) (HKLM-x32\...\ffdshow) (Version: - )
FileZilla Client 3.33.0 (HKLM-x32\...\FileZilla Client) (Version: 3.33.0 - Tim Kosse)
Free Auto Clicker 4.1.6 (HKLM-x32\...\Free Auto Clicker_is1) (Version: - FreeAutoClicker Co., Ltd.)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.12.0.84 - NVIDIA Corporation) Hidden
gmax (HKLM-x32\...\{3FA7A919-87DA-42B1-814B-86DE8DCA17C2}) (Version: 4.4.0.125 - Discreet)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Spoločnosť Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Google Photos Backup) (Version: 1.1.4.11 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
HeidiSQL (HKLM\...\HeidiSQL_is1) (Version: - Ansgar Becker)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
Intel Extreme Tuning Utility (HKLM-x32\...\{2E27A606-77E7-41B0-8C2A-11703585288D}) (Version: 5.1.1.25 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{ffa8daa3-4912-4a4a-aac4-a0549064268b}) (Version: 5.1.1.25 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.19 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
KMP Service (HKLM-x32\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version: - KMP) <==== ATTENTION
KMPFaster (HKLM-x32\...\simplitec POWER SUITE_is1) (Version: 2.3.2.860 - simplitec GmbH) <==== ATTENTION
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{4847BBB9-EADD-4C92-90BF-4223B0892FF6}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Hyperlapse Pro (HKLM\...\{33503317-BA83-44C8-873E-581B3D8EB837}) (Version: 1.3.5764 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mike Crash's Vegas Filters Uninstall (HKLM-x32\...\Mike Crash Vegas Filters) (Version: - )
Mozilla Firefox 54.0 (x64 sk) (HKLM\...\Mozilla Firefox 54.0 (x64 sk)) (Version: 54.0 - Mozilla)
Mozilla Firefox 57.0.4 (x64 sk) (HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\Mozilla Firefox 57.0.4 (x64 sk)) (Version: 57.0.4 - Mozilla)
Mozilla Firefox 62.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 62.0.2 (x64 sk)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version: - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version: - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version: - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version: - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version: - )
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafický ovládač 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{456408C1-3BDE-48CC-9A5A-79B1BB4C4787}) (Version: 4.11.9775 - Apache Software Foundation)
OpenVPN 2.4.4-I601 (HKLM\...\OpenVPN) (Version: 2.4.4-I601 - OpenVPN Technologies, Inc.)
Ovládací panel NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PenguiNet v2.70 (HKLM-x32\...\PenguiNet_is1) (Version: v2.70 - Silicon Circus Ltd.)
Photoshop_CC_2018_01-cz (HKLM\...\{E85E77C2-0DAD-4802-A09C-598D85869454}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
PTGui Pro 10.0.7 (HKLM-x32\...\PTGui) (Version: - New House Internet Services B.V.)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{CCD797F1-171F-4B3A-BD30-4F59F653E1A0}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{F45761DC-2470-47FF-9E9B-F4016568C29A}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{4692B750-DE88-4DCF-9163-745AF5604B24}) (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.35 - Piriform)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarCam Clip (HKLM-x32\...\{7AEF344E-DB20-4D76-9077-30BD339DFD99}) (Version: 5.16.0.301 - )
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.109 - KMP Media co., Ltd)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50 RC2 (release candidate 2) - C. Ghisler & Co.)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Transiciones Marbuendy (HKLM-x32\...\Transiciones Marbuendy) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 9.0 (64-bit) (HKLM\...\{88EAF577-71FA-46F2-8E42-AEA33E35AFB1}) (Version: 9.0.895 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VueScan x64 (HKLM\...\VueScan x64) (Version: - )
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Watchtower Library - Slovenčina (HKLM-x32\...\{641C691C-7C9F-450D-9B79-57D2DC4D0202}) (Version: 18.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2013 - v slovenčine (HKLM-x32\...\{A2A0612C-7E82-4314-B6BD-18D0C5EC3B04}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Watchtower Library 2015 - v slovenčine (HKLM-x32\...\{B5248B17-EBF7-4929-B2D1-1B2C059898A6}) (Version: 17.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Windows 7 Codec Pack 4.1.5 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.1.5 - Windows 7 Codec Pack)
WinRAR 5.21 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XnView 1.96.2 (HKLM-x32\...\XnView_is1) (Version: 1.96.2 - Gougelet Pierre-e)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_SK_is1) (Version: 18.0.1.10 - ZONER software)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1612.2.11 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.4\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-30] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-11-02] ()
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-08] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-30] (Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.25.0.dll [2018-09-25] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-08] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {079AC1C2-942A-4E15-82E8-9AC8D4EE6857} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-08] (Avira Operations GmbH & Co. KG)
