Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC response decreased drastically


  • This topic is locked This topic is locked
17 replies to this topic

#1 jojkos

jojkos

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 26 January 2016 - 02:47 AM

Hello,

my problem is, that all of sudden my computer response dropped like a lot. Any help would be appreciated :) thanks

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
Ran by jonas (administrator) on JONAS-PC (26-01-2016 08:41:47)
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Loaded Profiles: jonas (Available Profiles: jonas)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Flux Software LLC) C:\Users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe
(Mail.Ru) C:\Users\jonas\AppData\Local\Mail.Ru\Cloud\15050217\Cloud.exe
(Dropbox, Inc.) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LastPass) C:\Users\jonas\AppData\LocalLow\LastPass\LastPassBroker.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [GoogleChromeAutoLaunch_EE92DA24D002778557D1C2B055218649] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [Dropbox Update] => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-15] (Dropbox, Inc.)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [f.lux] => C:\Users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\MountPoints2: D - D:\Bin\ASSETUP.exe
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr
HKU\S-1-5-18\...\Run: [] => 0
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-01-26] ()
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-01-26] ()
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-01-26] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-01-26] ()
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-01-26] ()
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-01-26] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-12-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cloud Mail.Ru.lnk [2015-01-01]
ShortcutTarget: Cloud Mail.Ru.lnk -> C:\Users\jonas\AppData\Local\Mail.Ru\Cloud\Cloud.exe (Mail.Ru)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-01-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2014-04-03]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{7879FF6A-146D-4BB4-B9E1-8469CFD3960A}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{C078BF4E-5A08-44B4-9584-23154FB7D172}: [DhcpNameServer] 10.0.0.138
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-29] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-12-20] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-29] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-12-20] (LastPass)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> g:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-12-20] (LastPass)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-12-20] (LastPass)
IE Session Restore: HKU\S-1-5-21-3833239083-678279768-2220751185-1001 -> is enabled.
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-29] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-12-20] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> G:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-12-20] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3833239083-678279768-2220751185-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Session Manager) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2014-04-03]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (JSONView) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2016-01-26]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Kalendář Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-12]
CHR Extension: (Postman - REST Client) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm [2015-10-16]
CHR Extension: (Quick Javascript Switcher) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2016-01-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-19]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-01-20]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-01-26]
CHR Extension: (Google Play Music) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-01-21]
CHR Extension: (Smooth Gestures) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-04-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-18]
CHR Extension: (Vylepšení WISu) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\macimepnbaggfjekcmlcohlffafgamcc [2014-04-03]
CHR Extension: (Hangouts Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-12-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-22]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Second facebook message icon) - G:\Dropbox\vecicky\chromeExtension [2015-10-02]
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Tabulky Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Peněženka Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-29] () [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-11-22] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [814264 2011-11-22] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; G:\Program Files\Origin\OriginClientService.exe [1931632 2015-04-16] (Electronic Arts)
S3 PAExec; C:\Windows\PAExec.exe [207872 2015-02-10] (Power Admin LLC) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-07-23] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-07-23] ()
R2 postgresql-x64-9.5; G:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [92160 2015-12-16] (PostgreSQL Global Development Group) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [805840 2015-09-26] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-05] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171152 2011-11-21] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2011-11-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2011-11-21] (ESET)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel  Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-09-09] (Oracle Corporation)
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15544 2014-06-23] (Headsoft)
S3 VSPerfDrv100; G:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows ® Win 7 DDK provider)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-26 08:41 - 2016-01-26 08:41 - 00000000 ____D C:\FRST
2016-01-24 23:44 - 2016-01-24 23:44 - 00107030 _____ C:\Users\jonas\Documents\cc_20160124_234442.reg
2016-01-24 14:14 - 2016-01-24 14:14 - 00003584 _____ C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-24 11:52 - 2016-01-24 11:52 - 00000805 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-01-24 11:52 - 2016-01-24 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-01-24 10:23 - 2016-01-24 10:24 - 00000597 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2016-01-24 10:23 - 2016-01-24 10:24 - 00000597 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops III.lnk
2016-01-21 20:18 - 2016-01-21 20:18 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-01-21 16:49 - 2015-12-18 07:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-01-21 16:49 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-01-21 16:49 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-01-16 19:35 - 2016-01-16 19:35 - 00000213 _____ C:\Users\jonas\Desktop\Dota 2.url
2016-01-13 09:08 - 2016-01-13 09:08 - 00000882 _____ C:\Users\jonas\Desktop\BitTorrent Sync.lnk
2016-01-13 09:08 - 2016-01-13 09:08 - 00000862 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent Sync.lnk
2016-01-13 07:25 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 07:25 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 07:25 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 07:25 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 07:25 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 07:25 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 07:25 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 07:25 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 07:25 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 07:25 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 07:25 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 07:25 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 07:25 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 07:25 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 07:25 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 07:25 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 07:25 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 07:25 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 07:25 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 07:25 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 07:25 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 07:25 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 07:25 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 07:25 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 07:25 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 07:25 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 07:25 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 07:25 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 07:25 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 07:25 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 07:25 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 07:25 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 07:25 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 07:25 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 07:25 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 07:25 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 07:25 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 07:25 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 07:25 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 07:25 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 07:25 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 07:25 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 07:25 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 07:25 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 07:25 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 07:25 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 07:25 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 07:25 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 07:25 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 07:25 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 07:25 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 07:25 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 07:25 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 07:25 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 07:25 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 07:25 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 07:25 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 07:25 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 07:25 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 07:25 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 07:25 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 07:25 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 07:25 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 07:24 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 07:24 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 07:24 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 07:24 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 07:24 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 07:24 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 07:24 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 07:24 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 07:24 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 07:24 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 07:24 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 07:24 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 07:24 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 07:24 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 07:24 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 07:24 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 07:24 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 07:24 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 07:24 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 07:24 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 07:24 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 07:24 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 07:24 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:24 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 07:24 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 07:24 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 07:24 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 07:24 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 07:24 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 07:24 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-12-28 09:45 - 2015-12-28 09:45 - 00001339 _____ C:\Users\jonas\Desktop\Gang Beasts.exe – zástupce.lnk
2015-12-28 09:45 - 2015-12-28 09:45 - 00000922 _____ C:\Users\Public\Desktop\Towerfall - Ascension.lnk
2015-12-28 09:45 - 2015-12-28 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-26 08:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-26 08:27 - 2015-05-15 17:26 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA.job
2016-01-26 08:19 - 2009-07-14 05:45 - 00029936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-26 08:19 - 2009-07-14 05:45 - 00029936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-26 08:11 - 2011-04-12 10:17 - 00700148 _____ C:\Windows\system32\perfh005.dat
2016-01-26 08:11 - 2011-04-12 10:17 - 00151468 _____ C:\Windows\system32\perfc005.dat
2016-01-26 08:11 - 2009-07-14 06:13 - 01663906 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-26 08:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-26 08:10 - 2014-04-03 22:09 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Dropbox
2016-01-26 08:09 - 2014-04-03 18:41 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-26 08:04 - 2015-02-15 12:12 - 00000091 _____ C:\HaxLogs.txt
2016-01-26 08:04 - 2014-04-03 18:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-26 08:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-25 22:26 - 2014-04-04 11:52 - 00000600 _____ C:\Users\jonas\AppData\Roaming\winscp.rnd
2016-01-25 22:25 - 2014-04-03 18:35 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7079FD3F-E4C4-4ADF-BBC5-C4FAD5B8887F}
2016-01-25 21:51 - 2014-04-05 18:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-25 21:46 - 2014-04-03 18:41 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-25 20:35 - 2015-05-15 17:26 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core.job
2016-01-25 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-24 23:37 - 2015-12-21 20:39 - 00000000 ____D C:\Users\jonas\AppData\Local\CrashDumps
2016-01-24 23:37 - 2014-04-05 16:14 - 00000000 ____D C:\Users\jonas\AppData\Roaming\DAEMON Tools Lite
2016-01-24 12:40 - 2014-04-05 17:18 - 00000600 _____ C:\Users\jonas\AppData\Local\PUTTY.RND
2016-01-24 11:52 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Google
2016-01-24 09:48 - 2014-04-03 19:20 - 00000000 ____D C:\Users\jonas\AppData\Roaming\uTorrent
2016-01-23 13:14 - 2014-04-03 19:27 - 00000000 ____D C:\Users\jonas\AppData\Roaming\vlc
2016-01-21 16:50 - 2015-09-02 10:10 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-21 16:50 - 2015-09-02 10:10 - 00000000 ____D C:\Users\jonas\AppData\Local\NVIDIA
2016-01-21 12:13 - 2015-10-08 20:11 - 04289729 ____H C:\Users\jonas\AppData\Local\IconCache.db.backup
2016-01-20 15:28 - 2015-04-08 14:06 - 00000000 ____D C:\Users\jonas\.matplotlib
2016-01-20 15:26 - 2014-04-04 06:34 - 00000000 ____D C:\Python27
2016-01-20 12:51 - 2014-04-05 18:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 12:51 - 2014-04-05 18:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 12:51 - 2014-04-05 18:41 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-16 19:35 - 2014-04-05 17:15 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-15 08:13 - 2015-12-20 18:32 - 00000000 ____D C:\Users\jonas\Documents\StarCraft II
2016-01-15 07:55 - 2014-04-03 18:43 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-14 13:55 - 2015-11-17 12:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 13:55 - 2014-12-24 13:32 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 08:30 - 2015-10-08 20:57 - 05014280 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 08:29 - 2014-12-10 13:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 08:29 - 2014-05-06 17:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-13 13:36 - 2014-04-06 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-06 19:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-06 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-05 16:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 13:35 - 2014-04-05 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-13 13:35 - 2014-04-03 18:57 - 00000000 ____D C:\Windows\system32\MRT
2016-01-13 13:30 - 2014-04-03 18:57 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 13:25 - 2014-09-30 22:18 - 00000000 ____D C:\Users\jonas\AppData\Roaming\BitTorrent Sync
2016-01-12 05:41 - 2015-09-02 10:10 - 01542600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-01-12 05:41 - 2015-09-02 10:10 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-01-12 05:40 - 2015-11-20 13:31 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-01-12 05:40 - 2015-09-02 10:10 - 01860120 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-01-12 05:40 - 2015-09-02 10:10 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-01-11 19:03 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Deployment
2016-01-09 19:56 - 2014-07-30 23:39 - 00000000 ____D C:\Users\jonas\AppData\Roaming\D2MP
2016-01-09 19:39 - 2015-07-23 15:31 - 00000000 ____D C:\Users\jonas\Documents\The Witcher 3
2016-01-08 21:22 - 2014-12-10 16:33 - 00000000 ____D C:\Users\jonas\Documents\Assassin's Creed Unity
2016-01-06 21:07 - 2014-04-11 08:51 - 00000000 ____D C:\Users\jonas\.VirtualBox
2016-01-05 20:57 - 2015-11-25 08:11 - 00000000 ____D C:\Users\jonas\AppData\Local\ElevatedDiagnostics
2016-01-05 20:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-01 18:56 - 2014-04-05 18:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-01-01 18:49 - 2014-06-02 07:52 - 00000000 ____D C:\Users\jonas\Documents\My Games
2015-12-29 20:17 - 2014-04-13 14:58 - 00000000 ____D C:\Windows\pss
2015-12-29 09:47 - 2015-04-06 19:01 - 00000000 ____D C:\Users\jonas\AppData\Roaming\.minecraft
2015-12-29 01:35 - 2015-12-20 15:09 - 00000000 ____D C:\Users\jonas\AppData\LocalLow\LastPass
2015-12-29 01:35 - 2014-09-25 14:49 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Unity
2015-12-29 01:27 - 2014-09-25 14:42 - 00000000 ____D C:\Users\jonas\AppData\LocalLow\Unity
2015-12-29 01:27 - 2014-09-25 14:42 - 00000000 ____D C:\Users\jonas\AppData\Local\Unity
2015-12-28 19:25 - 2015-12-04 19:04 - 00000000 ____D C:\Users\jonas\AppData\Roaming\OBS
2015-12-28 09:52 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
 
==================== Files in the root of some directories =======
 
2015-12-20 15:09 - 2015-12-20 15:09 - 20320792 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-05-10 11:03 - 2014-05-10 11:03 - 0000132 _____ () C:\Users\jonas\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-04-16 13:38 - 2015-12-21 19:39 - 0000132 _____ () C:\Users\jonas\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-04-05 17:13 - 2014-05-29 14:21 - 0045270 _____ () C:\Users\jonas\AppData\Roaming\room_v3.dat
2014-06-10 17:21 - 2014-06-10 17:21 - 0000044 _____ () C:\Users\jonas\AppData\Roaming\twow_sysprepdt.dat
2014-04-04 11:52 - 2016-01-25 22:26 - 0000600 _____ () C:\Users\jonas\AppData\Roaming\winscp.rnd
2016-01-24 14:14 - 2016-01-24 14:14 - 0003584 _____ () C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-16 08:47 - 2015-09-16 08:47 - 0000000 ___SH () C:\Users\jonas\AppData\Local\LumaEmu
2014-04-05 17:18 - 2016-01-24 12:40 - 0000600 _____ () C:\Users\jonas\AppData\Local\PUTTY.RND
2015-07-27 14:25 - 2015-07-27 14:25 - 0001223 _____ () C:\Users\jonas\AppData\Local\recently-used.xbel
2014-11-20 17:31 - 2015-02-09 03:00 - 0007635 _____ () C:\Users\jonas\AppData\Local\resmon.resmoncfg
2014-04-24 17:46 - 2014-04-24 17:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll
C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll
C:\Users\jonas\AppData\Local\Temp\mcse64_01.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-25 11:26
 
==================== End of FRST.txt ============================
 
 
 
 
 
 
 
 
 
 
 
 

Attached Files



BC AdBot (Login to Remove)

 


#2 RayS

RayS

  • Malware Response Team
  • 2,378 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:35 AM

Posted 28 January 2016 - 12:54 PM

Hello jojkos

My name is Ray and I'll be assisting you with your issue. Please give me a few hours to review your logs and prepare a reply. Since I'm still a trainee, all my posts have to be reviewed by my instructor prior to be posted to make sure that you receive the best assistance possible.

Thank you for your understanding, I'll be with you shortly!

 RayS


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#3 RayS

RayS

  • Malware Response Team
  • 2,378 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:35 AM

Posted 29 January 2016 - 10:40 PM

Hello again jojkos, and welcome to Bleeping Computer.

Let's Work Together

  • Please do not attach any log files to your replies unless specifically requested. Instead, please copy and paste the entire text of the logs into the body of your reply. Use separate posts if that's easier for you.
  • Please do not try to fix anything without being asked.
  • It may be helpful for you to print my instructions for easy reference.
  • Any fixes I provide are for this specific problem on this machine only.
  • Removing malware is hazardous. I will not knowingly advise actions that will damage your computer, but it is impossible to guarantee the safety of your system. It may even become necessary to re-format and re-install your operating system. Before we proceed, you should back up all your data -- preferably to a different computer or to off-line storage.

 

Peer-To-Peer Programs
Going over your logs I noticed that you have µTorrent and BitTorrent Sync installed.It is pretty much certain that if you continue to use P2P programs, you will get infected.
I would recommend that you uninstall µTorrent and BitTorrent Sync, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep these programs, please do not use them until your computer is cleaned.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

 

Unrecognized Programs
I noticed two programs running in the background: bl (x32 Version: 1.0.0) and ph (x32 (Version: 1.0.0). Do you recognize these programs?


Policy Restrictions
I noticed policy restrictions on both Google and Internet Explorer. Did you edit Group Policy to do that purposely? If not, we can remove those restrictions in a later post.


Update And Possibly Weed out Plugins
You have 33 plugins added to Chrome. Please check whether your browser plugins are up to date.
For Firefox, use https://www.mozilla.org/en-US/plugincheck/
For other browsers, use https://browsercheck.qualys.com/ (click on Scan without installing plugin and then on Scan now).

  • It may be necessary to click Run or Allow if you have a pop-up blocker running in your browser.
  • Uncheckmark any boxes next to offers to change such things as your default browser, search engine, Home page, etc.
  • Click the Fix It button next to any plugin that is out of date.
  • Restart your browser after all plugins have been updated.
  • Rerun the scan again to confirm all plugins are up to date.
  • Do these steps separately for each browser except Firefox.

As you update each plugin, consider whether you really need it. You may improve loading and execution times and you will definitely save a bit of space if you delete unneeded plugins.


Let's Clean Some Unneeded Entries From Your PC

  • Press the windows key Windows_Logo_key.gif+ R on your keyboard at the same time. This will open the Run dialog box.
  • Type Notepad into the Run box and click OK.
  • Please copy the entire contents of the code box below into a new file.
start

Hosts:
AlternateDataStreams: C:\ProgramData\Microsoft:rCwVHW4dMRURjDp5
AlternateDataStreams: C:\ProgramData\Microsoft:WTjMNarzgDsTN77TJs1d6qFq

End
  • Save the file as fixlist.txt into the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted.
  • Run FRST64.exe and click Fix only once and wait until the program completes execution.
  • Restart the computer normally to reset the registry.
  • The tool will create a log (Fixlog.txt). Please post it into your reply.

 

Scan Using AdwCleaner by Xplode
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[S#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Optionally Run Speed Test(s)
You can determine whether low response is mainly due to your local PC versus your online connection by running either or both of these speed tests: http://www.speedtest.net/ or http://www.dslreports.com/stest. You may want to experiment under different loads, times of day, and with or without folder synchronizing. I don't need to see the results, but you may want to keep a record for an objective basis of comparison.


Re-scan Using FRST
Launch FRST64.exe again and checkmark all the boxes in the Whitelist section and the both the List BCD and the Addition.txt boxes in the Optional Scan section. If you have already deleted the FRST tool, get a fresh copy from Farbar Recovery Scan Tool.
 

In your next reply...

  • Please tell me whether you have backed up all your important data.
  • Please give me a detailed description of what you mean when you say, "response decreased drastically". What programs are affected? What else is running during the affected times? When did you first notice decreased response? Does response differ at various times during the day or evening? Is execution of programs generally slow or is it just the boot-up process or the launching of applications that is slow? This is a multi-part question. Please address each issue.
  • Please tell me whether you have uninstalled µTorrent and BitTorrent Sync. If not, please confirm that you will not run these programs while this topic remains open.
  • Please tell me whether you set policy restrictions on Google and Internet Explorer.
  • The synchronization with Google Drive, Mail.Ru, and Dropbox is being done for 34 local folders. One or more of these operations may be contributing to sluggish execution. Have you added any of this synchronization recently. Can you temporarily suspend some of this synchronization to see if performance improves?
  • Please copy and paste the entire contents of the FIX.log file into the body of your post.
  • Copy and paste the contents of AdwCleaner[S#].txt into your reply. Tell me which entries (if any) you want to keep.
  • Please post your results of the speed tests and tell me if or how much they differ from your previous "normal" experience.
  • Copy and paste the entire contents of both the FRST.txt file and the Addition.txt file into the body of your reply.

Tell me how your PC is running now.

Thank you,

RayS


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#4 jojkos

jojkos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 30 January 2016 - 04:13 PM

  • i have backed up everything i believe is important for me
  • I believe that response dropped mainly at loading games (game levels) and other applications like photoshop. Usually i have chrome opened with quite many tabs but that's something i do always. Decrease started i believe like last week and i don't whink it differs at various times druing day. 
  • i did'nt uninstall those two programs but i will not use them for as long as you're willing to help me :)
  • i'm not sure what these policy restrictions are so i don't think i set them
  • i have both of those programs installed for quite a long time and i didn't change anything lately. 