Task: {0B545657-2B86-4CED-84C1-311FE3EB8AE2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1326493287-2803476095-4076014435-1000Core => C:\Users\Braňo\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-03] (Google Inc.)
Task: {0B75345E-E0DF-494A-9AF1-C1E964695350} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2018-02-19] ()
Task: {18846C5B-F0AC-40F9-9C06-E71680B3C871} - System32\Tasks\{260E8D26-9864-4F72-B8B4-E1EF3E2003C8} => "c:\program files (x86)\internet\firefox mozilla\firefox.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/sk/abandoninstall?page=tsMain
Task: {1FFB6D6D-79BF-4097-A2F7-32D23401667A} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {341514AD-D920-4883-ABB5-FE9CADB4C9D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {40D3C55E-EEF1-4A77-8ED6-6FE068AF27B1} - System32\Tasks\PCMeter\Startup => E:\Prevzaté súbory\PCMeter\PCMeterV4\PCMeterV0.4.exe [2015-03-22] (AddGadgets)
Task: {55285FEB-0E83-4CBE-A17D-6FD227BEAE3B} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe [2015-08-28] (simplitec GmbH) <==== ATTENTION
Task: {55FD9D1D-726F-492D-A40D-249955DB7BF0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1326493287-2803476095-4076014435-1000UA => C:\Users\Braňo\AppData\Local\Google\Update\GoogleUpdate.exe [2016-02-03] (Google Inc.)
Task: {57D170AF-AD19-46B2-9D1A-5D2531749636} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe [2015-08-28] (simplitec GmbH) <==== ATTENTION
Task: {5ACBA1A3-2B65-4522-9C6D-CF6B3A75488E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6697196E-108D-4AD2-917F-3E5D91ED4B21} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-13] (Adobe Systems Incorporated)
Task: {6ADEE43C-5417-4031-90D3-2678F6FE1743} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-13] (Adobe Systems Incorporated)
Task: {98963144-833F-4389-A456-D4735E950F69} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {A61EE958-003E-4003-B8EF-B6EEB499C727} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-28] (Dropbox, Inc.)
Task: {BA6FD8C0-1B10-422B-94E5-66E6F8B052A3} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-13] (Adobe Systems Incorporated)
Task: {C7ECB9A2-057F-4098-AD3B-E48453E14505} - System32\Tasks\Yandex Browser system update => C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe [2016-08-08] (YANDEX LLC)
Task: {CCA4ECF2-CF98-4EED-937D-FDB0BFE26561} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-28] (Dropbox, Inc.)
Task: {CD21B1D0-4FB4-48DF-917B-7936E042A924} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {E4022CB3-DC49-4B2F-B335-D9190A0D987C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-09-24] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\Yandex Browser system update.job => C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-11-02 12:31 - 2016-11-02 12:31 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-09-26 03:52 - 2017-09-26 03:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2013-01-25 09:12 - 2013-01-25 09:12 - 000248704 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2015-03-22 21:57 - 2015-03-22 21:57 - 000012520 _____ () C:\Users\Braňo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2015-03-22 21:57 - 2015-03-22 21:57 - 000015080 _____ () C:\Users\Braňo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2015-03-22 21:57 - 2015-03-22 21:57 - 000014056 _____ () C:\Users\Braňo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2018-05-30 11:03 - 2018-05-30 11:03 - 046281248 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2016-08-23 20:00 - 2006-06-19 11:43 - 000262144 _____ () C:\Windows\tsnpstd3.exe
2017-07-17 19:02 - 2014-11-18 14:44 - 000255072 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\TrayTipAgentE.exe
2018-09-26 16:42 - 2018-09-26 16:42 - 000113152 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\_ctypes.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000080896 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\bz2.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 001585152 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\_hashlib.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000128512 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32api.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000137728 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\pywintypes27.dll
2018-09-26 16:42 - 2018-09-26 16:42 - 000548864 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\pythoncom27.dll
2018-09-26 16:42 - 2018-09-26 16:42 - 000689664 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\unicodedata.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000438784 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32com.shell.shell.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 001489408 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\wx._core_.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 001007104 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\wx._gdi_.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 001039872 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\wx._windows_.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 001325056 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\wx._controls_.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000916992 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\wx._misc_.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 001084416 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\pysqlite2._sqlite.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000149504 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32file.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000136192 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32security.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000007680 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\hashobjs_ext.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000020992 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\thumbnails_ext.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000118784 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\usb_ext.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000047616 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\_socket.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 002224640 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\_ssl.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000014848 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\common.time34.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000023040 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32event.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000034304 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\windows.conditional.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000020480 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\windows.winwrap.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000110080 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\windows.volumes.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000223232 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32gui.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000173568 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\_elementtree.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000169472 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\pyexpat.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000048128 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32inet.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000103424 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\wx._html2.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000046080 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\_psutil_windows.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000633272 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\windows._cacheinvalidation.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000011776 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32crypt.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000301568 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\PIL._imaging.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000032256 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\_multiprocessing.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 005458944 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\cello.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000026112 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\_yappi.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000044032 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32process.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000027648 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32pipe.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000010752 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\select.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000029696 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32pdh.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000038400 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\windows.connectivity.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000073216 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\windows.device_monitor.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000020480 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32profile.pyd
2018-09-26 16:42 - 2018-09-26 16:42 - 000026624 _____ () C:\Users\Braňo\AppData\Local\Temp\_MEI29442\win32ts.pyd
2017-09-26 03:52 - 2017-09-26 03:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-08-16 19:13 - 2018-08-16 19:13 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll
2018-08-16 19:13 - 2018-08-16 19:13 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2015-04-15 20:23 - 2015-08-27 02:37 - 000011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-09-20 03:42 - 2017-09-20 03:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-07-17 19:02 - 2014-02-13 15:27 - 000222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\traynet.dll
2017-07-17 19:02 - 2014-02-13 15:27 - 000275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\libcurl.dll
2017-07-17 19:02 - 2014-02-13 15:27 - 000113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\zlib1.dll
2017-07-17 19:02 - 2014-02-13 15:27 - 000249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.0\bin\TrayPopupE\uexper.dll