Fix result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by jonas (2016-01-30 17:24:41) Run:1
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Loaded Profiles: jonas (Available Profiles: jonas)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
Hosts:
AlternateDataStreams: C:\ProgramData\Microsoft:rCwVHW4dMRURjDp5
AlternateDataStreams: C:\ProgramData\Microsoft:WTjMNarzgDsTN77TJs1d6qFq
 
End
*****************
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
C:\ProgramData\Microsoft => ":rCwVHW4dMRURjDp5" ADS removed successfully.
C:\ProgramData\Microsoft => ":WTjMNarzgDsTN77TJs1d6qFq" ADS removed successfully.
 
==== End of Fixlog 17:24:41 ====

# AdwCleaner v5.031 - Logfile created 30/01/2016 at 21:49:20
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : jonas - JONAS-PC
# Running from : G:\Cloud@Mail.Ru\Downloads\cleaning\adwcleaner_5.031.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mail.Ru
Folder Found : C:\Users\jonas\AppData\Local\Mail.Ru
Folder Found : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc
 
***** [ Files ] *****
 
File Found : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chklaanhfefbnpoihckbnefhakgolnmc_0.localstorage
File Found : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chklaanhfefbnpoihckbnefhakgolnmc_0.localstorage-journal
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Conduit
 
***** [ Web browsers ] *****
 
[C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : chklaanhfefbnpoihckbnefhakgolnmc
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1339 bytes] ##########
 
 
i suppose i want to keep Mail.Ru. I dont know what Conduit is.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
Ran by jonas (administrator) on JONAS-PC (30-01-2016 21:50:53)
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Loaded Profiles: jonas (Available Profiles: jonas)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Flux Software LLC) C:\Users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Dropbox, Inc.) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mail.Ru) C:\Users\jonas\AppData\Local\Mail.Ru\Cloud\15050403\Cloud.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2919168 2011-11-22] (ESET)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [GoogleChromeAutoLaunch_EE92DA24D002778557D1C2B055218649] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-01-27] (Google Inc.)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [Dropbox Update] => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-15] (Dropbox, Inc.)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [f.lux] => C:\Users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-01-30] ()
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-01-30] ()
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-01-30] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-01-30] ()
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-01-30] ()
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-01-30] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-01-20] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-12-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cloud Mail.Ru.lnk [2015-01-01]
ShortcutTarget: Cloud Mail.Ru.lnk -> C:\Users\jonas\AppData\Local\Mail.Ru\Cloud\Cloud.exe (Mail.Ru)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-01-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2014-04-03]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{7879FF6A-146D-4BB4-B9E1-8469CFD3960A}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{C078BF4E-5A08-44B4-9584-23154FB7D172}: [DhcpNameServer] 10.0.0.138
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-29] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-12-20] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-29] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-12-20] (LastPass)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> g:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-12-20] (LastPass)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-12-20] (LastPass)
IE Session Restore: HKU\S-1-5-21-3833239083-678279768-2220751185-1001 -> is enabled.
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-29] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-12-20] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> G:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-12-20] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3833239083-678279768-2220751185-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Session Manager) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2014-04-03]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (JSONView) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2016-01-28]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Kalendář Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-12]
CHR Extension: (Postman - REST Client) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm [2015-10-16]
CHR Extension: (Quick Javascript Switcher) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2016-01-05]
CHR Extension: (AdBlock) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-28]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-01-30]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-01-26]
CHR Extension: (Google Play Music) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-01-21]
CHR Extension: (Smooth Gestures) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-04-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-18]
CHR Extension: (Vylepšení WISu) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\macimepnbaggfjekcmlcohlffafgamcc [2014-04-03]
CHR Extension: (Hangouts Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-12-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-22]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Second facebook message icon) - G:\Dropbox\vecicky\chromeExtension [2015-10-02]
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Tabulky Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Peněženka Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-29] () [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-11-22] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [814264 2011-11-22] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; G:\Program Files\Origin\OriginClientService.exe [1931632 2015-04-16] (Electronic Arts)
S3 PAExec; C:\Windows\PAExec.exe [207872 2015-02-10] (Power Admin LLC) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-07-23] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-07-23] ()
R2 postgresql-x64-9.5; G:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [92160 2015-12-16] (PostgreSQL Global Development Group) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [805840 2015-09-26] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-05] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171152 2011-11-21] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2011-11-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2011-11-21] (ESET)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel  Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-09-09] (Oracle Corporation)
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15544 2014-06-23] (Headsoft)
S3 VSPerfDrv100; G:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows ® Win 7 DDK provider)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-30 21:49 - 2016-01-30 21:49 - 00000000 ____D C:\AdwCleaner
2016-01-30 17:24 - 2016-01-30 21:50 - 00000000 ____D C:\FRST
2016-01-28 17:26 - 2016-01-28 17:32 - 00000000 ____D C:\Qoobox
2016-01-28 17:26 - 2016-01-28 17:31 - 00000000 ____D C:\Windows\erdnt
2016-01-28 17:26 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-01-28 17:26 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-01-28 17:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-01-28 07:48 - 2016-01-28 07:48 - 00002026 _____ C:\Users\jonas\Documents\cc_20160128_074847.reg
2016-01-27 22:44 - 2016-01-23 02:12 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-01-27 22:43 - 2016-01-23 04:42 - 31079992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 24911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 21193544 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 17626352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 16995064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 12379072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-01-27 22:43 - 2016-01-23 04:42 - 03145272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 02721216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436175.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436175.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00948672 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00689600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00468960 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 42983992 _____ C:\Windows\system32\nvcompiler.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 37614528 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-01-26 08:51 - 2016-01-26 08:51 - 00000000 ____D C:\Program Files\trend micro
2016-01-24 23:44 - 2016-01-24 23:44 - 00107030 _____ C:\Users\jonas\Documents\cc_20160124_234442.reg
2016-01-24 14:14 - 2016-01-24 14:14 - 00003584 _____ C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-24 11:52 - 2016-01-24 11:52 - 00000805 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-01-24 11:52 - 2016-01-24 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-01-24 10:23 - 2016-01-24 10:24 - 00000597 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2016-01-24 10:23 - 2016-01-24 10:24 - 00000597 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops III.lnk
2016-01-21 20:18 - 2016-01-21 20:18 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-01-21 16:49 - 2015-12-18 07:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-01-21 16:49 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-01-21 16:49 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-01-16 19:35 - 2016-01-16 19:35 - 00000213 _____ C:\Users\jonas\Desktop\Dota 2.url
2016-01-13 09:08 - 2016-01-13 09:08 - 00000882 _____ C:\Users\jonas\Desktop\BitTorrent Sync.lnk
2016-01-13 09:08 - 2016-01-13 09:08 - 00000862 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent Sync.lnk
2016-01-13 07:25 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 07:25 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 07:25 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 07:25 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 07:25 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 07:25 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 07:25 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 07:25 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 07:25 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 07:25 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 07:25 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 07:25 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 07:25 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 07:25 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 07:25 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 07:25 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 07:25 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 07:25 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 07:25 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 07:25 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 07:25 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 07:25 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 07:25 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 07:25 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 07:25 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 07:25 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 07:25 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 07:25 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 07:25 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 07:25 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 07:25 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 07:25 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 07:25 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 07:25 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 07:25 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 07:25 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 07:25 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 07:25 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 07:25 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 07:25 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 07:25 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 07:25 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 07:25 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 07:25 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 07:25 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 07:25 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 07:25 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 07:25 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 07:25 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 07:25 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 07:25 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 07:25 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 07:25 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 07:25 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 07:25 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 07:25 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 07:25 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 07:25 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 07:25 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 07:25 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 07:25 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 07:25 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 07:25 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 07:24 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 07:24 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 07:24 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 07:24 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 07:24 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 07:24 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 07:24 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 07:24 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 07:24 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 07:24 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 07:24 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 07:24 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 07:24 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 07:24 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 07:24 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 07:24 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 07:24 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 07:24 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 07:24 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 07:24 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 07:24 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 07:24 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 07:24 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:24 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 07:24 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 07:24 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 07:24 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 07:24 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 07:24 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 07:24 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-30 21:51 - 2014-04-05 18:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-30 21:46 - 2014-04-03 18:41 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-30 21:46 - 2014-04-03 18:41 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-30 21:42 - 2009-07-14 05:45 - 00029936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-30 21:42 - 2009-07-14 05:45 - 00029936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-30 21:36 - 2011-04-12 10:17 - 00700148 _____ C:\Windows\system32\perfh005.dat
2016-01-30 21:36 - 2011-04-12 10:17 - 00151468 _____ C:\Windows\system32\perfc005.dat
2016-01-30 21:36 - 2009-07-14 06:13 - 01663906 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-30 21:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-30 21:32 - 2014-04-03 22:09 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Dropbox
2016-01-30 21:30 - 2015-02-15 12:12 - 00000091 _____ C:\HaxLogs.txt
2016-01-30 21:30 - 2014-04-03 18:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-30 21:30 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-30 18:27 - 2015-05-15 17:26 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA.job
2016-01-30 17:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-29 21:28 - 2014-04-04 11:52 - 00000600 _____ C:\Users\jonas\AppData\Roaming\winscp.rnd
2016-01-29 20:56 - 2014-04-03 18:35 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7079FD3F-E4C4-4ADF-BBC5-C4FAD5B8887F}
2016-01-29 20:36 - 2015-05-15 17:26 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core.job
2016-01-29 19:47 - 2015-09-17 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-29 17:17 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Deployment
2016-01-29 14:30 - 2014-04-05 17:18 - 00000600 _____ C:\Users\jonas\AppData\Local\PUTTY.RND
2016-01-29 09:29 - 2014-04-03 19:27 - 00000000 ____D C:\Users\jonas\AppData\Roaming\vlc
2016-01-28 22:52 - 2014-04-03 18:43 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-28 22:52 - 2014-04-03 18:43 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-28 17:32 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Apps\2.0
2016-01-28 17:30 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-01-28 17:29 - 2015-05-24 12:41 - 00000000 ____D C:\ProgramData\TEMP
2016-01-28 17:26 - 2015-02-10 11:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-28 09:01 - 2014-04-03 19:20 - 00000000 ____D C:\Users\jonas\AppData\Roaming\uTorrent
2016-01-27 22:44 - 2015-09-02 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-27 22:44 - 2015-02-10 11:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-27 09:04 - 2014-04-11 08:51 - 00000000 ____D C:\Users\jonas\.VirtualBox
2016-01-25 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-24 23:37 - 2015-12-21 20:39 - 00000000 ____D C:\Users\jonas\AppData\Local\CrashDumps
2016-01-24 23:37 - 2014-04-05 16:14 - 00000000 ____D C:\Users\jonas\AppData\Roaming\DAEMON Tools Lite
2016-01-24 11:52 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Google
2016-01-23 04:42 - 2015-02-10 11:22 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 03683560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 03258664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2016-01-23 02:04 - 2015-12-22 11:18 - 00532024 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-01-23 02:04 - 2015-12-22 11:18 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 06368312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 02992064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 01263040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-01-23 02:04 - 2015-02-10 11:23 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-01-22 22:07 - 2015-02-10 11:23 - 06125650 _____ C:\Windows\system32\nvcoproc.bin
2016-01-21 16:50 - 2015-09-02 10:10 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-21 16:50 - 2015-09-02 10:10 - 00000000 ____D C:\Users\jonas\AppData\Local\NVIDIA
2016-01-21 12:13 - 2015-10-08 20:11 - 04289729 ____H C:\Users\jonas\AppData\Local\IconCache.db.backup
2016-01-20 15:28 - 2015-04-08 14:06 - 00000000 ____D C:\Users\jonas\.matplotlib
2016-01-20 15:26 - 2014-04-04 06:34 - 00000000 ____D C:\Python27
2016-01-20 12:51 - 2014-04-05 18:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 12:51 - 2014-04-05 18:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 12:51 - 2014-04-05 18:41 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-16 19:35 - 2014-04-05 17:15 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-15 08:13 - 2015-12-20 18:32 - 00000000 ____D C:\Users\jonas\Documents\StarCraft II
2016-01-14 13:55 - 2015-11-17 12:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 13:55 - 2014-12-24 13:32 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 08:30 - 2015-10-08 20:57 - 05014280 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 08:29 - 2014-12-10 13:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 08:29 - 2014-05-06 17:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-13 13:36 - 2014-04-06 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-06 19:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-06 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-05 16:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 13:35 - 2014-04-05 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-13 13:35 - 2014-04-03 18:57 - 00000000 ____D C:\Windows\system32\MRT
2016-01-13 13:30 - 2014-04-03 18:57 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 13:25 - 2014-09-30 22:18 - 00000000 ____D C:\Users\jonas\AppData\Roaming\BitTorrent Sync
2016-01-12 05:41 - 2015-09-02 10:10 - 01542600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-01-12 05:41 - 2015-09-02 10:10 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-01-12 05:40 - 2015-11-20 13:31 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-01-12 05:40 - 2015-09-02 10:10 - 01860120 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-01-12 05:40 - 2015-09-02 10:10 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-01-09 19:56 - 2014-07-30 23:39 - 00000000 ____D C:\Users\jonas\AppData\Roaming\D2MP
2016-01-09 19:39 - 2015-07-23 15:31 - 00000000 ____D C:\Users\jonas\Documents\The Witcher 3
2016-01-08 21:22 - 2014-12-10 16:33 - 00000000 ____D C:\Users\jonas\Documents\Assassin's Creed Unity
2016-01-05 20:57 - 2015-11-25 08:11 - 00000000 ____D C:\Users\jonas\AppData\Local\ElevatedDiagnostics
2016-01-05 20:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-01 18:56 - 2014-04-05 18:25 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-01-01 18:49 - 2014-06-02 07:52 - 00000000 ____D C:\Users\jonas\Documents\My Games
 
==================== Files in the root of some directories =======
 
2015-12-20 15:09 - 2015-12-20 15:09 - 20320792 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-05-10 11:03 - 2014-05-10 11:03 - 0000132 _____ () C:\Users\jonas\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-04-16 13:38 - 2015-12-21 19:39 - 0000132 _____ () C:\Users\jonas\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-04-05 17:13 - 2014-05-29 14:21 - 0045270 _____ () C:\Users\jonas\AppData\Roaming\room_v3.dat
2014-06-10 17:21 - 2014-06-10 17:21 - 0000044 _____ () C:\Users\jonas\AppData\Roaming\twow_sysprepdt.dat
2014-04-04 11:52 - 2016-01-29 21:28 - 0000600 _____ () C:\Users\jonas\AppData\Roaming\winscp.rnd
2016-01-24 14:14 - 2016-01-24 14:14 - 0003584 _____ () C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-16 08:47 - 2015-09-16 08:47 - 0000000 ___SH () C:\Users\jonas\AppData\Local\LumaEmu
2014-04-05 17:18 - 2016-01-29 14:30 - 0000600 _____ () C:\Users\jonas\AppData\Local\PUTTY.RND
2015-07-27 14:25 - 2015-07-27 14:25 - 0001223 _____ () C:\Users\jonas\AppData\Local\recently-used.xbel
2014-11-20 17:31 - 2015-02-09 03:00 - 0007635 _____ () C:\Users\jonas\AppData\Local\resmon.resmoncfg
2014-04-24 17:46 - 2014-04-24 17:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll
C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll
C:\Users\jonas\AppData\Local\Temp\mcse64_01.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor           {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  cs-CZ
inherit                 {globalsettings}
default                 {current}
resumeobject            {7823846d-bb5d-11e3-aff5-cf2949492f4c}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor           {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  cs-CZ
inherit                 {bootloadersettings}
recoverysequence        {7823846f-bb5d-11e3-aff5-cf2949492f4c}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {7823846d-bb5d-11e3-aff5-cf2949492f4c}
nx                      OptIn
vga                     No
 
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor           {7823846f-bb5d-11e3-aff5-cf2949492f4c}
device                  ramdisk=[C:]\Recovery\7823846f-bb5d-11e3-aff5-cf2949492f4c\Winre.wim,{78238470-bb5d-11e3-aff5-cf2949492f4c}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\7823846f-bb5d-11e3-aff5-cf2949492f4c\Winre.wim,{78238470-bb5d-11e3-aff5-cf2949492f4c}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Obnovenˇ z hibernace
---------------------
identifik tor           {7823846d-bb5d-11e3-aff5-cf2949492f4c}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  cs-CZ
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor           {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Diagnostika pamŘti syst‚mu Windows
locale                  cs-CZ
inherit                 {globalsettings}
badmemoryaccess         Yes
 
Nastavenˇ slu§by EMS
------------
identifik tor           {emssettings}
bootems                 Yes
 
Nastavenˇ ladicˇho programu
-----------------
identifik tor           {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
Chyby pamŘti RAM
-----------
identifik tor           {badmemory}
 
Glob lnˇ nastavenˇ
---------------
identifik tor           {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor           {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Nastavenˇ hypervisoru
-------------------
identifik tor           {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor           {resumeloadersettings}
inherit                 {globalsettings}
 
Parametry zaýˇzenˇ
--------------
identifik tor           {78238470-bb5d-11e3-aff5-cf2949492f4c}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\7823846f-bb5d-11e3-aff5-cf2949492f4c\boot.sdi
 
 
 