2017-09-06 19:11 - 2017-09-06 19:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 19:11 - 2017-09-06 19:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 04:04 - 2017-09-20 04:04 - 000110688 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2017-09-06 19:11 - 2017-09-06 19:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2014-04-03 17:48 - 2014-04-03 17:48 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-09-26 19:40 - 2018-09-25 13:52 - 001110856 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-09-26 19:40 - 2018-09-25 13:52 - 002247496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-16 17:54 - 2018-09-25 13:57 - 000024264 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000142824 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 001958760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000026328 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:52 - 000117272 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-05-16 17:54 - 2018-09-25 13:52 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:52 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-05-16 17:54 - 2018-09-25 13:52 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000074584 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:54 - 000026312 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:57 - 000401240 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:57 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:52 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:58 - 000059744 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:57 - 000069336 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:58 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:54 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000032736 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:56 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:57 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 001779024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000519504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:56 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:56 - 003822784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:56 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:56 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:56 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:58 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-08-01 21:38 - 2018-09-25 13:58 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:57 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:57 - 000026336 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:57 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:58 - 000026328 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:52 - 000494048 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-05-16 17:54 - 2018-09-25 13:58 - 000029408 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:52 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-16 17:54 - 2018-09-25 13:57 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000434360 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-16 17:54 - 2018-09-25 13:57 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-09-26 19:40 - 2018-09-25 13:55 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-16 17:54 - 2018-09-25 13:57 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:56 - 000531280 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:55 - 000354128 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2018-09-26 19:40 - 2018-09-25 13:56 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2012-03-09 17:26 - 2013-04-25 03:50 - 000108128 _____ () C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 20:18 - 2017-10-22 23:16 - 000000000 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Braňo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: VegSrv90.exe => "C:\Program Files\Audio a Video\Sony\Vegas Pro 9.0\VegSrv90.exe" -AutoRun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2513979C-2389-4399-B60F-7A814E952246}] => (Allow) C:\Program Files (x86)\Internet\Firefox mozilla\firefox.exe
FirewallRules: [TCP Query User{099922CE-1B16-4D83-B1B3-F5FCCA583F2A}C:\program files\audio a video\sony\vegas pro 9.0\vegsrv90.exe] => (Allow) C:\program files\audio a video\sony\vegas pro 9.0\vegsrv90.exe
FirewallRules: [UDP Query User{5DB948B7-BE85-4038-BE17-A106F14E8D47}C:\program files\audio a video\sony\vegas pro 9.0\vegsrv90.exe] => (Allow) C:\program files\audio a video\sony\vegas pro 9.0\vegsrv90.exe
FirewallRules: [TCP Query User{732F6AC8-9F20-46D2-BB43-86AB583E4D34}E:\programy\utorrent\utorrent.exe] => (Allow) E:\programy\utorrent\utorrent.exe
FirewallRules: [UDP Query User{ED122587-FEAA-4FBE-80A7-C7C42D3BDE23}E:\programy\utorrent\utorrent.exe] => (Allow) E:\programy\utorrent\utorrent.exe
FirewallRules: [{9AD41035-8CF0-4F76-98D1-4D4EF457CB98}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72C32FBD-4AB5-47BE-A54A-329EAAE3B0F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F389D6EC-54E3-46AF-9BE2-DCAEC8549C82}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{670F3895-5E78-4621-B6A3-8C8565A3E7F7}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{DCACB71E-0B0A-4362-BF39-1F234967EF6B}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{15A7EC06-E5FC-44AD-9AE8-84ED86D2F385}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{43479EAD-04E4-4C81-81CC-77E9C81AA60F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8241005C-F125-44CA-911E-CE617F301418}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3175E36B-6779-454A-83AF-945EE2B93715}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0E9F72AD-AC23-4BBB-9E0B-5F9D1ED1EE2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1E826EFA-91EA-4F16-96E6-2E6C2039514A}] => (Allow) C:\Program Files (x86)\Internet\Firefox mozilla\firefox.exe
FirewallRules: [{63AE46FD-A69F-4901-B52F-1FC7BF8E1A4B}] => (Allow) C:\Program Files (x86)\Internet\Firefox mozilla\firefox.exe
FirewallRules: [TCP Query User{D142201D-44BA-4C91-AB91-6C98CC9EDD0C}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [UDP Query User{75C85D59-A22E-42C7-BB27-3252D3AEBF5F}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe
FirewallRules: [{2862184E-C829-4AF6-BA69-B78B01F3B739}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
FirewallRules: [{9A5FFD72-E97F-4DF4-AE63-90D318879D89}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
FirewallRules: [{FFDDC7FD-D274-49A8-B3C8-8C0C2DBC2E24}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{B6F7942C-B72C-489E-AB72-88C8E6DF6D9B}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{F749CB44-5D6E-4F75-A838-52E7BCFB1DD8}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{29A5DE5B-30E8-4AF0-AF58-4720CD2E585A}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{CA7E7BFB-1DA7-4840-825A-3C00BEC2FBC3}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{B6CB2038-6483-4946-A27B-BB19ABA608B5}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
FirewallRules: [{2281696A-C605-4200-A1A9-A0631F048538}] => (Allow) C:\Users\Braňo\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
FirewallRules: [TCP Query User{5606F15D-F55E-4E9C-B62E-F4DA53F95CA2}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{01CF9143-91C8-46BA-98D2-03CF66F4B2CE}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [{5EA784A6-F9A3-4937-8244-D2413F43C243}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [{E3913002-3D8F-40F5-B9CB-80A570F25F10}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
FirewallRules: [TCP Query User{616C120C-1EA3-4E08-B505-3F66B6476FF2}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [UDP Query User{536EA678-C621-4931-B759-E4566D5666A4}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe
FirewallRules: [{03CCC1F8-A608-4372-976E-0DBA31B0F11A}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [{C8C3E05F-39EA-4D19-8805-1C9CA8E38C24}] => (Allow) C:\Program Files\VueScan\vuescan.exe
FirewallRules: [TCP Query User{75AB30FC-E13E-49C0-B5EF-8C1B7725CB9A}C:\users\braňo\desktop\x-plane 11\x-plane.exe] => (Allow) C:\users\braňo\desktop\x-plane 11\x-plane.exe
FirewallRules: [UDP Query User{4FC2EB44-07DE-44F3-A016-B8FA0F14ECF8}C:\users\braňo\desktop\x-plane 11\x-plane.exe] => (Allow) C:\users\braňo\desktop\x-plane 11\x-plane.exe
FirewallRules: [TCP Query User{025CAEA6-8E1D-40E3-9517-BFD558DA2314}E:\hry\x-plane 11\x-plane.exe] => (Block) E:\hry\x-plane 11\x-plane.exe
FirewallRules: [UDP Query User{8243D645-F75C-4874-A898-206BF725CE88}E:\hry\x-plane 11\x-plane.exe] => (Block) E:\hry\x-plane 11\x-plane.exe
FirewallRules: [{68FDAC9C-852F-4F7A-835D-DEC6CA29455C}] => (Allow) C:\Users\Braňo\firefox.exe
FirewallRules: [{C65B50E7-4578-4EC4-8A8F-8AB52DBA263B}] => (Allow) C:\Users\Braňo\firefox.exe
FirewallRules: [TCP Query User{B1DB2E6F-36C3-4345-ADD3-774B8ECD1873}C:\users\braňo\firefox.exe] => (Block) C:\users\braňo\firefox.exe
FirewallRules: [UDP Query User{7320960A-AE80-43CC-95FE-64A2AEED5AE0}C:\users\braňo\firefox.exe] => (Block) C:\users\braňo\firefox.exe
FirewallRules: [TCP Query User{6F430FED-76CD-4DB7-AF16-5DFAAD9F0AAE}C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe] => (Allow) C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [UDP Query User{AABCC5B9-4AE7-426A-BF64-7C514D0DED84}C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe] => (Allow) C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [{C4F57B21-87D0-4EA1-906C-CCD9A88A3DF9}] => (Block) C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [{5B575931-7409-4FDA-931B-160984BC7E82}] => (Block) C:\users\braňo\appdata\local\temp\rar$exa0.596\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [TCP Query User{C59FE7DB-6B13-442B-B849-F38B766AB996}E:\hry\mashinky.v15.11.2017\mashinky.exe] => (Allow) E:\hry\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [UDP Query User{3CDD7F73-F14F-4AB8-84ED-5C1E3540ABCE}E:\hry\mashinky.v15.11.2017\mashinky.exe] => (Allow) E:\hry\mashinky.v15.11.2017\mashinky.exe
FirewallRules: [{D0B7B031-D1F7-4D6E-89B9-7D3F0275DC6E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2412B3D8-1336-40F7-846F-07F315766DD5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{249F5462-357F-483B-84BA-96F366E66C62}] => (Allow) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{0BB39B00-D67F-4E92-8902-18784D8DD909}] => (Allow) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{59BC3F8D-48D7-4E28-A2F4-2928A1CA5AC6}] => (Allow) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E6B0C8F9-A528-4E82-9985-CE602D2E184D}] => (Allow) C:\Program Files (x86)\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{755C6F58-F5AE-4538-90E6-C60E2B6D8762}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A1470072-7639-4EED-AF67-BC79E571B13D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/26/2018 04:48:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/26/2018 04:48:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/26/2018 04:42:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (09/26/2018 04:42:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby WinRing0_1_2_0 zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.