LastRegBack: 2016-01-29 17:11
 
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by jonas (2016-01-30 21:51:12)
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Windows 7 Professional Service Pack 1 (X64) (2014-04-03 17:31:28)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3833239083-678279768-2220751185-500 - Administrator - Disabled)
Guest (S-1-5-21-3833239083-678279768-2220751185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3833239083-678279768-2220751185-1002 - Limited - Enabled)
jonas (S-1-5-21-3833239083-678279768-2220751185-1001 - Administrator - Enabled) => C:\Users\jonas
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Aktualizace NVIDIA 2.9.1.22 (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BitTorrent Sync (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\BitTorrent Sync) (Version: 2.2.7 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Borderlands: The Pre-Sequel v1.0.5 to v1.0.6 Update (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.66.1075 - AB Team, d.o.o.)
Call of Duty: Black Ops III (HKLM\...\Q2FsbG9mRHV0eUJsYWNrT3BzSUlJ_is1) (Version: 1 - )
Cloud Mail.Ru (HKLM-x32\...\{776AF05B-784A-416F-B14C-31A1FBAF8B19}_is1) (Version: 15.04.0015 - Mail.Ru Group)
CMake 3.0.2, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.0.2) (Version: 3.0.2 - Kitware)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Souls II Crown of the Ivory King (HKLM-x32\...\Dark Souls II Crown of the Ivory King_is1) (Version:  - )
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
doxygen 1.8.9.1 (HKLM\...\doxygen_is1) (Version: 1.8.9.1 - Dimitri van Heesch)
Dropbox (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Dropbox) (Version: 3.14.2 - Dropbox, Inc.)
Dying Light Ultimate Edition version 1.0.6.1 (HKLM-x32\...\Dying Light Ultimate Edition_is1) (Version: 1.0.6.1 - Mr DJ)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
ESET NOD32 Antivirus (HKLM\...\{07E7B9EE-1910-49F5-9A1C-7EDB0D6BFE58}) (Version: 4.2.76.1 - ESET, spol. s r.o.)
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version:  - Eurobattle.net)
f.lux (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Flux) (Version:  - )
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.01 - Ubisoft)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google App Engine (HKLM-x32\...\{AE010912-007D-11DD-A3C1-001636EEECBD}) (Version: 1.9.18.0 - Google Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Heroku Toolbelt 3.42.25 (HKLM-x32\...\Heroku Toolbelt_is1) (Version: 3.42.25 - Heroku, Inc.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
import.io (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JetBrains PyCharm 5.0.2 (HKLM-x32\...\PyCharm 5.0.2) (Version: 143.1184.3 - JetBrains s.r.o.)
KitchenDraw 6.5 (HKLM-x32\...\KitchenDraw_is1) (Version:  - Pragma)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{692514A8-5484-45FC-B0AE-BE2DF7A75891}) (Version: 9.0.1.30729 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{0666E46E-A860-4353-BE6D-13AA72FABB57}) (Version: 1.3.0.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Node.js (HKLM\...\{8C7BB038-9DF2-4B43-8BF7-42D95559E459}) (Version: 4.1.1 - Node.js Foundation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 361.75 (Version: 361.75 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PostgreSQL 9.5  (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
pyexiv2 0.3.2 for Python 2.7 (64 bits) (HKLM\...\pyexiv2-0.3.2-py27-amd64) (Version: 0.3.2 - )
PyQt GPL v4.11.2 for Python v2.7 (x64) (HKLM\...\PyQt GPL v4.11.2 for Python v2.7 (x64)) (Version: 4.11.2 - )
PyQt GPL v5.3.2 for Python v3.4 (x64) (HKLM\...\PyQt GPL v5.3.2 for Python v3.4 (x64)) (Version: 5.3.2 - )
Python 2.7 matplotlib-1.4.3 (64-bit) (HKLM\...\matplotlib-py2.7) (Version:  - )
Python 2.7 numpy-1.9.0 (64-bit) (HKLM\...\numpy-py2.7) (Version:  - )
Python 2.7 py2exe-0.6.9 (HKLM\...\py2exe-py2.7) (Version:  - )
Python 2.7 pygame-1.9.2a0 (64-bit) (HKLM\...\pygame-py2.7) (Version:  - )
Python 2.7 pywin32-219 (HKLM\...\pywin32-py2.7) (Version:  - )
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Python 3.4 py2exe-0.9.2.0 (HKLM\...\py2exe-py3.4) (Version:  - )
Python 3.4.0 (64-bit) (HKLM\...\{863162a8-ecc2-35ea-bdf7-e09ac456e164}) (Version: 3.4.150 - Python Software Foundation)
Qt (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Qt) (Version: 1.0.1 - Digia Plc)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Ruby 2.1.7-p400 (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{64763A89-6347-43AF-833F-3840615C62AE}_is1) (Version: 2.1.7-p400 - RubyInstaller Team)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SceneBuilder (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{com.oracle.javafx.scenebuilder.app}}_is1) (Version: 8.0.0 - Gluon)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Slik Subversion 1.8.10 (x64) (HKLM\...\{77E9DE63-9345-4940-A288-0DF70243E2B2}) (Version: 1.8.10017 - SlikSvn & The SharpSvn Project)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3 - Wild Hunt (HKLM-x32\...\The Witcher 3 - Wild Hunt_is1) (Version:  - )
The Witcher 3: Wild Hunt - Alternative Look for Ciri (HKLM-x32\...\Alternative Look for Ciri_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Finisher Animations (HKLM-x32\...\New Finisher Animations_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - NEW GAME + (HKLM-x32\...\NEW GAME +_is1) (Version: 1.0.0.0 - GOG.com)
Towerfall - Ascension - Dark World (HKLM-x32\...\Towerfall: Ascension - Dark World_is1) (Version: 2.0.0.1 - GOG.com)
Towerfall - Ascension (HKLM-x32\...\1430924174_is1) (Version: 2.0.0.1 - GOG.com)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.6 - Tunngle.net GmbH)
TweakNow DiskAnalyzer (HKLM-x32\...\TweakNow DiskAnalyzer_is1) (Version: 1.3.0 - TweakNow.com)
Unity Web Player (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{C224EEBF-D40A-4056-9DD3-EE74666F74AB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VPython 6.05 (HKLM\...\VPython for Python 2.7_is1) (Version:  - )
WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WinEdt 9 (HKLM\...\WinEdt 9) (Version: 9.0 - WinEdt Team)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
Wireshark 1.12.8 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.8 - The Wireshark developer community, hxxp://www.wireshark.org)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA00-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA01-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA02-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA03-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA04-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{64A9418A-B6B1-4112-B75C-E61633C9A31F}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{6775BBF1-8D9D-4D14-A999-4E78DF8DCEC6}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{6A2E142B-EA63-433A-AC05-5223CBD26E65}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{6AFCC535-2F12-4F50-9F0A-1CF856CFC95D}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> G:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {26BF622C-C174-448A-9F53-9DC5F4618579} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {30729FBC-48F6-44B7-8A31-AAA49E1BE1B5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4C9A9A15-0D39-4E66-AC29-11756D24F3C8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {5498636D-DE74-4B67-B17F-3AA0F9537CE0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15] (Dropbox, Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {63064C3A-F629-434D-BB53-8416560ADD8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {63459A48-771B-4060-9D5A-AD0E86937E6D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {98845C3E-886B-4BEA-9AE6-8BBC837D7407} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {A60BBC38-ECDD-4259-98B5-134E8BA92615} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {A733E1CE-3018-400C-A9C6-7E568E499D22} - System32\Tasks\{F3174046-6E23-4FD3-A6C4-3105F1AFED9D} => pcalua.exe -a G:\Cloud@Mail.Ru\Downloads\WDM_R273.exe -d G:\Cloud@Mail.Ru\Downloads
Task: {AF1DE7AD-2AA2-4A3C-9862-964CA40B671F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15] (Dropbox, Inc.)
Task: {D0BFDCD1-BCDF-4425-B1AC-F6E5FE894EDC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E36732E4-5AE7-4D26-A782-38E10F581A80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F149083D-1F52-49F1-BDD5-96F574231CC9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core.job => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA.job => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.7-p400\Interactive Ruby.lnk -> G:\Program Files (x86)\Heroku\ruby-2.1.7\bin\irb.bat ()
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\jonas\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud SDK\Google App Engine Launcher.lnk -> G:\Program Files\Google\Cloud SDK\GoogleAppEngineLauncher.bat ()
 
ShortcutWithArgument: C:\Users\jonas\Desktop\Google Cloud SDK Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "SET CLOUDSDK_CONFIG=C:\Users\jonas\AppData\Roaming\gcloud&"G:\Program Files\Google\Cloud SDK\cloud_env.bat""
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.7-p400\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K G:\Program Files (x86)\Heroku\ruby-2.1.7\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.3\MSVC 2010 OpenGL (32-bit)\Qt 5.3 32-bit for Desktop (MSVC 2010 OpenGL).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K G:\Qt\5.3\msvc2010_opengl\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 32-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" amd64"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Cross Tools Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86_amd64"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud SDK\Google Cloud SDK Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "SET CLOUDSDK_CONFIG=C:\Users\jonas\AppData\Roaming\gcloud&"G:\Program Files\Google\Cloud SDK\cloud_env.bat""
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-02-10 11:23 - 2016-01-23 02:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 17:44 - 2013-05-07 08:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-21 09:07 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-06-14 19:40 - 2014-07-23 21:47 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-14 19:40 - 2014-07-23 21:47 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-12-22 11:07 - 2015-12-16 07:59 - 00183296 _____ () G:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2015-12-22 11:07 - 2015-08-26 09:40 - 02257408 _____ () G:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2016-01-29 08:03 - 2016-01-30 21:31 - 00196824 _____ () C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll
2014-10-03 14:50 - 2015-03-19 22:33 - 00736962 _____ () G:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2016-01-13 09:08 - 2016-01-13 09:08 - 00820224 _____ () C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll
2014-04-24 17:44 - 2016-01-30 21:30 - 00027136 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-04-24 17:44 - 2013-05-07 08:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-09-02 10:10 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-20 10:33 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-01-21 20:18 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-24 00:15 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-11-20 10:33 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\select.pyd
2015-11-20 10:33 - 2016-01-20 02:56 - 00019760 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-24 00:15 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-11-20 10:33 - 2016-01-20 02:56 - 00381752 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00020816 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-11-20 10:33 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 01682760 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00020808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-11-20 10:33 - 2016-01-20 02:56 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-11-20 10:33 - 2016-01-20 02:56 - 00021840 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00038696 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-24 00:15 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00021832 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00026456 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00117056 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 00024392 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-01-21 20:18 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\librsync.dll
2015-11-20 10:33 - 2016-01-20 02:56 - 00023376 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-24 00:15 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-01-21 20:18 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 00052024 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00021824 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00019776 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00020280 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00022352 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00084792 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-24 00:15 - 2016-01-20 02:56 - 01826096 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-11-20 10:33 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 03928880 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 01971504 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 00531248 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 00132912 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 00223544 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 00207672 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00158008 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-01-21 20:18 - 2016-01-20 02:56 - 00042808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-01-21 20:18 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-01-21 20:18 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-11-20 10:33 - 2016-01-20 02:56 - 00024904 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 00546096 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-24 00:15 - 2016-01-20 02:56 - 00357680 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-04-03 20:14 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2016-01-28 22:52 - 2016-01-27 18:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
2016-01-28 22:52 - 2016-01-27 18:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll
2014-04-24 17:48 - 2013-09-16 05:19 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\jonas\Local Settings:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local\Data aplikací:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local\Temp:t4LoDps9uRBcCimDR60z
AlternateDataStreams: C:\Users\jonas\AppData\Local\Temporary Internet Files:Z0uHERu6ep2bcmxcp4avX
AlternateDataStreams: C:\Users\Public\DRM:احتضان
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2016-01-30 17:24 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A9761036-2492-4509-9B24-0D7D3222B72A}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1B41E6D-8EC2-4048-AF92-BBFB3E0793D7}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F7AB77D0-1FBB-467D-8C70-5774D8EAC59A}] => (Allow) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C41D80CE-0F17-4ECF-96FD-FB1C4F07D666}] => (Allow) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CAC326BF-E525-4E3C-A570-6F67CD49CC69}] => (Allow) G:\Program Files\Steam\Steam.exe
FirewallRules: [{328EF74F-2E68-448B-8EBF-ADB1EFE9272D}] => (Allow) G:\Program Files\Steam\Steam.exe
FirewallRules: [{6CAB3EBA-A8A8-4E78-BB4B-653C68BE5891}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{36CE1EA1-A3C0-49D1-B259-6D5C0E5E6485}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5DED1022-32AC-4A63-8E13-57C5FB3A2C3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5E546E71-29E4-4161-BA10-9F375EFB8D2A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FC7B9113-3FAD-45CB-8F37-9C4A1A6517BB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{61BCA08F-1361-4D6D-B7E7-BAC8ED062784}G:\cloud@mail.ru\hry\warcraft iii\war3.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [UDP Query User{1C9C1031-FE35-41B7-B7E5-EA27196EEF95}G:\cloud@mail.ru\hry\warcraft iii\war3.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{5EF15B9C-4E2D-40EC-8857-222F5E6BC62D}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{9E7E9158-AAE6-4C44-A496-55A70FF43F5D}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{4D98A5BD-C155-4716-BFFB-F9530D8680D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C4B0E158-26D6-4557-8945-46A2E2C5AA50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{5BA0945F-A8AB-462C-9D45-4F1A8C88BA2D}C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F759EA7F-6978-4262-AF3F-834D2C4DD6CB}C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CADB71D3-1966-4947-BC7E-8B853FDF2EB1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7EBA233C-CF7F-4AC8-8539-BB7D9CAB6AB5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{70C11166-7288-4191-8ECA-9134E68C7DC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{10896008-4E6F-4EB0-AE6C-E257E522BA82}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E07FEB57-63C3-470F-A2D3-F6BE5E9FB590}] => (Allow) G:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{90E35914-0C7D-4402-AC79-DFF0F6932958}] => (Allow) G:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{9982DF72-015D-483C-9E6E-73D5968D9A9B}] => (Allow) LPort=7935
FirewallRules: [{BCAB1C08-216D-4FA5-B502-A86C927286D3}] => (Allow) G:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ADBB6653-282A-42C8-AE0A-470721DD271D}] => (Allow) G:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{A80E35EE-DF15-4EED-931B-A1819E21D28F}G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [UDP Query User{D93CBF69-4A14-4D21-A3D3-E70C704989C2}G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{E8E8A2D2-728C-4207-BA8E-029D03357E55}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{5BB28CE9-4FAB-4A1E-A3F6-94C0F8E74707}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{E43FE05E-0D3C-4DB7-BC0C-572249CD19D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{39DAF841-FEB1-405A-B7EA-855494AF55E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{71579848-0124-455D-B0B8-97E92ED14B40}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F57C39C5-6B21-4042-B19A-3FDD28655F99}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4891815C-3522-4499-BD0C-3B2B6CF19391}] => (Allow) G:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{C89E9524-C300-4D9A-BFE8-6BD1C7FDFCCF}] => (Allow) G:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{56A4FB25-66BF-445F-919F-50EB4396928D}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{6A714A49-E29E-45FE-ADC9-0010BE7E4A94}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{47D04D33-188C-4173-9288-06657286AE0D}G:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{9AE75997-9D88-47F0-BC8E-30E6C921FF94}G:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{8F6A759C-A2C9-4035-A466-6CCE9F359661}] => (Block) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{71665B01-F6D0-49BB-A580-03B29434D290}] => (Block) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [TCP Query User{F22B5F0D-4C38-49DF-B211-4EE739EC14A7}G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [UDP Query User{56413D5F-E7AA-41E8-BCB0-826620656213}G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{17666D0B-8244-4C1B-ABA5-69EC42B38511}] => (Block) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{CEB8354E-6ECB-4FAB-8215-BD82A8833A5D}] => (Block) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{5B0443C7-5B2A-4E6F-A852-A59363EE0335}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2B95183D-2939-456B-8BEB-3EF836744702}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{A3CAABD5-BC92-46E6-994E-FA678010D5F6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{66F2E2A6-F7EA-4417-A67B-30AAD4B90B47}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{005C4B74-D32F-40D5-B9E9-26DF7F692523}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{C0B6EFE8-B1A0-4E41-8F4E-90C4F1E30BB7}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{570DCD3E-4A43-4052-A051-3FD9D40A1A2C}] => (Allow) C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\XnaTrans\v3.0\XnaTransX.exe
FirewallRules: [{EFFC1DD8-F869-40B4-BDF2-D4ABCD366824}] => (Allow) C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v4.0\Bin\XnaLiveProxy.exe
FirewallRules: [{AB930C93-5902-497D-9821-1ED914D74502}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{96007E15-957A-4E33-B70A-D65AFDE1F505}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{96BF12DF-F946-447F-A392-78C0737A6528}G:\program files\codemasters\operation flashpoint\flashpointresistance.exe] => (Allow) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [UDP Query User{584BB2BC-9D4A-4BAD-9312-D48BD4A38C74}G:\program files\codemasters\operation flashpoint\flashpointresistance.exe] => (Allow) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [{D348FBC1-9522-4C8B-9D2A-DA21E23C6A6C}] => (Block) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [{FA4CB2C6-141D-44A1-B60D-64E87B736BAE}] => (Block) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [TCP Query User{62D2F4C3-282C-4125-BDA2-18F2FE3E6BA0}G:\unity\tutorialspace\builds\hra.exe] => (Allow) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [UDP Query User{C9BB3218-A8B5-4CEA-81A1-F6E6DE9464DF}G:\unity\tutorialspace\builds\hra.exe] => (Allow) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [{60BC01D9-4D98-44D9-A5CC-10E6919BE356}] => (Block) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [{D8738C0A-F69D-45CC-8502-0457A12F3B94}] => (Block) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [TCP Query User{AA89A5B3-DAAB-4292-B634-52EAD5019516}G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{33305600-EBAC-49D7-B81B-2C4B9EE35CF1}G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{F53611F2-9673-43D5-9AEA-243C0E146681}] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{88075BF3-A8EC-41B2-91F0-F18907925A01}] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{DE350AD5-0718-4DD1-9BAC-69747D9D3FFC}] => (Allow) G:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\DARKSOULS.exe
FirewallRules: [TCP Query User{FD4953EA-303D-42DB-830B-64A504E0B7CE}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{A6AA170F-0788-4514-8A72-E59195174F65}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{C8F7A7B7-CF57-40FB-AA5A-CCC93566E611}] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{3D34E05B-D6DF-4F96-916E-2271EB44A629}] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{7B1E3C3D-9AA5-4B74-B18C-E1FEC7BDED37}] => (Allow) LPort=25555
FirewallRules: [TCP Query User{D4C67678-F7CB-47BB-B129-B56900FFF326}C:\eclipse-java-php\eclipse.exe] => (Allow) C:\eclipse-java-php\eclipse.exe
FirewallRules: [UDP Query User{C0CEB00C-9A2F-4C73-A581-1DFEBA9ECDCD}C:\eclipse-java-php\eclipse.exe] => (Allow) C:\eclipse-java-php\eclipse.exe
FirewallRules: [{64BEDF24-75C0-483F-8CFD-A2BCC72D9D46}] => (Block) C:\eclipse-java-php\eclipse.exe
FirewallRules: [{851FF17C-060A-462D-A418-A8A3BB2061C3}] => (Block) C:\eclipse-java-php\eclipse.exe
FirewallRules: [TCP Query User{E58A102A-182C-4A1D-BC15-21A1337C8668}E:\bp\game\build\game.exe] => (Allow) E:\bp\game\build\game.exe
FirewallRules: [UDP Query User{33B056DA-8474-41E2-89C6-96F3F454E9A8}E:\bp\game\build\game.exe] => (Allow) E:\bp\game\build\game.exe
FirewallRules: [{F6045E92-CE60-42E9-9782-EAABDB27B7E3}] => (Block) E:\bp\game\build\game.exe
FirewallRules: [{43DDCFA6-4D8B-4CFF-AD98-EC0EE6D37B2D}] => (Block) E:\bp\game\build\game.exe
FirewallRules: [TCP Query User{CFC08413-E58E-4D19-92CB-0516D4C0EEE3}E:\bp\demonstrační hra\build\game.exe] => (Allow) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [UDP Query User{2C1CBE7D-C2C4-49FF-A54D-91B6DD197BF5}E:\bp\demonstrační hra\build\game.exe] => (Allow) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [{D54FE33D-A1DF-4A8B-A1A3-BD8E31EAAC81}] => (Block) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [{E0D7B238-EE15-4105-87AA-7C57EE00C436}] => (Block) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [TCP Query User{57AF70E5-13AE-48CC-B1CC-0A57FE3811C2}D:\demonstrační hra\build\game.exe] => (Allow) D:\demonstrační hra\build\game.exe
FirewallRules: [UDP Query User{E1C5451D-F024-466D-8DC0-4954DCAB14A3}D:\demonstrační hra\build\game.exe] => (Allow) D:\demonstrační hra\build\game.exe
FirewallRules: [{109647ED-C460-47BE-A544-AE23219BD0DD}] => (Block) D:\demonstrační hra\build\game.exe
FirewallRules: [{0A091EB8-1692-46D8-8F85-8E78EBA5C1E1}] => (Block) D:\demonstrační hra\build\game.exe
FirewallRules: [TCP Query User{F334B254-9015-41B5-831B-6CEDAA4C20F8}E:\bp\demonstrační hra\build\x86\game.exe] => (Allow) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [UDP Query User{A8BAAE6C-5590-41CF-ACD0-A1B5BDCF803A}E:\bp\demonstrační hra\build\x86\game.exe] => (Allow) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [{10E94A18-1D92-4FF3-AFA0-674EA55A76B1}] => (Block) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [{35DF64DF-E3FC-46A5-B077-C4A525536670}] => (Block) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [TCP Query User{DCFEF4FC-EB04-45AA-B5FE-EA77E13B13CC}C:\python27\python.exe] => (Allow) C:\python27\python.exe
FirewallRules: [UDP Query User{E51AB367-FF46-41B9-AC52-699C666E782D}C:\python27\python.exe] => (Allow) C:\python27\python.exe
FirewallRules: [{F0152D3E-B131-4A31-835E-1F864F323CF8}] => (Block) C:\python27\python.exe
FirewallRules: [{A6D4A542-B9E1-470A-93F4-CDE3C21D1DF8}] => (Block) C:\python27\python.exe
FirewallRules: [{51775A54-74E0-4B8D-8A1B-C5E66410C9C0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3772998F-4E7D-4FF1-9174-8EACFC4199FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA9CB20C-5706-47AD-A271-EB9D16CFD5EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6AD1A012-2AC1-404C-9C03-B980B9CB2B3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5CD38C58-7FE1-44B5-93BE-DF0E738D9A2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BCC81747-B2E2-4624-B2E2-5A7CBD91FCC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C18FC379-24C3-4EA9-86AB-64524AB7616A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{693FBDF6-0781-4CB6-AAC3-A771E37A9DE4}C:\virtualenvs\paseni\scripts\python.exe] => (Allow) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [UDP Query User{475B1E2D-AC3A-491C-BE95-84673E7C11F4}C:\virtualenvs\paseni\scripts\python.exe] => (Allow) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [{7967677C-D0D8-46DF-B9BC-36EB03549174}] => (Block) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [{623FF2F9-9C7F-480C-A36D-ED5CD771904F}] => (Block) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [TCP Query User{0325708A-2302-46CE-AAA2-10BF19D1ED71}C:\virtualenvs\flowerchecker\scripts\python.exe] => (Allow) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [UDP Query User{D699BFD7-E5F9-4151-A923-B28023169470}C:\virtualenvs\flowerchecker\scripts\python.exe] => (Allow) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{9BF412A7-44C5-46E2-9B87-1B0EA654698A}] => (Block) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{2B1E361F-D550-43EF-A7D8-83EF4CF8862C}] => (Block) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{457CAC73-0697-437A-A1B5-5219FCA48176}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{E0EB51B9-FA9B-4B59-880D-855E081A3DE8}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4CDAC51B-900D-4DED-8419-DB8B3A21EB12}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{7F0BC6F5-1EBD-4D4A-A150-65C95AF35533}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{FEC85DF3-E00D-4599-97DE-6B2521846AA1}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{6E0D37CA-5964-453F-B013-5B09B18728E6}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{B445DE60-5F7C-4A73-A2CE-DCBDF3038DA3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{8712F09E-5936-4371-A40F-35F473F6459C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{40EF5867-55A0-4444-BEAA-4AE24082280F}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{9E835F6E-1E49-41D8-9AFC-3DA07EF6F9E9}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{C2A3B833-91E1-4985-B674-2B42D63CE006}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{9E459401-ABCA-4CDF-8879-564D3A76A2F0}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{0E8ADEAF-52C8-4C5D-857C-8F47CD3E1509}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{F9A3121A-E5BF-430A-91AD-15813C4CC124}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{70A93400-B614-4874-8A48-5435E72BF166}] => (Allow) G:\Program Files (x86)\Mr DJ\Dying Light Ultimate Edition\DyingLightGame.exe
FirewallRules: [{0CFC310A-1168-4E68-A6F7-C39354FA8299}] => (Allow) G:\Program Files (x86)\Mr DJ\Dying Light Ultimate Edition\DyingLightGame.exe
FirewallRules: [{4BEEEE15-1D55-4B1C-A261-6C706B369784}] => (Allow) G:\Program Files\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4B62B234-032B-40AC-BE89-07377874001B}] => (Allow) G:\Program Files\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{CC4CC4FE-5200-47BA-BF1F-B100B54904A3}G:\program files\unity\editor\unity.exe] => (Allow) G:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{4CB56BCB-849D-455E-BA96-4E7A4297AA3C}G:\program files\unity\editor\unity.exe] => (Allow) G:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{97DAF23B-57C4-451D-898A-57009ACE8E88}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{57CAE482-ECE8-4E7E-B5A0-A8DBA1E2FAB1}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{9FAEAF4C-7237-40B0-A85C-045200700543}] => (Allow) C:\Users\jonas\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{F4A73FA6-A7B5-4236-8ECA-A339851C6EF6}] => (Allow) C:\Users\jonas\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{EAE0185A-609F-43D0-B289-BB130FA1652C}] => (Allow) G:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{90B23691-D14B-471C-B943-8BB70DA715FA}] => (Allow) G:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{770BB1E1-B2C3-4460-91A8-E906858E62A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D0440D52-D569-4EA1-93E3-203A880BD245}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{30F91DEC-6CE0-4F19-9AA6-5D12CC69F22F}G:\program files\call of duty black ops iii\blackops3.exe] => (Allow) G:\program files\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{3C504FFB-581D-491E-923A-1234456586F5}G:\program files\call of duty black ops iii\blackops3.exe] => (Allow) G:\program files\call of duty black ops iii\blackops3.exe
FirewallRules: [{C5F5B9A7-60D1-4311-A5E4-CED876DBBF82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
28-01-2016 17:26:15 ComboFix created restore point
29-01-2016 14:17:22 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/28/2016 05:26:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 4.1.2032.8372, časové razítko: 0x5693fe3d
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19110, časové razítko: 0x568429e5
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004f6c6
ID chybujícího procesu: 0xfd0
Čas spuštění chybující aplikace: 0xNvStreamUserAgent.exe0
Cesta k chybující aplikaci: NvStreamUserAgent.exe1
Cesta k chybujícímu modulu: NvStreamUserAgent.exe2
ID zprávy: NvStreamUserAgent.exe3
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
 
Kontext: aplikace Windows
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Prvek nebyl nalezen.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Databáze indexu obsahu je poškozená.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.
 
Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená.  (HRESULT : 0xc0041800))
 
 
System errors:
=============
Error: (01/30/2016 09:31:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (01/30/2016 09:30:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
Error: (01/30/2016 05:19:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (01/30/2016 05:17:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
Error: (01/30/2016 09:04:26 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (01/30/2016 09:03:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
Error: (01/29/2016 08:52:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (01/29/2016 08:51:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
Error: (01/29/2016 02:14:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (01/29/2016 02:13:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
 
CodeIntegrity:
===================================
  Date: 2016-01-28 17:30:41.485
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-28 17:30:41.469
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-19 09:44:43.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-19 09:44:43.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-19 09:44:43.796
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-12 10:54:05.794
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-07 16:57:14.110
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\jonas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-07 16:57:14.076
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\jonas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-07 16:57:14.010
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-07 16:57:13.975
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 24%
Total physical RAM: 24515.34 MB
Available physical RAM: 18486.96 MB
Total Virtual: 49028.89 MB
Available Virtual: 41916.68 MB
 
==================== Drives ================================
 
Drive c: (System) (Fixed) (Total:100.61 GB) (Free:39.9 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: (Data) (Fixed) (Total:931.51 GB) (Free:135.51 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 7CC95E30)
Partition 1: (Active) - (Size=100.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 71994302)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#5 jojkos

jojkos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 30 January 2016 - 04:15 PM

http://www.speedtest.net/my-result/5043527709
net speed is OK

 

pc seems to be running a little bit better



#6 RayS

RayS

  • Malware Response Team
  • 2,378 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:35 AM

Posted 31 January 2016 - 06:16 PM

Hi jojkos,

Thank you for the logs.


Cold Reboot

  • Please physically unplug your PC from the electrical outlet in the wall and wait about five minutes.
  • While the power cord is still unplugged, press the power button a few times as if you were trying to start the computer. This will drain residual electrical energy from within your system.
  • Plug the power cord back in and start normally.

 

 

Policy Restrictions
We will repair these restrictions in Fixlist.txt below.


Update And Possibly Weed out Plugins
If you did this step when I sent it in my previous message, please tell me whether you updated and/or deleted any plugins. If you omitted this step, please do it now.

You have 33 plugins added to Chrome. Please check whether your browser plugins are up to date.
For Firefox, use https://www.mozilla.org/en-US/plugincheck/
For other browsers, use https://browsercheck.qualys.com/ (click on Scan without installing plugin and then on Scan now).

  • It may be necessary to click Run or Allow if you have a pop-up blocker running in your browser.
  • Remove checkmarks from any boxes next to offers to change such things as your default browser, search engine, Home page, etc.
  • Click Fix It next to any plugin that is out of date.
  • Restart your browser after all plugins have been updated.
  • Rerun the scan again to confirm all plugins are up to date.
  • Do these steps separately for each browser except Firefox.

As you update each plugin, consider whether you really need it. You may improve loading and execution times and you will definitely save a bit of space if you delete unneeded plugins.


Let's Clean Some Unneeded Entries From Your PC

  • Press the windows key Windows_Logo_key.gif+ R on your keyboard at the same time. This will open the Run dialog box.
  • Type Notepad into the Run box and click OK.
  • Please copy and paste the entire contents of the code box below into a new file.
start

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CMD: type C:\Combofix.txt

End
  • Save the file as fixlist.txt into the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted.
  • Run FRST64.exe and click Fix only once and wait until the program completes execution.
  • Restart the computer normally to reset the registry.
  • The tool will create a log (Fixlog.txt). Please post it into your reply.

 

 

Re-scan With AdwCleaner by Xplode Then Use Cleaning Mode
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, in the Results section, click each tab (Services, Folders, Files, etc. including Internet Explorer, Firefox, and Chrome) and remove all checkmarks except the one on the Registry tab next to HKCU\Software\Conduit.
  • Examine each tab again and be certain that all other checkmarks have been removed.
  • Click Clean.
  • Copy and paste the contents of the logfile into your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

 

Does Synchronizing Degrade Performance?
It's possible that the 34 separate synchronizatoin events for Google Drive, Mail.Ru, and Dropbox are degrading response. Let's boot into Safe Mode without networking. Then open and run a variety of programs like Word, Excel, and Photoshop. Do these load and execute any faster? Now launch Chome and open the usual number of tabs. Although they will be unable to connect, you should be able to tell whether response is faster than in Normal mode. Try running a variety of games. Do they launch (up to the point where they need online access) any faster? Please do this experiment after you perform all the tasks described above.

Here's how to reboot into Safe Mode:

  • Tap the F8 key multiple times as soon as you start your computer.
  • You will be brought to a menu where you can choose to boot into Safe Mode.
  • Make sure you choose the option without networking support.
  • Please see here for additional details.

 

 

Re-scan Using FRST
Launch FRST64.exe again and checkmark all the boxes in the Whitelist section and the Addition.txt box in the Optional Scan section. If you have already deleted the FRST tool, get a fresh copy from Farbar Recovery Scan Tool.


In your next reply...

  • Confirm that you performed the cold reboot.
  • Please copy and paste the entire contents of the FIX.log file into the body of your post.
  • Copy and paste the contents of AdwCleaner[S#].txt into your reply.
  • Tell me whether programs launch and run any faster in Safe Mode.
  • Copy and paste the entire contents of both the FRST.txt file and the Addition.txt file into the body of your reply.

 

 

 

Tell me how your PC is running now when you go back into Normal mode.

Thank you,

RayS


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#7 RayS

RayS

  • Malware Response Team
  • 2,378 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:35 AM

Posted 01 February 2016 - 03:37 PM

Hi jojkos,

 

Please modify my instruction in the previous post to give me English section headings in the FRST logs.

 

Rename FRST64.exe to englishFRST64.exe and scan with the BCD box checkmarked in the Optional Scan section.

 

Thank you,

 

RayS


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#8 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:35 AM

Posted 03 February 2016 - 08:08 AM

Hi jojkos,

 

I am thcbytes and I will be assisting you.  RayS will be away.  Please follow his instructions as noted in the previous post.

 

Thanks


Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#9 jojkos

jojkos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 05 February 2016 - 02:16 AM

  • i did the cold boot

 

Fix result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by jonas (2016-01-30 17:24:41) Run:1
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Loaded Profiles: jonas (Available Profiles: jonas)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
Hosts:
AlternateDataStreams: C:\ProgramData\Microsoft:rCwVHW4dMRURjDp5
AlternateDataStreams: C:\ProgramData\Microsoft:WTjMNarzgDsTN77TJs1d6qFq
 
End
*****************
 
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
C:\ProgramData\Microsoft => ":rCwVHW4dMRURjDp5" ADS removed successfully.
C:\ProgramData\Microsoft => ":WTjMNarzgDsTN77TJs1d6qFq" ADS removed successfully.
 
==== End of Fixlog 17:24:41 ====

# AdwCleaner v5.032 - Logfile created 05/02/2016 at 08:09:27
# Updated 31/01/2016 by Xplode
# Database : 2016-02-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : jonas - JONAS-PC
# Running from : G:\Cloud@Mail.Ru\Downloads\cleaning\adwcleaner_5.032.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[x] Folder Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mail.Ru
[x] Folder Not Deleted : C:\Users\jonas\AppData\Local\Mail.Ru
[x] Folder Not Deleted : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc
 
***** [ Files ] *****
 
[x] File Not Deleted : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chklaanhfefbnpoihckbnefhakgolnmc_0.localstorage[x] File Not Deleted : C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chklaanhfefbnpoihckbnefhakgolnmc_0.localstorage-journal
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKCU\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Software\Conduit
 
***** [ Web browsers ] *****
 
[x] [C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Not Deleted : chklaanhfefbnpoihckbnefhakgolnmc
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1583 bytes] ##########

  • programs in safe mode seems to be running the same 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
Ran by jonas (administrator) on JONAS-PC (05-02-2016 08:12:04)
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Loaded Profiles: jonas (Available Profiles: jonas)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Flux Software LLC) C:\Users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe
(Dropbox, Inc.) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mail.Ru) C:\Users\jonas\AppData\Local\Mail.Ru\Cloud\15050403\Cloud.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Users\jonas\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) G:\Cloud@Mail.Ru\Downloads\cleaning\englishFRST64.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2919168 2011-11-22] (ESET)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [GoogleChromeAutoLaunch_EE92DA24D002778557D1C2B055218649] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-03] (Google Inc.)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [Dropbox Update] => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-15] (Dropbox, Inc.)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [f.lux] => C:\Users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-02-05] ()
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-02-05] ()
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll [2016-02-05] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-02-05] ()
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-02-05] ()
ShellIconOverlayIdentifiers-x32: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} => C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll [2016-02-05] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-12-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cloud Mail.Ru.lnk [2015-01-01]
ShortcutTarget: Cloud Mail.Ru.lnk -> C:\Users\jonas\AppData\Local\Mail.Ru\Cloud\Cloud.exe (Mail.Ru)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2014-04-03]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{7879FF6A-146D-4BB4-B9E1-8469CFD3960A}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{C078BF4E-5A08-44B4-9584-23154FB7D172}: [DhcpNameServer] 10.0.0.138
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-29] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-12-20] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-29] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-12-20] (LastPass)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> g:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-12-20] (LastPass)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-12-20] (LastPass)
IE Session Restore: HKU\S-1-5-21-3833239083-678279768-2220751185-1001 -> is enabled.
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-29] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-12-20] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> G:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-12-20] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3833239083-678279768-2220751185-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Session Manager) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2014-04-03]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (JSONView) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2016-01-28]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Kalendář Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-12]
CHR Extension: (Postman - REST Client) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm [2015-10-16]
CHR Extension: (Quick Javascript Switcher) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2016-01-05]
CHR Extension: (AdBlock) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-01-30]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-02-02]
CHR Extension: (Google Play Music) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-01-21]
CHR Extension: (Smooth Gestures) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-04-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-18]
CHR Extension: (Vylepšení WISu) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\macimepnbaggfjekcmlcohlffafgamcc [2014-04-03]
CHR Extension: (Hangouts Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-12-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-22]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Second facebook message icon) - G:\Dropbox\vecicky\chromeExtension [2015-10-02]
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Tabulky Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Peněženka Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-29] () [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-11-22] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [814264 2011-11-22] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; G:\Program Files\Origin\OriginClientService.exe [1931632 2015-04-16] (Electronic Arts)
S3 PAExec; C:\Windows\PAExec.exe [207872 2015-02-10] (Power Admin LLC) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-07-23] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-07-23] ()
R2 postgresql-x64-9.5; G:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [92160 2015-12-16] (PostgreSQL Global Development Group) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [805840 2015-09-26] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-05] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171152 2011-11-21] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2011-11-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2011-11-21] (ESET)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel  Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-09-09] (Oracle Corporation)
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15544 2014-06-23] (Headsoft)
S3 VSPerfDrv100; G:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows ® Win 7 DDK provider)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-05 07:15 - 2016-02-05 07:15 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-03 11:04 - 2016-02-03 11:04 - 00000000 ___SD C:\Users\jonas\Documents\Zdroje dat
2016-01-30 17:24 - 2016-02-05 08:12 - 00000000 ____D C:\FRST
2016-01-28 17:26 - 2016-01-28 17:32 - 00000000 ____D C:\Qoobox
2016-01-28 17:26 - 2016-01-28 17:31 - 00000000 ____D C:\Windows\erdnt
2016-01-28 17:26 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-01-28 17:26 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-01-28 17:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-01-28 07:48 - 2016-01-28 07:48 - 00002026 _____ C:\Users\jonas\Documents\cc_20160128_074847.reg
2016-01-27 22:44 - 2016-01-23 02:12 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-01-27 22:43 - 2016-01-23 04:42 - 31079992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 24911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 21193544 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 17626352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 16995064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 12379072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-01-27 22:43 - 2016-01-23 04:42 - 03145272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 02721216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436175.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436175.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00948672 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00689600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00468960 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 42983992 _____ C:\Windows\system32\nvcompiler.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 37614528 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-01-26 08:51 - 2016-01-26 08:51 - 00000000 ____D C:\Program Files\trend micro
2016-01-24 23:44 - 2016-01-24 23:44 - 00107030 _____ C:\Users\jonas\Documents\cc_20160124_234442.reg
2016-01-24 14:14 - 2016-01-24 14:14 - 00003584 _____ C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-24 11:52 - 2016-01-24 11:52 - 00000805 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-01-24 11:52 - 2016-01-24 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-01-24 10:23 - 2016-01-31 11:35 - 00000597 _____ C:\Users\Public\Desktop\Call of Duty Black Ops III.lnk
2016-01-24 10:23 - 2016-01-31 11:35 - 00000597 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Black Ops III.lnk
2016-01-21 16:49 - 2015-12-18 07:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-01-21 16:49 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-01-21 16:49 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-01-16 19:35 - 2016-01-16 19:35 - 00000213 _____ C:\Users\jonas\Desktop\Dota 2.url
2016-01-13 09:08 - 2016-01-13 09:08 - 00000882 _____ C:\Users\jonas\Desktop\BitTorrent Sync.lnk
2016-01-13 09:08 - 2016-01-13 09:08 - 00000862 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent Sync.lnk
2016-01-13 07:25 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 07:25 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 07:25 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 07:25 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 07:25 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 07:25 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 07:25 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 07:25 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 07:25 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 07:25 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 07:25 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 07:25 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 07:25 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 07:25 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 07:25 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 07:25 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 07:25 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 07:25 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 07:25 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 07:25 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 07:25 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 07:25 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 07:25 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 07:25 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 07:25 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 07:25 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 07:25 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 07:25 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 07:25 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 07:25 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 07:25 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 07:25 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 07:25 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 07:25 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 07:25 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 07:25 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 07:25 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 07:25 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 07:25 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 07:25 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 07:25 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 07:25 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 07:25 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 07:25 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 07:25 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 07:25 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 07:25 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 07:25 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 07:25 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 07:25 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 07:25 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 07:25 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 07:25 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 07:25 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 07:25 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 07:25 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 07:25 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 07:25 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 07:25 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 07:25 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 07:25 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 07:25 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 07:25 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 07:24 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 07:24 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 07:24 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 07:24 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 07:24 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 07:24 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 07:24 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 07:24 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 07:24 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 07:24 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 07:24 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 07:24 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 07:24 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 07:24 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 07:24 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 07:24 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 07:24 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 07:24 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 07:24 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 07:24 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 07:24 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 07:24 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 07:24 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:24 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 07:24 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 07:24 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 07:24 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 07:24 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 07:24 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 07:24 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-05 08:10 - 2015-02-15 12:12 - 00000091 _____ C:\HaxLogs.txt
2016-02-05 08:10 - 2014-04-03 22:09 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Dropbox
2016-02-05 08:10 - 2014-04-03 18:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-05 08:10 - 2014-04-03 18:41 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-05 08:10 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-05 08:09 - 2014-04-03 19:20 - 00000000 ____D C:\Users\jonas\AppData\Roaming\uTorrent
2016-02-05 07:53 - 2014-04-03 18:43 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-05 07:53 - 2014-04-03 18:43 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-05 07:53 - 2014-04-03 18:41 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-05 07:51 - 2014-04-05 18:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-05 07:27 - 2015-05-15 17:26 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA.job
2016-02-05 07:24 - 2009-07-14 05:45 - 00029936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-05 07:24 - 2009-07-14 05:45 - 00029936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-05 07:22 - 2014-04-03 18:35 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7079FD3F-E4C4-4ADF-BBC5-C4FAD5B8887F}
2016-02-05 07:19 - 2011-04-12 10:17 - 00700148 _____ C:\Windows\system32\perfh005.dat
2016-02-05 07:19 - 2011-04-12 10:17 - 00151468 _____ C:\Windows\system32\perfc005.dat
2016-02-05 07:19 - 2009-07-14 06:13 - 01663906 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-05 07:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-05 07:15 - 2014-04-04 11:52 - 00000600 _____ C:\Users\jonas\AppData\Roaming\winscp.rnd
2016-02-04 23:19 - 2014-04-05 17:18 - 00000600 _____ C:\Users\jonas\AppData\Local\PUTTY.RND
2016-02-04 21:07 - 2015-12-21 20:39 - 00000000 ____D C:\Users\jonas\AppData\Local\CrashDumps
2016-02-04 21:06 - 2014-07-30 23:39 - 00000000 ____D C:\Users\jonas\AppData\Roaming\D2MP
2016-02-04 20:27 - 2015-05-15 17:26 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core.job
2016-02-04 19:15 - 2014-04-03 19:27 - 00000000 ____D C:\Users\jonas\AppData\Roaming\vlc
2016-02-03 10:30 - 2014-09-11 15:19 - 00002290 ____H C:\Users\jonas\Documents\Default.rdp
2016-02-03 09:42 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-02-02 16:47 - 2014-04-03 18:41 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 16:47 - 2014-04-03 18:41 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-30 21:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-29 19:47 - 2015-09-17 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-29 17:17 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Deployment
2016-01-28 17:32 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Apps\2.0
2016-01-28 17:30 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-01-28 17:29 - 2015-05-24 12:41 - 00000000 ____D C:\ProgramData\TEMP
2016-01-28 17:26 - 2015-02-10 11:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-27 22:44 - 2015-09-02 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-27 22:44 - 2015-02-10 11:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-27 09:04 - 2014-04-11 08:51 - 00000000 ____D C:\Users\jonas\.VirtualBox
2016-01-25 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-24 23:37 - 2014-04-05 16:14 - 00000000 ____D C:\Users\jonas\AppData\Roaming\DAEMON Tools Lite
2016-01-24 11:52 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Google
2016-01-23 04:42 - 2015-02-10 11:22 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 03683560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 03258664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2016-01-23 02:04 - 2015-12-22 11:18 - 00532024 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-01-23 02:04 - 2015-12-22 11:18 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 06368312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 02992064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 01263040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-01-23 02:04 - 2015-02-10 11:23 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-01-22 22:07 - 2015-02-10 11:23 - 06125650 _____ C:\Windows\system32\nvcoproc.bin
2016-01-21 16:50 - 2015-09-02 10:10 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-21 16:50 - 2015-09-02 10:10 - 00000000 ____D C:\Users\jonas\AppData\Local\NVIDIA
2016-01-21 12:13 - 2015-10-08 20:11 - 04289729 ____H C:\Users\jonas\AppData\Local\IconCache.db.backup
2016-01-20 15:28 - 2015-04-08 14:06 - 00000000 ____D C:\Users\jonas\.matplotlib
2016-01-20 15:26 - 2014-04-04 06:34 - 00000000 ____D C:\Python27
2016-01-20 12:51 - 2014-04-05 18:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 12:51 - 2014-04-05 18:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 12:51 - 2014-04-05 18:41 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-16 19:35 - 2014-04-05 17:15 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-15 08:13 - 2015-12-20 18:32 - 00000000 ____D C:\Users\jonas\Documents\StarCraft II
2016-01-14 13:55 - 2015-11-17 12:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 13:55 - 2014-12-24 13:32 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 08:30 - 2015-10-08 20:57 - 05014280 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 08:29 - 2014-12-10 13:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 08:29 - 2014-05-06 17:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-13 13:36 - 2014-04-06 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-06 19:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-06 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-05 16:19 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 13:35 - 2014-04-05 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-13 13:35 - 2014-04-03 18:57 - 00000000 ____D C:\Windows\system32\MRT
2016-01-13 13:30 - 2014-04-03 18:57 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 13:25 - 2014-09-30 22:18 - 00000000 ____D C:\Users\jonas\AppData\Roaming\BitTorrent Sync
2016-01-12 05:41 - 2015-09-02 10:10 - 01542600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-01-12 05:41 - 2015-09-02 10:10 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-01-12 05:40 - 2015-11-20 13:31 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-01-12 05:40 - 2015-09-02 10:10 - 01860120 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-01-12 05:40 - 2015-09-02 10:10 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-01-09 19:39 - 2015-07-23 15:31 - 00000000 ____D C:\Users\jonas\Documents\The Witcher 3
2016-01-08 21:22 - 2014-12-10 16:33 - 00000000 ____D C:\Users\jonas\Documents\Assassin's Creed Unity
 
==================== Files in the root of some directories =======
 
2015-12-20 15:09 - 2015-12-20 15:09 - 20320792 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-05-10 11:03 - 2014-05-10 11:03 - 0000132 _____ () C:\Users\jonas\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-04-16 13:38 - 2015-12-21 19:39 - 0000132 _____ () C:\Users\jonas\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-04-05 17:13 - 2014-05-29 14:21 - 0045270 _____ () C:\Users\jonas\AppData\Roaming\room_v3.dat
2014-06-10 17:21 - 2014-06-10 17:21 - 0000044 _____ () C:\Users\jonas\AppData\Roaming\twow_sysprepdt.dat
2014-04-04 11:52 - 2016-02-05 07:15 - 0000600 _____ () C:\Users\jonas\AppData\Roaming\winscp.rnd
2016-01-24 14:14 - 2016-01-24 14:14 - 0003584 _____ () C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-16 08:47 - 2015-09-16 08:47 - 0000000 ___SH () C:\Users\jonas\AppData\Local\LumaEmu
2014-04-05 17:18 - 2016-02-04 23:19 - 0000600 _____ () C:\Users\jonas\AppData\Local\PUTTY.RND
2015-07-27 14:25 - 2015-07-27 14:25 - 0001223 _____ () C:\Users\jonas\AppData\Local\recently-used.xbel
2014-11-20 17:31 - 2015-02-09 03:00 - 0007635 _____ () C:\Users\jonas\AppData\Local\resmon.resmoncfg
2014-04-24 17:46 - 2014-04-24 17:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\jonas\AppData\Local\Temp\mcse32_00.dll
C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll
C:\Users\jonas\AppData\Local\Temp\mcse64_01.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-29 17:11
 
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by jonas (2016-02-05 08:12:28)
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Windows 7 Professional Service Pack 1 (X64) (2014-04-03 17:31:28)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3833239083-678279768-2220751185-500 - Administrator - Disabled)
Guest (S-1-5-21-3833239083-678279768-2220751185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3833239083-678279768-2220751185-1002 - Limited - Enabled)
jonas (S-1-5-21-3833239083-678279768-2220751185-1001 - Administrator - Enabled) => C:\Users\jonas
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Aktualizace NVIDIA 2.9.1.22 (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BitTorrent Sync (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\BitTorrent Sync) (Version: 2.2.7 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Borderlands: The Pre-Sequel v1.0.5 to v1.0.6 Update (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.66.1075 - AB Team, d.o.o.)
Call of Duty: Black Ops III (HKLM\...\Q2FsbG9mRHV0eUJsYWNrT3BzSUlJ_is1) (Version: 1 - )
Cloud Mail.Ru (HKLM-x32\...\{776AF05B-784A-416F-B14C-31A1FBAF8B19}_is1) (Version: 15.04.0015 - Mail.Ru Group)
CMake 3.0.2, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.0.2) (Version: 3.0.2 - Kitware)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Souls II Crown of the Ivory King (HKLM-x32\...\Dark Souls II Crown of the Ivory King_is1) (Version:  - )
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
doxygen 1.8.9.1 (HKLM\...\doxygen_is1) (Version: 1.8.9.1 - Dimitri van Heesch)
Dropbox (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Dropbox) (Version: 3.14.4 - Dropbox, Inc.)
Dying Light Ultimate Edition version 1.0.6.1 (HKLM-x32\...\Dying Light Ultimate Edition_is1) (Version: 1.0.6.1 - Mr DJ)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
ESET NOD32 Antivirus (HKLM\...\{07E7B9EE-1910-49F5-9A1C-7EDB0D6BFE58}) (Version: 4.2.76.1 - ESET, spol. s r.o.)
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version:  - Eurobattle.net)
f.lux (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Flux) (Version:  - )
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.01 - Ubisoft)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google App Engine (HKLM-x32\...\{AE010912-007D-11DD-A3C1-001636EEECBD}) (Version: 1.9.18.0 - Google Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Heroku Toolbelt 3.42.25 (HKLM-x32\...\Heroku Toolbelt_is1) (Version: 3.42.25 - Heroku, Inc.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
import.io (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JetBrains PyCharm 5.0.2 (HKLM-x32\...\PyCharm 5.0.2) (Version: 143.1184.3 - JetBrains s.r.o.)
KitchenDraw 6.5 (HKLM-x32\...\KitchenDraw_is1) (Version:  - Pragma)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{692514A8-5484-45FC-B0AE-BE2DF7A75891}) (Version: 9.0.1.30729 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{0666E46E-A860-4353-BE6D-13AA72FABB57}) (Version: 1.3.0.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Node.js (HKLM\...\{8C7BB038-9DF2-4B43-8BF7-42D95559E459}) (Version: 4.1.1 - Node.js Foundation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 361.75 (Version: 361.75 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PostgreSQL 9.5  (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
pyexiv2 0.3.2 for Python 2.7 (64 bits) (HKLM\...\pyexiv2-0.3.2-py27-amd64) (Version: 0.3.2 - )
PyQt GPL v4.11.2 for Python v2.7 (x64) (HKLM\...\PyQt GPL v4.11.2 for Python v2.7 (x64)) (Version: 4.11.2 - )
PyQt GPL v5.3.2 for Python v3.4 (x64) (HKLM\...\PyQt GPL v5.3.2 for Python v3.4 (x64)) (Version: 5.3.2 - )
Python 2.7 matplotlib-1.4.3 (64-bit) (HKLM\...\matplotlib-py2.7) (Version:  - )
Python 2.7 numpy-1.9.0 (64-bit) (HKLM\...\numpy-py2.7) (Version:  - )
Python 2.7 py2exe-0.6.9 (HKLM\...\py2exe-py2.7) (Version:  - )
Python 2.7 pygame-1.9.2a0 (64-bit) (HKLM\...\pygame-py2.7) (Version:  - )
Python 2.7 pywin32-219 (HKLM\...\pywin32-py2.7) (Version:  - )
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Python 3.4 py2exe-0.9.2.0 (HKLM\...\py2exe-py3.4) (Version:  - )
Python 3.4.0 (64-bit) (HKLM\...\{863162a8-ecc2-35ea-bdf7-e09ac456e164}) (Version: 3.4.150 - Python Software Foundation)
Qt (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Qt) (Version: 1.0.1 - Digia Plc)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Ruby 2.1.7-p400 (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{64763A89-6347-43AF-833F-3840615C62AE}_is1) (Version: 2.1.7-p400 - RubyInstaller Team)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SceneBuilder (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{com.oracle.javafx.scenebuilder.app}}_is1) (Version: 8.0.0 - Gluon)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Slik Subversion 1.8.10 (x64) (HKLM\...\{77E9DE63-9345-4940-A288-0DF70243E2B2}) (Version: 1.8.10017 - SlikSvn & The SharpSvn Project)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3 - Wild Hunt (HKLM-x32\...\The Witcher 3 - Wild Hunt_is1) (Version:  - )
The Witcher 3: Wild Hunt - Alternative Look for Ciri (HKLM-x32\...\Alternative Look for Ciri_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Finisher Animations (HKLM-x32\...\New Finisher Animations_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - NEW GAME + (HKLM-x32\...\NEW GAME +_is1) (Version: 1.0.0.0 - GOG.com)
Towerfall - Ascension - Dark World (HKLM-x32\...\Towerfall: Ascension - Dark World_is1) (Version: 2.0.0.1 - GOG.com)
Towerfall - Ascension (HKLM-x32\...\1430924174_is1) (Version: 2.0.0.1 - GOG.com)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.6 - Tunngle.net GmbH)
TweakNow DiskAnalyzer (HKLM-x32\...\TweakNow DiskAnalyzer_is1) (Version: 1.3.0 - TweakNow.com)
Unity Web Player (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{C224EEBF-D40A-4056-9DD3-EE74666F74AB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VPython 6.05 (HKLM\...\VPython for Python 2.7_is1) (Version:  - )
WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WinEdt 9 (HKLM\...\WinEdt 9) (Version: 9.0 - WinEdt Team)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
Wireshark 1.12.8 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.8 - The Wireshark developer community, hxxp://www.wireshark.org)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA00-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA01-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA02-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA03-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA04-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{64A9418A-B6B1-4112-B75C-E61633C9A31F}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{6775BBF1-8D9D-4D14-A999-4E78DF8DCEC6}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{6A2E142B-EA63-433A-AC05-5223CBD26E65}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{6AFCC535-2F12-4F50-9F0A-1CF856CFC95D}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> G:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02EA48D1-48A9-496B-AF89-FF140B19CD61} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {26BF622C-C174-448A-9F53-9DC5F4618579} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {30729FBC-48F6-44B7-8A31-AAA49E1BE1B5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4C9A9A15-0D39-4E66-AC29-11756D24F3C8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {5498636D-DE74-4B67-B17F-3AA0F9537CE0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15] (Dropbox, Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {63064C3A-F629-434D-BB53-8416560ADD8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {63459A48-771B-4060-9D5A-AD0E86937E6D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {A733E1CE-3018-400C-A9C6-7E568E499D22} - System32\Tasks\{F3174046-6E23-4FD3-A6C4-3105F1AFED9D} => pcalua.exe -a G:\Cloud@Mail.Ru\Downloads\WDM_R273.exe -d G:\Cloud@Mail.Ru\Downloads
Task: {AF1DE7AD-2AA2-4A3C-9862-964CA40B671F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15] (Dropbox, Inc.)
Task: {D0BFDCD1-BCDF-4425-B1AC-F6E5FE894EDC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E36732E4-5AE7-4D26-A782-38E10F581A80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F149083D-1F52-49F1-BDD5-96F574231CC9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {FED953BB-0EC2-4ACE-AC0C-170B16BCE21C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core.job => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA.job => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.7-p400\Interactive Ruby.lnk -> G:\Program Files (x86)\Heroku\ruby-2.1.7\bin\irb.bat ()
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\jonas\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud SDK\Google App Engine Launcher.lnk -> G:\Program Files\Google\Cloud SDK\GoogleAppEngineLauncher.bat ()
 
ShortcutWithArgument: C:\Users\jonas\Desktop\Google Cloud SDK Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "SET CLOUDSDK_CONFIG=C:\Users\jonas\AppData\Roaming\gcloud&"G:\Program Files\Google\Cloud SDK\cloud_env.bat""
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.7-p400\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K G:\Program Files (x86)\Heroku\ruby-2.1.7\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.3\MSVC 2010 OpenGL (32-bit)\Qt 5.3 32-bit for Desktop (MSVC 2010 OpenGL).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K G:\Qt\5.3\msvc2010_opengl\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 32-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" amd64"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Cross Tools Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86_amd64"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud SDK\Google Cloud SDK Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "SET CLOUDSDK_CONFIG=C:\Users\jonas\AppData\Roaming\gcloud&"G:\Program Files\Google\Cloud SDK\cloud_env.bat""
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-02-10 11:23 - 2016-01-23 02:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 17:44 - 2013-05-07 08:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-21 09:07 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-06-14 19:40 - 2014-07-23 21:47 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-14 19:40 - 2014-07-23 21:47 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-12-22 11:07 - 2015-12-16 07:59 - 00183296 _____ () G:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2015-12-22 11:07 - 2015-08-26 09:40 - 02257408 _____ () G:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2016-01-29 08:03 - 2016-02-05 08:10 - 00196824 _____ () C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll
2014-04-24 17:44 - 2016-02-05 08:10 - 00027136 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-04-24 17:44 - 2013-05-07 08:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-09-02 10:10 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-20 10:33 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-05 07:15 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-05 07:15 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-11-20 10:33 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\select.pyd
2015-11-20 10:33 - 2016-02-04 20:41 - 00019760 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-05 07:15 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-11-20 10:33 - 2016-02-04 20:41 - 00381752 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00020816 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-11-20 10:33 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 01682760 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00020808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-11-20 10:33 - 2016-02-04 20:41 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-11-20 10:33 - 2016-02-04 20:41 - 00021840 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00038696 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-05 07:15 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00021832 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00026456 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00117056 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00024392 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-05 07:15 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\librsync.dll
2015-11-20 10:33 - 2016-02-04 20:41 - 00023376 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-05 07:15 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-05 07:15 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00052024 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00021824 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00019776 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00020280 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00022352 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00084792 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-02-05 07:15 - 2016-02-04 20:41 - 01826096 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-11-20 10:33 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 03928880 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 01971504 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00531248 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00132912 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00223544 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00207672 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00158008 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00042808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-05 07:15 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-05 07:15 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-11-20 10:33 - 2016-02-04 20:41 - 00024904 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2014-04-03 20:14 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2016-02-05 07:53 - 2016-02-03 08:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-05 07:53 - 2016-02-03 08:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll
2014-04-24 17:48 - 2013-09-16 05:19 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\jonas\Local Settings:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local\Data aplikací:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local\Temp:t4LoDps9uRBcCimDR60z
AlternateDataStreams: C:\Users\jonas\AppData\Local\Temporary Internet Files:Z0uHERu6ep2bcmxcp4avX
AlternateDataStreams: C:\Users\Public\DRM:احتضان
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2016-01-30 17:24 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A9761036-2492-4509-9B24-0D7D3222B72A}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1B41E6D-8EC2-4048-AF92-BBFB3E0793D7}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F7AB77D0-1FBB-467D-8C70-5774D8EAC59A}] => (Allow) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C41D80CE-0F17-4ECF-96FD-FB1C4F07D666}] => (Allow) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CAC326BF-E525-4E3C-A570-6F67CD49CC69}] => (Allow) G:\Program Files\Steam\Steam.exe
FirewallRules: [{328EF74F-2E68-448B-8EBF-ADB1EFE9272D}] => (Allow) G:\Program Files\Steam\Steam.exe
FirewallRules: [{6CAB3EBA-A8A8-4E78-BB4B-653C68BE5891}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{36CE1EA1-A3C0-49D1-B259-6D5C0E5E6485}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5DED1022-32AC-4A63-8E13-57C5FB3A2C3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5E546E71-29E4-4161-BA10-9F375EFB8D2A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FC7B9113-3FAD-45CB-8F37-9C4A1A6517BB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{61BCA08F-1361-4D6D-B7E7-BAC8ED062784}G:\cloud@mail.ru\hry\warcraft iii\war3.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [UDP Query User{1C9C1031-FE35-41B7-B7E5-EA27196EEF95}G:\cloud@mail.ru\hry\warcraft iii\war3.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{5EF15B9C-4E2D-40EC-8857-222F5E6BC62D}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{9E7E9158-AAE6-4C44-A496-55A70FF43F5D}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{4D98A5BD-C155-4716-BFFB-F9530D8680D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C4B0E158-26D6-4557-8945-46A2E2C5AA50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{5BA0945F-A8AB-462C-9D45-4F1A8C88BA2D}C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F759EA7F-6978-4262-AF3F-834D2C4DD6CB}C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CADB71D3-1966-4947-BC7E-8B853FDF2EB1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7EBA233C-CF7F-4AC8-8539-BB7D9CAB6AB5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{70C11166-7288-4191-8ECA-9134E68C7DC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{10896008-4E6F-4EB0-AE6C-E257E522BA82}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E07FEB57-63C3-470F-A2D3-F6BE5E9FB590}] => (Allow) G:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{90E35914-0C7D-4402-AC79-DFF0F6932958}] => (Allow) G:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{9982DF72-015D-483C-9E6E-73D5968D9A9B}] => (Allow) LPort=7935
FirewallRules: [{BCAB1C08-216D-4FA5-B502-A86C927286D3}] => (Allow) G:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ADBB6653-282A-42C8-AE0A-470721DD271D}] => (Allow) G:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{A80E35EE-DF15-4EED-931B-A1819E21D28F}G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [UDP Query User{D93CBF69-4A14-4D21-A3D3-E70C704989C2}G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{E8E8A2D2-728C-4207-BA8E-029D03357E55}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{5BB28CE9-4FAB-4A1E-A3F6-94C0F8E74707}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{E43FE05E-0D3C-4DB7-BC0C-572249CD19D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{39DAF841-FEB1-405A-B7EA-855494AF55E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{71579848-0124-455D-B0B8-97E92ED14B40}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F57C39C5-6B21-4042-B19A-3FDD28655F99}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4891815C-3522-4499-BD0C-3B2B6CF19391}] => (Allow) G:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{C89E9524-C300-4D9A-BFE8-6BD1C7FDFCCF}] => (Allow) G:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{56A4FB25-66BF-445F-919F-50EB4396928D}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{6A714A49-E29E-45FE-ADC9-0010BE7E4A94}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{47D04D33-188C-4173-9288-06657286AE0D}G:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{9AE75997-9D88-47F0-BC8E-30E6C921FF94}G:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{8F6A759C-A2C9-4035-A466-6CCE9F359661}] => (Block) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{71665B01-F6D0-49BB-A580-03B29434D290}] => (Block) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [TCP Query User{F22B5F0D-4C38-49DF-B211-4EE739EC14A7}G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [UDP Query User{56413D5F-E7AA-41E8-BCB0-826620656213}G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{17666D0B-8244-4C1B-ABA5-69EC42B38511}] => (Block) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{CEB8354E-6ECB-4FAB-8215-BD82A8833A5D}] => (Block) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{5B0443C7-5B2A-4E6F-A852-A59363EE0335}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2B95183D-2939-456B-8BEB-3EF836744702}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{A3CAABD5-BC92-46E6-994E-FA678010D5F6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{66F2E2A6-F7EA-4417-A67B-30AAD4B90B47}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{005C4B74-D32F-40D5-B9E9-26DF7F692523}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{C0B6EFE8-B1A0-4E41-8F4E-90C4F1E30BB7}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{570DCD3E-4A43-4052-A051-3FD9D40A1A2C}] => (Allow) C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\XnaTrans\v3.0\XnaTransX.exe
FirewallRules: [{EFFC1DD8-F869-40B4-BDF2-D4ABCD366824}] => (Allow) C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v4.0\Bin\XnaLiveProxy.exe
FirewallRules: [{AB930C93-5902-497D-9821-1ED914D74502}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{96007E15-957A-4E33-B70A-D65AFDE1F505}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{96BF12DF-F946-447F-A392-78C0737A6528}G:\program files\codemasters\operation flashpoint\flashpointresistance.exe] => (Allow) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [UDP Query User{584BB2BC-9D4A-4BAD-9312-D48BD4A38C74}G:\program files\codemasters\operation flashpoint\flashpointresistance.exe] => (Allow) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [{D348FBC1-9522-4C8B-9D2A-DA21E23C6A6C}] => (Block) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [{FA4CB2C6-141D-44A1-B60D-64E87B736BAE}] => (Block) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [TCP Query User{62D2F4C3-282C-4125-BDA2-18F2FE3E6BA0}G:\unity\tutorialspace\builds\hra.exe] => (Allow) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [UDP Query User{C9BB3218-A8B5-4CEA-81A1-F6E6DE9464DF}G:\unity\tutorialspace\builds\hra.exe] => (Allow) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [{60BC01D9-4D98-44D9-A5CC-10E6919BE356}] => (Block) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [{D8738C0A-F69D-45CC-8502-0457A12F3B94}] => (Block) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [TCP Query User{AA89A5B3-DAAB-4292-B634-52EAD5019516}G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{33305600-EBAC-49D7-B81B-2C4B9EE35CF1}G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{F53611F2-9673-43D5-9AEA-243C0E146681}] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{88075BF3-A8EC-41B2-91F0-F18907925A01}] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{DE350AD5-0718-4DD1-9BAC-69747D9D3FFC}] => (Allow) G:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\DARKSOULS.exe
FirewallRules: [TCP Query User{FD4953EA-303D-42DB-830B-64A504E0B7CE}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{A6AA170F-0788-4514-8A72-E59195174F65}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{C8F7A7B7-CF57-40FB-AA5A-CCC93566E611}] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{3D34E05B-D6DF-4F96-916E-2271EB44A629}] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{7B1E3C3D-9AA5-4B74-B18C-E1FEC7BDED37}] => (Allow) LPort=25555
FirewallRules: [TCP Query User{D4C67678-F7CB-47BB-B129-B56900FFF326}C:\eclipse-java-php\eclipse.exe] => (Allow) C:\eclipse-java-php\eclipse.exe
FirewallRules: [UDP Query User{C0CEB00C-9A2F-4C73-A581-1DFEBA9ECDCD}C:\eclipse-java-php\eclipse.exe] => (Allow) C:\eclipse-java-php\eclipse.exe
FirewallRules: [{64BEDF24-75C0-483F-8CFD-A2BCC72D9D46}] => (Block) C:\eclipse-java-php\eclipse.exe
FirewallRules: [{851FF17C-060A-462D-A418-A8A3BB2061C3}] => (Block) C:\eclipse-java-php\eclipse.exe
FirewallRules: [TCP Query User{E58A102A-182C-4A1D-BC15-21A1337C8668}E:\bp\game\build\game.exe] => (Allow) E:\bp\game\build\game.exe
FirewallRules: [UDP Query User{33B056DA-8474-41E2-89C6-96F3F454E9A8}E:\bp\game\build\game.exe] => (Allow) E:\bp\game\build\game.exe
FirewallRules: [{F6045E92-CE60-42E9-9782-EAABDB27B7E3}] => (Block) E:\bp\game\build\game.exe
FirewallRules: [{43DDCFA6-4D8B-4CFF-AD98-EC0EE6D37B2D}] => (Block) E:\bp\game\build\game.exe
FirewallRules: [TCP Query User{CFC08413-E58E-4D19-92CB-0516D4C0EEE3}E:\bp\demonstrační hra\build\game.exe] => (Allow) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [UDP Query User{2C1CBE7D-C2C4-49FF-A54D-91B6DD197BF5}E:\bp\demonstrační hra\build\game.exe] => (Allow) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [{D54FE33D-A1DF-4A8B-A1A3-BD8E31EAAC81}] => (Block) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [{E0D7B238-EE15-4105-87AA-7C57EE00C436}] => (Block) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [TCP Query User{57AF70E5-13AE-48CC-B1CC-0A57FE3811C2}D:\demonstrační hra\build\game.exe] => (Allow) D:\demonstrační hra\build\game.exe
FirewallRules: [UDP Query User{E1C5451D-F024-466D-8DC0-4954DCAB14A3}D:\demonstrační hra\build\game.exe] => (Allow) D:\demonstrační hra\build\game.exe
FirewallRules: [{109647ED-C460-47BE-A544-AE23219BD0DD}] => (Block) D:\demonstrační hra\build\game.exe
FirewallRules: [{0A091EB8-1692-46D8-8F85-8E78EBA5C1E1}] => (Block) D:\demonstrační hra\build\game.exe
FirewallRules: [TCP Query User{F334B254-9015-41B5-831B-6CEDAA4C20F8}E:\bp\demonstrační hra\build\x86\game.exe] => (Allow) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [UDP Query User{A8BAAE6C-5590-41CF-ACD0-A1B5BDCF803A}E:\bp\demonstrační hra\build\x86\game.exe] => (Allow) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [{10E94A18-1D92-4FF3-AFA0-674EA55A76B1}] => (Block) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [{35DF64DF-E3FC-46A5-B077-C4A525536670}] => (Block) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [TCP Query User{DCFEF4FC-EB04-45AA-B5FE-EA77E13B13CC}C:\python27\python.exe] => (Allow) C:\python27\python.exe
FirewallRules: [UDP Query User{E51AB367-FF46-41B9-AC52-699C666E782D}C:\python27\python.exe] => (Allow) C:\python27\python.exe
FirewallRules: [{F0152D3E-B131-4A31-835E-1F864F323CF8}] => (Block) C:\python27\python.exe
FirewallRules: [{A6D4A542-B9E1-470A-93F4-CDE3C21D1DF8}] => (Block) C:\python27\python.exe
FirewallRules: [{51775A54-74E0-4B8D-8A1B-C5E66410C9C0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3772998F-4E7D-4FF1-9174-8EACFC4199FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA9CB20C-5706-47AD-A271-EB9D16CFD5EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6AD1A012-2AC1-404C-9C03-B980B9CB2B3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5CD38C58-7FE1-44B5-93BE-DF0E738D9A2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BCC81747-B2E2-4624-B2E2-5A7CBD91FCC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C18FC379-24C3-4EA9-86AB-64524AB7616A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{693FBDF6-0781-4CB6-AAC3-A771E37A9DE4}C:\virtualenvs\paseni\scripts\python.exe] => (Allow) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [UDP Query User{475B1E2D-AC3A-491C-BE95-84673E7C11F4}C:\virtualenvs\paseni\scripts\python.exe] => (Allow) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [{7967677C-D0D8-46DF-B9BC-36EB03549174}] => (Block) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [{623FF2F9-9C7F-480C-A36D-ED5CD771904F}] => (Block) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [TCP Query User{0325708A-2302-46CE-AAA2-10BF19D1ED71}C:\virtualenvs\flowerchecker\scripts\python.exe] => (Allow) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [UDP Query User{D699BFD7-E5F9-4151-A923-B28023169470}C:\virtualenvs\flowerchecker\scripts\python.exe] => (Allow) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{9BF412A7-44C5-46E2-9B87-1B0EA654698A}] => (Block) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{2B1E361F-D550-43EF-A7D8-83EF4CF8862C}] => (Block) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{457CAC73-0697-437A-A1B5-5219FCA48176}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{E0EB51B9-FA9B-4B59-880D-855E081A3DE8}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4CDAC51B-900D-4DED-8419-DB8B3A21EB12}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{7F0BC6F5-1EBD-4D4A-A150-65C95AF35533}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{FEC85DF3-E00D-4599-97DE-6B2521846AA1}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{6E0D37CA-5964-453F-B013-5B09B18728E6}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{B445DE60-5F7C-4A73-A2CE-DCBDF3038DA3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{8712F09E-5936-4371-A40F-35F473F6459C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{40EF5867-55A0-4444-BEAA-4AE24082280F}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{9E835F6E-1E49-41D8-9AFC-3DA07EF6F9E9}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{C2A3B833-91E1-4985-B674-2B42D63CE006}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{9E459401-ABCA-4CDF-8879-564D3A76A2F0}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{0E8ADEAF-52C8-4C5D-857C-8F47CD3E1509}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{F9A3121A-E5BF-430A-91AD-15813C4CC124}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{70A93400-B614-4874-8A48-5435E72BF166}] => (Allow) G:\Program Files (x86)\Mr DJ\Dying Light Ultimate Edition\DyingLightGame.exe
FirewallRules: [{0CFC310A-1168-4E68-A6F7-C39354FA8299}] => (Allow) G:\Program Files (x86)\Mr DJ\Dying Light Ultimate Edition\DyingLightGame.exe
FirewallRules: [{4BEEEE15-1D55-4B1C-A261-6C706B369784}] => (Allow) G:\Program Files\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4B62B234-032B-40AC-BE89-07377874001B}] => (Allow) G:\Program Files\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{CC4CC4FE-5200-47BA-BF1F-B100B54904A3}G:\program files\unity\editor\unity.exe] => (Allow) G:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{4CB56BCB-849D-455E-BA96-4E7A4297AA3C}G:\program files\unity\editor\unity.exe] => (Allow) G:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{97DAF23B-57C4-451D-898A-57009ACE8E88}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{57CAE482-ECE8-4E7E-B5A0-A8DBA1E2FAB1}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{9FAEAF4C-7237-40B0-A85C-045200700543}] => (Allow) C:\Users\jonas\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{F4A73FA6-A7B5-4236-8ECA-A339851C6EF6}] => (Allow) C:\Users\jonas\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{EAE0185A-609F-43D0-B289-BB130FA1652C}] => (Allow) G:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{90B23691-D14B-471C-B943-8BB70DA715FA}] => (Allow) G:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{770BB1E1-B2C3-4460-91A8-E906858E62A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D0440D52-D569-4EA1-93E3-203A880BD245}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{30F91DEC-6CE0-4F19-9AA6-5D12CC69F22F}G:\program files\call of duty black ops iii\blackops3.exe] => (Allow) G:\program files\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{3C504FFB-581D-491E-923A-1234456586F5}G:\program files\call of duty black ops iii\blackops3.exe] => (Allow) G:\program files\call of duty black ops iii\blackops3.exe
FirewallRules: [{6D88CB31-F07C-4D38-A7B1-716862EFACF1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
29-01-2016 14:17:22 Windows Update
02-02-2016 11:33:18 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/04/2016 09:06:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: d2mp.exe, verze: 1.0.0.0, časové razítko: 0x53d9610e
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19110, časové razítko: 0x568429dd
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000000b16d
ID chybujícího procesu: 0xf88
Čas spuštění chybující aplikace: 0xd2mp.exe0
Cesta k chybující aplikaci: d2mp.exe1
Cesta k chybujícímu modulu: d2mp.exe2
ID zprávy: d2mp.exe3
 
Error: (02/04/2016 09:06:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: d2mp.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Configuration.ConfigurationErrorsException
Zásobník:
   na System.Configuration.ConfigurationManager.RefreshSection(System.String)
   na System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
   na System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
   na System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
   na System.Configuration.SettingsBase.GetPropertyValueByName(System.String)
   na System.Configuration.SettingsBase.get_Item(System.String)
   na System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String)
   na System.Configuration.ApplicationSettingsBase.get_Item(System.String)
   na d2mp.Properties.Settings.get_shortcut()
   na d2mp.D2MP.main()
   na d2mp.Program.Main()
 
Error: (01/28/2016 05:26:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 4.1.2032.8372, časové razítko: 0x5693fe3d
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19110, časové razítko: 0x568429e5
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004f6c6
ID chybujícího procesu: 0xfd0
Čas spuštění chybující aplikace: 0xNvStreamUserAgent.exe0
Cesta k chybující aplikaci: NvStreamUserAgent.exe1
Cesta k chybujícímu modulu: NvStreamUserAgent.exe2
ID zprávy: NvStreamUserAgent.exe3
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
 
Kontext: aplikace Windows
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Prvek nebyl nalezen.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Databáze indexu obsahu je poškozená.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (02/05/2016 08:11:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (02/05/2016 08:10:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
Error: (02/05/2016 08:09:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
 
Error: (02/05/2016 08:09:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
 
Error: (02/05/2016 08:09:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
 
Error: (02/05/2016 08:09:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
 
Error: (02/05/2016 08:09:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel® Matrix Storage Event Monitor byla neočekávaně ukončena. Tento stav nastal již 1krát.
 
Error: (02/05/2016 08:09:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Samsung RAPID Mode Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
 
Error: (02/05/2016 08:09:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba postgresql-x64-9.5 - PostgreSQL Server 9.5 byla neočekávaně ukončena. Tento stav nastal již 1krát.
 
Error: (02/05/2016 08:09:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrB byla neočekávaně ukončena. Tento stav nastal již 1krát.
 
 
CodeIntegrity:
===================================
  Date: 2016-01-28 17:30:41.485
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-28 17:30:41.469
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-19 09:44:43.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-19 09:44:43.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-19 09:44:43.796
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-12 10:54:05.794
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-04-07 16:57:14.110
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\jonas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-07 16:57:14.076
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Users\jonas\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-07 16:57:14.010
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-07 16:57:13.975
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 21%
Total physical RAM: 24515.34 MB
Available physical RAM: 19301.89 MB
Total Virtual: 49028.89 MB
Available Virtual: 43023.2 MB
 
==================== Drives ================================
 
Drive c: (System) (Fixed) (Total:100.61 GB) (Free:37.97 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: (Data) (Fixed) (Total:931.51 GB) (Free:126.37 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 7CC95E30)
Partition 1: (Active) - (Size=100.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 71994302)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

everything seems to be running quite ok now :)



#10 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:35 AM

Posted 05 February 2016 - 05:48 PM

Hello again,
 

everything seems to be running quite ok now :)

I am pleased to hear that.
 
Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.
  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to its Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"

    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.

    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.

    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.

    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and paste the mbam.log in your next reply.
.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- Windows 7: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd


How is your computer running now? Any further troubles?

Thanks,
thcbytes
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#11 jojkos

jojkos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 07 February 2016 - 04:26 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7.2.2016
Scan Time: 10:17
Logfile: 
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2016.02.07.01
Rootkit Database: v2016.01.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: jojkos
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 388245
Time Elapsed: 4 min, 30 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
PUP.Optional.Komodia.WnskRST, C:\Windows\SysWOW64\zlvlgaoro.dat, Quarantined, [1cc13a230b8e8caad8bf6b7ef60c2dd3], 
PUP.Optional.Komodia.WnskRST, C:\Windows\SysWOW64\zyadeizbstq.ini, Quarantined, [18c5a3ba653451e5fc9c05e4e0228e72], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
everything seems to be OK, thanks a lot


#12 RayS

RayS

  • Malware Response Team
  • 2,378 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:35 AM

Posted 07 February 2016 - 04:16 PM


Hi jojkos,

Please perform the following in the sequence as given.


Empty Malwarebytes (MBAM) Quarantine

Thank you for the MBAM log. Please launch MBAM again, and click the History tab. Checkmark the box in the top line of the table of detected threats. Click Delete. This will remove all detected threats from your PC.
 

 

Let's do an online antivirus scan using Bitdefender

 

  • Close all other programs except your browser, and don't launch any programs while the scan is running.
  • Please visit http://www.bitdefender.com/scanner/online/free.html
  • Click the Start Scanner button.
  • On the next window that opens, click Scan now.
  • You may need to click Allow if your browser has protection against outside executables.
  • Allow Bitdefender to install a temporary add-on.
  • Allow your browser to restart.
  • Agree to the End User Software License Agreement.
  • In about 60 seconds, you will see either a "You're good to go! No active viruses found." message or a list of threats. Please tell me verbatim what message you see. This same screen may include free or discounted offers of Bitdefender services which you can optionally accept or refuse.
  • Check the extensions and the plugins in your browser and remove or disable the Bitdefender entries.
  • Restart your browser.


Run the provided Fixlist script

Your Post #9 shows that you ran the Fixlist script that I supplied in my Post #3 instead of the second one which I provided in my Post #6. Here's the second script again:

  • Press the windows key Windows_Logo_key.gif+ R on your keyboard at the same time. This will open the Run dialog box.
  • Type Notepad into the Run box and click OK.
  • Please copy and paste the entire contents of the code box below into a new file.

Code:
start

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CMD: type C:\Combofix.txt

End
  • Save the file as fixlist.txt into the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted.
  • Run FRST64.exe and click Fix only once and wait until the program completes execution.
  • Restart the computer normally to reset the registry.
  • The tool will create a log (Fixlog.txt). Please post it into your reply.

 

 

Update plugins and weed out unneeded ones
It is entirely up to you as to whether you will update your plugins and delete the unneeded ones (if any). Please let me know your decision. Refer to my Post #6 for instructions if you want to accomplish this task.
 

 

Re-scan Using FRST
Rename FRST64.exe to englishFRST64.exe and scan with the BCD box and the Addition.txt box checkmarked in the Optional Scan section. If you have already deleted the FRST tool, get a fresh copy from Farbar Recovery Scan Tool.


In your next reply...

  • Confirm that you have emptied the MBAM quarantine.
  • Type into the body of your post a verbatim copy of the message you received from the Bitdefender scan.
  • Please copy and paste the entire contents of the FIX.log file into the body of your post.
  • Tell me whether you updated the plugins in your browsers. Tell me which plugins (if any) you want to delete.
  • Copy and paste the entire contents of both the FRST.txt file and the Addition.txt file into the body of your post.

Does your PC continue to run well?

Note: I sent a "thank you" note in a private message to thcbytes for filling in for me while I was away.

Regards,

RayS


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.


#13 jojkos

jojkos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 08 February 2016 - 03:33 AM

  • i did empty quarantine
  • You're good to go! No active viruses found.

 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016

Ran by jonas (2016-02-08 09:09:33) Run:1
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Loaded Profiles: jonas &  (Available Profiles: jonas)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CMD: type C:\Combofix.txt
 
End
*****************
 
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
 
=========  type C:\Combofix.txt =========
 
ComboFix 16-02-05.01 - jonas 01.02.2016   9:14.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1250.420.1029.18.24515.19937 [GMT 1:00]
Spuštěný z: g:\cloud@mail.ru\Downloads\cleaning\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Vytvořen nový Bod Obnovení
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\jonas\AppData\Local\Temp\mcse32_00.dll
c:\users\jonas\AppData\Local\Temp\mcse64_00.dll
c:\users\jonas\AppData\Local\Temp\mcse64_01.dll
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2016-01-01 do 2016-02-01  )))))))))))))))))))))))))))))))
.
.
2016-02-01 08:18 . 2016-02-08 08:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-01 08:09 . 2016-02-08 08:09 -------- d-----w- C:\FRST
2016-02-07 09:16 . 2016-02-07 09:16 -------- d-----w- c:\programdata\Malwarebytes
2016-02-05 06:16 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4DD19A3-AC37-4FB5-9272-F3B2EF6E919F}\mpengine.dll
2016-01-27 21:44 . 2016-01-23 01:12 110016 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-01-27 21:42 . 2016-01-23 03:42 42983992 ----a-w- c:\windows\system32\nvcompiler.dll
2016-01-27 21:42 . 2016-01-23 03:42 37614528 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2016-01-27 21:42 . 2016-01-23 03:42 20733832 ----a-w- c:\windows\system32\nvcuda.dll
2016-01-27 21:42 . 2016-01-23 03:42 17218792 ----a-w- c:\windows\SysWow64\nvcuda.dll
2016-01-26 07:51 . 2016-01-26 07:51 -------- d-----w- c:\program files\trend micro
2016-01-21 15:49 . 2015-12-18 06:11 47760 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-01-21 15:49 . 2015-12-18 06:10 99472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-01-21 15:49 . 2015-12-18 06:10 90768 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2016-01-13 06:24 . 2015-12-08 21:53 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-23 03:42 . 2015-02-10 10:22 3683560 ----a-w- c:\windows\system32\nvapi64.dll
2016-01-23 03:42 . 2015-02-10 10:22 3258664 ----a-w- c:\windows\SysWow64\nvapi.dll
2016-01-23 03:42 . 2015-02-10 10:22 18758400 ----a-w- c:\windows\system32\nvwgf2umx.dll
2016-01-23 03:42 . 2015-02-10 10:22 16327896 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2016-01-23 03:42 . 2015-02-10 10:22 14016576 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2016-01-23 01:04 . 2015-02-10 10:23 6368312 ----a-w- c:\windows\system32\nvcpl.dll
2016-01-23 01:04 . 2015-02-10 10:23 2992064 ----a-w- c:\windows\system32\nvsvc64.dll
2016-01-23 01:04 . 2015-02-10 10:23 2563128 ----a-w- c:\windows\system32\nvsvcr.dll
2016-01-23 01:04 . 2015-02-10 10:23 1263040 ----a-w- c:\windows\system32\nvvsvc.exe
2016-01-23 01:04 . 2015-12-22 10:18 83512 ----a-w- c:\windows\system32\nv3dappshextr.dll
2016-01-23 01:04 . 2015-12-22 10:18 532024 ----a-w- c:\windows\system32\nv3dappshext.dll
2016-01-23 01:04 . 2015-02-10 10:23 71224 ----a-w- c:\windows\system32\nvshext.dll
2016-01-23 01:04 . 2015-02-10 10:23 393784 ----a-w- c:\windows\system32\nvmctray.dll
2016-01-22 21:07 . 2015-02-10 10:23 6125650 ----a-w- c:\windows\system32\nvcoproc.bin
2016-01-20 11:51 . 2014-04-05 17:41 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-20 11:51 . 2014-04-05 17:41 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-01-13 12:30 . 2014-04-03 17:57 143671360 ----a-w- c:\windows\system32\MRT.exe
2016-01-12 04:41 . 2015-09-02 09:10 1542600 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-01-12 04:41 . 2015-09-02 09:10 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-01-12 04:40 . 2015-11-20 12:31 112032 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-01-12 04:40 . 2015-09-02 09:10 1860120 ----a-w- c:\windows\system32\nvspcap64.dll
2016-01-12 04:40 . 2015-09-02 09:10 1756608 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-12-30 19:01 . 2016-01-13 06:24 344064 ----a-w- c:\windows\system32\schannel.dll
2015-12-30 18:40 . 2016-01-13 06:24 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-12-30 18:37 . 2016-01-13 06:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-12-20 14:09 . 2015-12-20 14:09 20320792 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
2015-12-16 17:34 . 2015-12-22 10:16 1915696 ----a-w- c:\windows\system32\nvdispco6436143.dll
2015-12-16 17:34 . 2015-12-22 10:16 1564976 ----a-w- c:\windows\system32\nvdispgenco6436143.dll
2015-12-02 12:18 . 2010-11-21 03:27 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-11-24 23:10 . 2015-12-03 09:40 1905272 ----a-w- c:\windows\system32\nvdispco6435906.dll
2015-11-24 23:10 . 2015-12-03 09:40 1564792 ----a-w- c:\windows\system32\nvdispgenco6435906.dll
2015-11-24 23:10 . 2015-02-10 10:23 112760 ----a-w- c:\windows\system32\OpenCL.dll
2015-11-24 23:10 . 2015-02-10 10:23 105080 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-11-20 18:54 . 2015-12-09 07:08 98816 ----a-w- c:\windows\system32\wudriver.dll
2015-11-20 18:54 . 2015-12-09 07:08 37888 ----a-w- c:\windows\system32\wups2.dll
2015-11-20 18:54 . 2015-12-09 07:08 36864 ----a-w- c:\windows\system32\wups.dll
2015-11-20 18:54 . 2015-12-09 07:08 3170304 ----a-w- c:\windows\system32\wucltux.dll
2015-11-20 18:54 . 2015-12-09 07:08 2609152 ----a-w- c:\windows\system32\wuaueng.dll
2015-11-20 18:54 . 2015-12-09 07:08 192512 ----a-w- c:\windows\system32\wuwebv.dll
2015-11-20 18:54 . 2015-12-09 07:08 709632 ----a-w- c:\windows\system32\wuapi.dll
2015-11-20 18:54 . 2015-12-09 07:08 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-11-20 18:54 . 2015-12-09 07:08 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-11-20 18:54 . 2015-12-09 07:08 37888 ----a-w- c:\windows\system32\wuapp.exe
2015-11-20 18:54 . 2015-12-09 07:08 140288 ----a-w- c:\windows\system32\wuauclt.exe
2015-11-20 18:34 . 2015-12-09 07:08 93696 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-11-20 18:34 . 2015-12-09 07:08 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-11-20 18:34 . 2015-12-09 07:08 174080 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-11-20 18:34 . 2015-12-09 07:08 573440 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-11-20 18:33 . 2015-12-09 07:08 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-11-16 03:35 . 2015-11-20 12:43 1905272 ----a-w- c:\windows\system32\nvdispco6435900.dll
2015-11-16 03:35 . 2015-11-20 12:43 1564792 ----a-w- c:\windows\system32\nvdispgenco6435900.dll
2015-11-11 18:53 . 2015-12-09 07:08 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2015-11-11 18:53 . 2015-12-09 07:08 525312 ----a-w- c:\windows\system32\catsrvut.dll
2015-11-11 18:39 . 2015-12-09 07:08 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2015-11-11 18:39 . 2015-12-09 07:08 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2015-11-10 18:55 . 2015-12-09 07:08 1648128 ----a-w- c:\windows\system32\DWrite.dll
2015-11-10 18:55 . 2015-12-09 07:08 1180160 ----a-w- c:\windows\system32\FntCache.dll
2015-11-10 18:55 . 2015-12-09 07:08 1008640 ----a-w- c:\windows\system32\user32.dll
2015-11-10 18:39 . 2015-12-09 07:08 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-11-10 18:37 . 2015-12-09 07:08 833024 ----a-w- c:\windows\SysWow64\user32.dll
2015-11-10 16:56 . 2015-12-20 15:41 964928 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2015-11-10 16:56 . 2015-11-10 16:56 194976 ----a-w- c:\windows\system32\drivers\VBoxNetLwf.sys
2015-11-10 16:56 . 2015-11-10 16:56 117768 ----a-w- c:\windows\system32\drivers\VBoxNetAdp6.sys
2015-11-10 16:56 . 2015-12-20 15:41 138904 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-11-10 14:50 1731800 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-11-10 14:50 1731800 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-11-10 14:50 1731800 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 200512 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_EE92DA24D002778557D1C2B055218649"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2016-02-03 748872]
"Dropbox Update"="c:\users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-05-15 134512]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"f.lux"="c:\users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
.
c:\users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Cloud Mail.Ru.lnk - c:\users\jonas\AppData\Local\Mail.Ru\Cloud\Cloud.exe -noballoon [2014-4-5 462040]
Dropbox.lnk - c:\users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2016-2-5 25122048]
Samsung Magician.lnk - c:\program files (x86)\Samsung Magician\Samsung Magician.exe  /AUTOHIDE [2014-4-3 4838816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Install LastPass IE RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid support@lastpass.com [2015-12-20 20320792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 Origin Client Service;Origin Client Service;g:\program files\Origin\OriginClientService.exe;g:\program files\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 PAExec;PAExec;c:\windows\PAExec.exe;c:\windows\PAExec.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;g:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;g:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
R3 XSplit_Dummy;XSplit  Stream  Audio  Renderer;c:\windows\system32\drivers\xspltspk.sys;c:\windows\SYSNATIVE\drivers\xspltspk.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;c:\windows\system32\DRIVERS\SamsungRapidDiskFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidDiskFltr.sys [x]
S0 SamsungRapidFSFltr;SamsungRapidFSFltr;c:\windows\system32\DRIVERS\SamsungRapidFSFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidFSFltr.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxNetAdp;VirtualBox NDIS 6.0 Miniport Service;c:\windows\system32\DRIVERS\VBoxNetAdp6.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp6.sys [x]
S1 VBoxNetLwf;VirtualBox NDIS6 Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetLwf.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetLwf.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IntelHaxm;Intel HAXM Service;c:\windows\system32\DRIVERS\IntelHaxm.sys;c:\windows\SYSNATIVE\DRIVERS\IntelHaxm.sys [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 postgresql-x64-9.5;postgresql-x64-9.5 - PostgreSQL Server 9.5;g:\program files\PostgreSQL\9.5\bin\pg_ctl.exe;g:\program files\PostgreSQL\9.5\bin\pg_ctl.exe [x]
S2 SamsungRapidSvc;Samsung RAPID Mode Service;c:\windows\system32\RAPID\SamsungRapidSvc.exe;c:\windows\SYSNATIVE\RAPID\SamsungRapidSvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel® USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-05 06:52 1090376 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.103\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2015-12-18 15:42 286904 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2016-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-05 11:51]
.
2016-02-07 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core.job
- c:\users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15 16:26]
.
2016-02-07 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA.job
- c:\users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15 16:26]
.
2016-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-03 13:28]
.
2016-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-03 13:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-01-15 19:45 775096 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-01-15 19:45 775096 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\  GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-01-15 19:45 775096 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 238400 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 238400 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 238400 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 238400 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 238400 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 238400 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 238400 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-02-04 19:39 238400 ----a-w- c:\users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-10-22 7203032]
"SamsungRapidApp"="c:\program files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe" [2014-09-16 281776]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-01-12 2787264]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-01-12 1860120]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-11-22 2919168]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: LastPass - file://c:\users\jonas\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\users\jonas\AppData\LocalLow\LastPass\context.html?cmd=fillforms
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{64A9418A-B6B1-4112-B75C-E61633C9A31F} - c:\users\jonas\AppData\Local\Temp\mcse32_00.dll
ShellIconOverlayIdentifiers-{6A2E142B-EA63-433A-AC05-5223CBD26E65} - c:\users\jonas\AppData\Local\Temp\mcse32_00.dll
ShellIconOverlayIdentifiers-{6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} - c:\users\jonas\AppData\Local\Temp\mcse32_00.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
ShellIconOverlayIdentifiers-{64A9418A-B6B1-4112-B75C-E61633C9A31F} - c:\users\jonas\AppData\Local\Temp\mcse64_00.dll
ShellIconOverlayIdentifiers-{6A2E142B-EA63-433A-AC05-5223CBD26E65} - c:\users\jonas\AppData\Local\Temp\mcse64_00.dll
ShellIconOverlayIdentifiers-{6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} - c:\users\jonas\AppData\Local\Temp\mcse64_00.dll
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_286_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:42,ef,90,f3,1f,1d,82,5e,82,85,ff,4f,01,d7,ea,88,88,b0,3c,c4,3f,
   0b,65,c4,cf,29,a9,b2,54,c5,29,6f,25,86,19,00,7a,6a,2d,90,08,2e,98,6c,48,7a,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_286.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Environment*]
"v5Setup"="07-YEGB-ZUM7-KK83-N923-26V7-ZCE1CCD"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:42,ef,90,f3,1f,1d,82,5e,82,85,ff,4f,01,d7,ea,88,88,b0,3c,c4,3f,
   0b,65,c4,cf,29,a9,b2,54,c5,29,6f,25,86,19,00,7a,6a,2d,90,08,2e,98,6c,48,7a,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\users\jonas\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
c:\users\jonas\AppData\Local\Mail.Ru\Cloud\15050403\Cloud.exe
c:\users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\Samsung Magician\Samsung Magician.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2016-02-01  09:21:23 - počítač byl restartován
ComboFix-quarantined-files.txt  2016-02-01 08:21
.
Před spuštěním: Volných bajtů: 42 103 410 688
Po spuštění: Volných bajtů: 41 849 090 048
.
- - End Of File - - B84836B53FCDD44CF8FA90EDF43CAE74
A36C5E4F47E84449FF07ED3517B43A31
 
 
========= End of CMD: =========
 
 
==== End of Fixlog 09:09:33 ====


#14 jojkos

jojkos
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:35 PM

Posted 08 February 2016 - 03:34 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by jonas (administrator) on JONAS-PC (08-02-2016 09:23:39)
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Loaded Profiles: jonas (Available Profiles: jonas)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(PostgreSQL Global Development Group) G:\Program Files\PostgreSQL\9.5\bin\postgres.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Users\jonas\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Flux Software LLC) C:\Users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe
(Mail.Ru) C:\Users\jonas\AppData\Local\Mail.Ru\Cloud\15050403\Cloud.exe
(Dropbox, Inc.) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) G:\Cloud@Mail.Ru\Downloads\cleaning\englishFRST64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2919168 2011-11-22] (ESET)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [GoogleChromeAutoLaunch_EE92DA24D002778557D1C2B055218649] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-03] (Google Inc.)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [Dropbox Update] => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-15] (Dropbox, Inc.)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Run: [f.lux] => C:\Users\jonas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\GPhotos.scr
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay0] -> {64A9418A-B6B1-4112-B75C-E61633C9A31F} =>  No File
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay1] -> {6A2E142B-EA63-433A-AC05-5223CBD26E65} =>  No File
ShellIconOverlayIdentifiers: [  MailRuCloudIconOverlay2] -> {6AFCC535-2F12-4F50-9F0A-1CF856CFC95D} =>  No File
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt.31.dll [2016-02-04] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-12-20]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Cloud Mail.Ru.lnk [2015-01-01]
ShortcutTarget: Cloud Mail.Ru.lnk -> C:\Users\jonas\AppData\Local\Mail.Ru\Cloud\Cloud.exe (Mail.Ru)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2014-04-03]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{7879FF6A-146D-4BB4-B9E1-8469CFD3960A}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{C078BF4E-5A08-44B4-9584-23154FB7D172}: [DhcpNameServer] 10.0.0.138
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-29] (Oracle Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-12-20] (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-29] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-12-20] (LastPass)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> g:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-12-20] (LastPass)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-12-20] (LastPass)
IE Session Restore: HKU\S-1-5-21-3833239083-678279768-2220751185-1001 -> is enabled.
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-29] (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-12-20] (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> G:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-12-20] (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3833239083-678279768-2220751185-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jonas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-05-16] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Session Manager) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2014-04-03]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (JSONView) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2016-01-28]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Kalendář Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-12]
CHR Extension: (Postman - REST Client) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm [2015-10-16]
CHR Extension: (Quick Javascript Switcher) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2016-01-05]
CHR Extension: (AdBlock) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-01-30]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-02-02]
CHR Extension: (Google Play Music) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-01-21]
CHR Extension: (Smooth Gestures) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-04-03]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-09-18]
CHR Extension: (Vylepšení WISu) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\macimepnbaggfjekcmlcohlffafgamcc [2014-04-03]
CHR Extension: (Hangouts Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-12-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-22]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Second facebook message icon) - G:\Dropbox\vecicky\chromeExtension [2015-10-02]
CHR Profile: C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Dokumenty Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Disk Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Vyhledávání Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Tabulky Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Peněženka Google) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\jonas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3833239083-678279768-2220751185-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-29] () [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2011-11-22] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [814264 2011-11-22] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; G:\Program Files\Origin\OriginClientService.exe [1931632 2015-04-16] (Electronic Arts)
S3 PAExec; C:\Windows\PAExec.exe [207872 2015-02-10] (Power Admin LLC) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-07-23] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-07-23] ()
R2 postgresql-x64-9.5; G:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [92160 2015-12-16] (PostgreSQL Global Development Group) [File not signed]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [805840 2015-09-26] (Tunngle.net GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2014-02-28] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-05] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171152 2011-11-21] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2011-11-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [125296 2011-11-21] (ESET)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [84992 2014-11-18] (Intel  Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [116296 2014-09-09] (Oracle Corporation)
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15544 2014-06-23] (Headsoft)
S3 VSPerfDrv100; G:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows ® Win 7 DDK provider)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-08 09:21 - 2016-02-08 09:21 - 00040483 _____ C:\ComboFix.txt
2016-02-08 09:12 - 2016-02-08 09:21 - 00000000 ____D C:\Qoobox
2016-02-08 09:09 - 2016-02-08 09:23 - 00000000 ____D C:\FRST
2016-02-07 10:16 - 2016-02-07 10:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-05 07:15 - 2016-02-05 07:15 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-03 11:04 - 2016-02-03 11:04 - 00000000 ___SD C:\Users\jonas\Documents\Zdroje dat
2016-01-28 17:26 - 2016-02-08 09:18 - 00000000 ____D C:\Windows\erdnt
2016-01-28 17:26 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-01-28 17:26 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-01-28 17:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-01-28 17:26 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-01-28 07:48 - 2016-01-28 07:48 - 00002026 _____ C:\Users\jonas\Documents\cc_20160128_074847.reg
2016-01-27 22:44 - 2016-01-23 02:12 - 00110016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-01-27 22:43 - 2016-01-23 04:42 - 31079992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 24911296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 21193544 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 17626352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 16995064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 12379072 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-01-27 22:43 - 2016-01-23 04:42 - 03145272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 02721216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436175.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436175.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00948672 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00689600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00468960 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-01-27 22:43 - 2016-01-23 04:42 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 42983992 _____ C:\Windows\system32\nvcompiler.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 37614528 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-01-27 22:42 - 2016-01-23 04:42 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-01-26 08:51 - 2016-01-26 08:51 - 00000000 ____D C:\Program Files\trend micro
2016-01-24 23:44 - 2016-01-24 23:44 - 00107030 _____ C:\Users\jonas\Documents\cc_20160124_234442.reg
2016-01-24 14:14 - 2016-01-24 14:14 - 00003584 _____ C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-24 11:52 - 2016-01-24 11:52 - 00000805 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2016-01-24 11:52 - 2016-01-24 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2016-01-21 16:49 - 2015-12-18 07:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-01-21 16:49 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-01-21 16:49 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-01-16 19:35 - 2016-01-16 19:35 - 00000213 _____ C:\Users\jonas\Desktop\Dota 2.url
2016-01-13 09:08 - 2016-01-13 09:08 - 00000882 _____ C:\Users\jonas\Desktop\BitTorrent Sync.lnk
2016-01-13 09:08 - 2016-01-13 09:08 - 00000862 _____ C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent Sync.lnk
2016-01-13 07:25 - 2015-12-24 00:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 07:25 - 2015-12-23 23:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 07:25 - 2015-12-12 19:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 07:25 - 2015-12-12 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 07:25 - 2015-12-12 19:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 07:25 - 2015-12-12 19:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 07:25 - 2015-12-12 19:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 07:25 - 2015-12-12 19:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 07:25 - 2015-12-12 19:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 07:25 - 2015-12-12 19:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 07:25 - 2015-12-12 19:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 07:25 - 2015-12-12 19:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 07:25 - 2015-12-12 19:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 07:25 - 2015-12-12 18:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 07:25 - 2015-12-12 18:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 07:25 - 2015-12-12 18:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 07:25 - 2015-12-12 18:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 07:25 - 2015-12-12 18:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 07:25 - 2015-12-12 18:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 07:25 - 2015-12-12 18:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 07:25 - 2015-12-12 18:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 07:25 - 2015-12-12 18:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 07:25 - 2015-12-12 18:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 07:25 - 2015-12-12 18:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 07:25 - 2015-12-12 18:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 07:25 - 2015-12-12 18:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 07:25 - 2015-12-12 18:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 07:25 - 2015-12-12 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 07:25 - 2015-12-12 18:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 07:25 - 2015-12-12 18:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 07:25 - 2015-12-12 18:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 07:25 - 2015-12-12 18:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 07:25 - 2015-12-12 18:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 07:25 - 2015-12-12 18:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 07:25 - 2015-12-12 18:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 07:25 - 2015-12-12 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 07:25 - 2015-12-12 18:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 07:25 - 2015-12-12 18:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 07:25 - 2015-12-12 18:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 07:25 - 2015-12-12 18:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 07:25 - 2015-12-12 18:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 07:25 - 2015-12-12 18:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 07:25 - 2015-12-12 18:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 07:25 - 2015-12-12 18:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 07:25 - 2015-12-12 18:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 07:25 - 2015-12-12 17:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 07:25 - 2015-12-12 17:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 07:25 - 2015-12-12 17:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 07:25 - 2015-12-12 17:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 07:25 - 2015-12-12 17:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 07:25 - 2015-12-11 19:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 07:25 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 07:25 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 07:25 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 07:25 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 07:25 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 07:25 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 07:25 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 07:25 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 07:25 - 2015-12-08 20:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 07:25 - 2015-12-08 20:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 07:25 - 2015-12-08 20:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 07:25 - 2015-12-08 20:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 07:25 - 2015-12-08 20:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 07:25 - 2015-12-08 20:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 07:25 - 2015-12-08 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 07:25 - 2015-12-08 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 07:25 - 2015-12-08 19:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 07:25 - 2015-12-08 18:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 07:25 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 07:25 - 2015-11-14 00:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 07:25 - 2015-11-14 00:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 07:25 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 07:25 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 07:25 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 07:24 - 2015-12-30 20:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 07:24 - 2015-12-30 20:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 07:24 - 2015-12-30 20:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 07:24 - 2015-12-30 20:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 07:24 - 2015-12-30 20:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 07:24 - 2015-12-30 20:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 07:24 - 2015-12-30 20:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 07:24 - 2015-12-30 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 07:24 - 2015-12-30 19:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 07:24 - 2015-12-30 19:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 07:24 - 2015-12-30 19:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 07:24 - 2015-12-30 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 07:24 - 2015-12-30 19:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 07:24 - 2015-12-30 19:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 07:24 - 2015-12-30 19:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 07:24 - 2015-12-30 19:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 07:24 - 2015-12-30 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 07:24 - 2015-12-30 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 07:24 - 2015-12-30 19:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 07:24 - 2015-12-30 19:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 07:24 - 2015-12-30 18:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 07:24 - 2015-12-30 18:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 07:24 - 2015-12-30 18:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 07:24 - 2015-12-30 18:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 07:24 - 2015-12-30 18:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 07:24 - 2015-12-30 18:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 07:24 - 2015-12-30 18:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 07:24 - 2015-12-30 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 07:24 - 2015-12-30 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 07:24 - 2015-12-30 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 07:24 - 2015-12-30 18:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 07:24 - 2015-12-30 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-13 07:24 - 2015-12-08 22:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 07:24 - 2015-12-08 22:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 07:24 - 2015-12-08 20:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 07:24 - 2015-12-08 20:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 07:24 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 07:24 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 07:24 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 07:24 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-08 09:21 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Apps\2.0
2016-02-08 09:19 - 2015-02-15 12:12 - 00000091 _____ C:\HaxLogs.txt
2016-02-08 09:19 - 2014-04-03 22:09 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Dropbox
2016-02-08 09:19 - 2014-04-03 18:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-08 09:19 - 2014-04-03 18:41 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-08 09:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-08 09:19 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-02-08 09:18 - 2009-07-14 05:45 - 00029936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-08 09:18 - 2009-07-14 05:45 - 00029936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-08 09:16 - 2011-04-12 10:17 - 00700148 _____ C:\Windows\system32\perfh005.dat
2016-02-08 09:16 - 2011-04-12 10:17 - 00151468 _____ C:\Windows\system32\perfc005.dat
2016-02-08 09:16 - 2009-07-14 06:13 - 01663906 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-08 09:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-08 09:04 - 2014-04-05 17:18 - 00000600 _____ C:\Users\jonas\AppData\Local\PUTTY.RND
2016-02-08 09:04 - 2014-04-04 11:52 - 00000600 _____ C:\Users\jonas\AppData\Roaming\winscp.rnd
2016-02-08 08:59 - 2014-04-03 18:35 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7079FD3F-E4C4-4ADF-BBC5-C4FAD5B8887F}
2016-02-08 08:52 - 2014-04-03 18:41 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-08 08:51 - 2014-04-05 18:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-07 21:27 - 2015-05-15 17:26 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA.job
2016-02-07 20:38 - 2015-05-15 17:26 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core.job
2016-02-06 18:56 - 2014-04-06 10:15 - 00000000 ____D C:\Users\jonas\Documents\Visual Studio 2010
2016-02-06 18:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-05 14:10 - 2015-10-08 19:22 - 00001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-02-05 10:10 - 2014-04-16 13:38 - 00000132 _____ C:\Users\jonas\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-02-05 09:31 - 2014-04-03 19:20 - 00000000 ____D C:\Users\jonas\AppData\Roaming\uTorrent
2016-02-05 09:28 - 2014-04-03 19:27 - 00000000 ____D C:\Users\jonas\AppData\Roaming\vlc
2016-02-05 07:53 - 2014-04-03 18:43 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-05 07:53 - 2014-04-03 18:43 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-04 21:07 - 2015-12-21 20:39 - 00000000 ____D C:\Users\jonas\AppData\Local\CrashDumps
2016-02-04 21:06 - 2014-07-30 23:39 - 00000000 ____D C:\Users\jonas\AppData\Roaming\D2MP
2016-02-03 10:30 - 2014-09-11 15:19 - 00002290 ____H C:\Users\jonas\Documents\Default.rdp
2016-02-03 09:42 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-02-02 16:47 - 2014-04-03 18:41 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 16:47 - 2014-04-03 18:41 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-29 19:47 - 2015-09-17 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-01-29 17:17 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Deployment
2016-01-28 17:29 - 2015-05-24 12:41 - 00000000 ____D C:\ProgramData\TEMP
2016-01-28 17:26 - 2015-02-10 11:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-27 22:44 - 2015-09-02 10:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-27 22:44 - 2015-02-10 11:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-27 09:04 - 2014-04-11 08:51 - 00000000 ____D C:\Users\jonas\.VirtualBox
2016-01-25 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-24 23:37 - 2014-04-05 16:14 - 00000000 ____D C:\Users\jonas\AppData\Roaming\DAEMON Tools Lite
2016-01-24 11:52 - 2014-04-03 18:40 - 00000000 ____D C:\Users\jonas\AppData\Local\Google
2016-01-23 04:42 - 2015-02-10 11:22 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 03683560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 03258664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-01-23 04:42 - 2015-02-10 11:22 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2016-01-23 02:04 - 2015-12-22 11:18 - 00532024 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-01-23 02:04 - 2015-12-22 11:18 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 06368312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 02992064 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 01263040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-01-23 02:04 - 2015-02-10 11:23 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-01-23 02:04 - 2015-02-10 11:23 - 00071224 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-01-22 22:07 - 2015-02-10 11:23 - 06125650 _____ C:\Windows\system32\nvcoproc.bin
2016-01-21 16:50 - 2015-09-02 10:10 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-01-21 16:50 - 2015-09-02 10:10 - 00000000 ____D C:\Users\jonas\AppData\Local\NVIDIA
2016-01-21 12:13 - 2015-10-08 20:11 - 04289729 ____H C:\Users\jonas\AppData\Local\IconCache.db.backup
2016-01-20 15:28 - 2015-04-08 14:06 - 00000000 ____D C:\Users\jonas\.matplotlib
2016-01-20 15:26 - 2014-04-04 06:34 - 00000000 ____D C:\Python27
2016-01-20 12:51 - 2014-04-05 18:41 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 12:51 - 2014-04-05 18:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 12:51 - 2014-04-05 18:41 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-16 19:35 - 2014-04-05 17:15 - 00000000 ____D C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-15 08:13 - 2015-12-20 18:32 - 00000000 ____D C:\Users\jonas\Documents\StarCraft II
2016-01-14 13:55 - 2015-11-17 12:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 13:55 - 2014-12-24 13:32 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 08:30 - 2015-10-08 20:57 - 05014280 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-14 08:29 - 2014-12-10 13:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-14 08:29 - 2014-05-06 17:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-13 13:36 - 2014-04-06 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-06 19:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 13:36 - 2014-04-06 19:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 13:35 - 2014-04-05 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-13 13:35 - 2014-04-03 18:57 - 00000000 ____D C:\Windows\system32\MRT
2016-01-13 13:30 - 2014-04-03 18:57 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-13 13:25 - 2014-09-30 22:18 - 00000000 ____D C:\Users\jonas\AppData\Roaming\BitTorrent Sync
2016-01-12 05:41 - 2015-09-02 10:10 - 01542600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-01-12 05:41 - 2015-09-02 10:10 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-01-12 05:40 - 2015-11-20 13:31 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-01-12 05:40 - 2015-09-02 10:10 - 01860120 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-01-12 05:40 - 2015-09-02 10:10 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-01-09 19:39 - 2015-07-23 15:31 - 00000000 ____D C:\Users\jonas\Documents\The Witcher 3
 
==================== Files in the root of some directories =======
 
2015-12-20 15:09 - 2015-12-20 15:09 - 20320792 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-05-10 11:03 - 2014-05-10 11:03 - 0000132 _____ () C:\Users\jonas\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-04-16 13:38 - 2016-02-05 10:10 - 0000132 _____ () C:\Users\jonas\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-04-05 17:13 - 2014-05-29 14:21 - 0045270 _____ () C:\Users\jonas\AppData\Roaming\room_v3.dat
2014-06-10 17:21 - 2014-06-10 17:21 - 0000044 _____ () C:\Users\jonas\AppData\Roaming\twow_sysprepdt.dat
2014-04-04 11:52 - 2016-02-08 09:04 - 0000600 _____ () C:\Users\jonas\AppData\Roaming\winscp.rnd
2016-01-24 14:14 - 2016-01-24 14:14 - 0003584 _____ () C:\Users\jonas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-16 08:47 - 2015-09-16 08:47 - 0000000 ___SH () C:\Users\jonas\AppData\Local\LumaEmu
2014-04-05 17:18 - 2016-02-08 09:04 - 0000600 _____ () C:\Users\jonas\AppData\Local\PUTTY.RND
2015-07-27 14:25 - 2015-07-27 14:25 - 0001223 _____ () C:\Users\jonas\AppData\Local\recently-used.xbel
2014-11-20 17:31 - 2015-02-09 03:00 - 0007635 _____ () C:\Users\jonas\AppData\Local\resmon.resmoncfg
2014-04-24 17:46 - 2014-04-24 17:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor           {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  cs-CZ
inherit                 {globalsettings}
default                 {current}
resumeobject            {7823846d-bb5d-11e3-aff5-cf2949492f4c}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor           {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  cs-CZ
inherit                 {bootloadersettings}
recoverysequence        {7823846f-bb5d-11e3-aff5-cf2949492f4c}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {7823846d-bb5d-11e3-aff5-cf2949492f4c}
nx                      OptIn
vga                     No
 
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor           {7823846f-bb5d-11e3-aff5-cf2949492f4c}
device                  ramdisk=[C:]\Recovery\7823846f-bb5d-11e3-aff5-cf2949492f4c\Winre.wim,{78238470-bb5d-11e3-aff5-cf2949492f4c}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\7823846f-bb5d-11e3-aff5-cf2949492f4c\Winre.wim,{78238470-bb5d-11e3-aff5-cf2949492f4c}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Obnovenˇ z hibernace
---------------------
identifik tor           {7823846d-bb5d-11e3-aff5-cf2949492f4c}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  cs-CZ
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor           {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Diagnostika pamŘti syst‚mu Windows
locale                  cs-CZ
inherit                 {globalsettings}
badmemoryaccess         Yes
 
Nastavenˇ slu§by EMS
------------
identifik tor           {emssettings}
bootems                 Yes
 
Nastavenˇ ladicˇho programu
-----------------
identifik tor           {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
Chyby pamŘti RAM
-----------
identifik tor           {badmemory}
 
Glob lnˇ nastavenˇ
---------------
identifik tor           {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor           {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Nastavenˇ hypervisoru
-------------------
identifik tor           {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor           {resumeloadersettings}
inherit                 {globalsettings}
 
Parametry zaýˇzenˇ
--------------
identifik tor           {78238470-bb5d-11e3-aff5-cf2949492f4c}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\7823846f-bb5d-11e3-aff5-cf2949492f4c\boot.sdi
 
 
 
LastRegBack: 2016-01-29 17:11
 
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by jonas (2016-02-08 09:23:57)
Running from G:\Cloud@Mail.Ru\Downloads\cleaning
Windows 7 Professional Service Pack 1 (X64) (2014-04-03 17:31:28)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3833239083-678279768-2220751185-500 - Administrator - Disabled)
Guest (S-1-5-21-3833239083-678279768-2220751185-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3833239083-678279768-2220751185-1002 - Limited - Enabled)
jonas (S-1-5-21-3833239083-678279768-2220751185-1001 - Administrator - Enabled) => C:\Users\jonas
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Aktualizace NVIDIA 2.9.1.22 (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BitTorrent Sync (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\BitTorrent Sync) (Version: 2.2.7 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Borderlands: The Pre-Sequel v1.0.5 to v1.0.6 Update (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.66.1075 - AB Team, d.o.o.)
Cloud Mail.Ru (HKLM-x32\...\{776AF