Error: (09/26/2018 04:42:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (09/26/2018 04:42:11 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (09/26/2018 04:41:54 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa nepodarilo spustiť.

Cesta k modulu: C:\Windows\system32\athExt.dll
Kód chyby: 126

Error: (09/26/2018 04:40:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Modules Installer sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/26/2018 04:40:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/26/2018 04:40:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Nero Update sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/26/2018 04:40:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba DbxSvc sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
===================================
Date: 2018-01-29 21:39:11.489
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{F03F5C76-1208-44FE-8989-8975BDD431D1}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

Date: 2018-07-05 09:17:55.966
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.14901.4
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

Date: 2018-07-05 09:17:29.507
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.271.442.0
Previous Signature Version:1.269.1075.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Error code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

Date: 2018-07-05 09:17:29.507
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.15000.2
Previous Engine Version:1.1.14901.4
Update Source:User
Error Code:0x80070666
Error description:Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 23%
Total physical RAM: 16335.81 MB
Available physical RAM: 12459.39 MB
Total Virtual: 32669.77 MB
Available Virtual: 28394.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.02 GB) (Free:31.3 GB) NTFS
Drive d: (DATA BIG) (Fixed) (Total:931.51 GB) (Free:195.4 GB) NTFS
Drive e: (DATA VERY BIG) (Fixed) (Total:2794.52 GB) (Free:259.83 GB) NTFS
Drive x: (EOS_DIGITAL) (Removable) (Total:29.14 GB) (Free:1.32 GB) FAT32


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 0BA530BC)

Partition: GPT.

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 32EDFE40)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 9FC73FC9)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Protective MBR) (Size: 29.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu (cryptominer.gen)

#9 Příspěvek od Conder »

:arrow: Program Yandex Browser mas nainstalovany umyselne?

:arrow: Cez Ovladaci panel -> Odinstalovat programy odinstaluj tieto programy:
  • KMP Service
  • KMPFaster
:arrow: Ak to nepojde (vyskytne sa nejaka chyba a pod.), pokracuj na nasledujuci krok.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\4F6D5E84-5826-4394-9F40-3A9A19165651_is1
    ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1
    Folder: C:\Program Files (x86)\simplitec
    File: C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
    File: C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
    File: C:\Windows\tsnpstd3.exe
    File: C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    File: C:\Program Files\OpenVPN\bin\openvpnserv2.exe
    File: C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
    File: C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    File: C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
    File: C:\Windows\system32\EuGdiDrv.sys
    File: C:\Windows\SysWOW64\EuGdiDrv.sys
    
    HKU\S-1-5-21-1326493287-2803476095-4076014435-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    U0 aswVmm; no ImagePath
    R3 WinRing0_1_2_0; \??\C:\Users\Braňo\AppData\Local\Temp\tmpD29.tmp [X] <==== ATTENTION
    
    CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.4\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
    CustomCLSID: HKU\S-1-5-21-1326493287-2803476095-4076014435-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Braňo\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> No File
    ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    Task: {55285FEB-0E83-4CBE-A17D-6FD227BEAE3B} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe [2015-08-28] (simplitec GmbH) <==== ATTENTION
    Task: {57D170AF-AD19-46B2-9D1A-5D2531749636} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe [2015-08-28] (simplitec GmbH) <==== ATTENTION
    FirewallRules: [{2862184E-C829-4AF6-BA69-B78B01F3B739}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
    FirewallRules: [{9A5FFD72-E97F-4DF4-AE63-90D318879D89}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe
    FirewallRules: [{FFDDC7FD-D274-49A8-B3C8-8C0C2DBC2E24}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
    FirewallRules: [{B6F7942C-B72C-489E-AB72-88C8E6DF6D9B}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
    FirewallRules: [{F749CB44-5D6E-4F75-A838-52E7BCFB1DD8}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
    FirewallRules: [{29A5DE5B-30E8-4AF0-AF58-4720CD2E585A}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
    FirewallRules: [{CA7E7BFB-1DA7-4840-825A-3C00BEC2FBC3}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
    FirewallRules: [{B6CB2038-6483-4946-A27B-BB19ABA608B5}] => (Allow) C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
    C:\Program Files (x86)\simplitec
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

brendon_pk
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 12 črc 2007 07:40
Kontaktovat uživatele:

Re: Prosim o kontrolu (cryptominer.gen)

#10 Příspěvek od brendon_pk »

Program Yandex Browser mas nainstalovany umyselne? To ti ani neviem povedať. Ale je tam nejaký súbor service_update.exe z roku 2016, ktorý nejde odinštalovať ani vymazať. Ani sa mi neukazuje medzi nainštalovanými programami.

Log v prílohe
Přílohy
Fixlog.zip
(27.69 KiB) Staženo 60 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu (cryptominer.gen)

#11 Příspěvek od Conder »

:arrow: Tak snad vies, ci si ho explicitne instaloval alebo sa tam votrel pri instalacii niecoho ineho :D Ale v podstate som chcel vediet, ci tam ten Yandex Browser chces mat. Ale z odpovede usudzuem, ze nie, tak este upraceme aj po nom.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    Folder: C:\Program Files\CPUID
    R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe [768320 2016-08-08] (YANDEX LLC)
    2018-09-26 16:42 - 2018-09-26 16:42 - 000000000 ____D C:\Users\Braňo\AppData\Local\Yandex
    2018-09-27 21:50 - 2016-11-13 16:50 - 000000452 _____ C:\Windows\Tasks\Yandex Browser system update.job
    2018-09-26 16:42 - 2016-11-13 16:50 - 000003544 _____ C:\Windows\System32\Tasks\Yandex Browser system update
    Task: {C7ECB9A2-057F-4098-AD3B-E48453E14505} - System32\Tasks\Yandex Browser system update => C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe [2016-08-08] (YANDEX LLC)
    Task: C:\Windows\Tasks\Yandex Browser system update.job => C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe
    FirewallRules: [{2281696A-C605-4200-A1A9-A0631F048538}] => (Allow) C:\Users\Braňo\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
    C:\Program Files (x86)\Yandex
    DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1
    
    Hosts:
    EmptyTemp:
    End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

brendon_pk
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 12 črc 2007 07:40
Kontaktovat uživatele:

Re: Prosim o kontrolu (cryptominer.gen)

#12 Příspěvek od brendon_pk »

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.09.2018
Ran by Braňo (28-09-2018 20:27:29) Run:2
Running from C:\Users\Braňo\Desktop
Loaded Profiles: Braňo (Available Profiles: Braňo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Folder: C:\Program Files\CPUID
R2 YandexBrowserService; C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe [768320 2016-08-08] (YANDEX LLC)
2018-09-26 16:42 - 2018-09-26 16:42 - 000000000 ____D C:\Users\Braňo\AppData\Local\Yandex
2018-09-27 21:50 - 2016-11-13 16:50 - 000000452 _____ C:\Windows\Tasks\Yandex Browser system update.job
2018-09-26 16:42 - 2016-11-13 16:50 - 000003544 _____ C:\Windows\System32\Tasks\Yandex Browser system update
Task: {C7ECB9A2-057F-4098-AD3B-E48453E14505} - System32\Tasks\Yandex Browser system update => C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe [2016-08-08] (YANDEX LLC)
Task: C:\Windows\Tasks\Yandex Browser system update.job => C:\Program Files (x86)\Yandex\YandexBrowser\16.7.1.20936\service_update.exe
FirewallRules: [{2281696A-C605-4200-A1A9-A0631F048538}] => (Allow) C:\Users\Braňo\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
C:\Program Files (x86)\Yandex
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= Folder: C:\Program Files\CPUID ========================

2015-03-22 22:05 - 2015-03-22 22:05 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files\CPUID\CPU-Z
2015-03-22 22:05 - 2015-02-27 12:07 - 003180216 ____A [38DC537950102016A7D682529E055396] (CPUID) C:\Program Files\CPUID\CPU-Z\cpuz.exe
2015-03-22 22:05 - 2017-06-09 18:46 - 000000490 ____A [69393B8AB30CD58BA3682F484051426C] () C:\Program Files\CPUID\CPU-Z\cpuz.ini
2015-03-22 22:05 - 2014-03-19 13:59 - 000007659 ____A [C8DC89A0CC74BEEDBE9BC77B11DE2F62] () C:\Program Files\CPUID\CPU-Z\cpuz_eula.txt
2015-03-22 22:05 - 2015-02-27 12:09 - 000023377 ____A [0B74EA0BBEDD69CCA8D4A3472D7419FA] () C:\Program Files\CPUID\CPU-Z\cpuz_readme.txt
2015-03-22 22:05 - 2015-03-22 22:05 - 000003123 ____A [E3E8332BE552239DBC651660BE9E8528] () C:\Program Files\CPUID\CPU-Z\unins000.dat
2015-03-22 22:05 - 2015-03-22 22:05 - 000719521 ____A [8C2A7808C334D988B38A39A90DEF9031] () C:\Program Files\CPUID\CPU-Z\unins000.exe

====== End of Folder: ======

"HKLM\System\CurrentControlSet\Services\YandexBrowserService" => removed successfully
YandexBrowserService => service removed successfully
C:\Users\Braňo\AppData\Local\Yandex => moved successfully
C:\Windows\Tasks\Yandex Browser system update.job => moved successfully
C:\Windows\System32\Tasks\Yandex Browser system update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C7ECB9A2-057F-4098-AD3B-E48453E14505}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7ECB9A2-057F-4098-AD3B-E48453E14505}" => removed successfully
"C:\Windows\System32\Tasks\Yandex Browser system update" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yandex Browser system update" => removed successfully
"C:\Windows\Tasks\Yandex Browser system update.job" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2281696A-C605-4200-A1A9-A0631F048538}" => removed successfully
C:\Program Files (x86)\Yandex => moved successfully
"HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\simplitec POWER SUITE_is1" => removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8681020 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 23618 B
Edge => 0 B
Chrome => 0 B
Firefox => 282659549 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Braňo => 93542047 B

RecycleBin => 162868 B
EmptyTemp: => 375.2 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-09-2018 20:29:23)

C:\Windows\System32\Drivers\etc\hosts => Could not move
Could not restore Hosts.

==== End of Fixlog 20:29:23 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu (cryptominer.gen)

#13 Příspěvek od Conder »

:arrow: Vyzera to uz OK. Nastala nejaka zmena alebo su este nejake problemy s PC?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

brendon_pk
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 12 črc 2007 07:40
Kontaktovat uživatele:

Re: Prosim o kontrolu (cryptominer.gen)

#14 Příspěvek od brendon_pk »

Super. No jedine čo ma jedovalo bolo cryptominer.gen, ale ten na druhy deň už antivírus prestal "vrieskať". Všetko ide ako má. Veľmi pekne ďakujem. :worship:

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosim o kontrolu (cryptominer.gen)

#15 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět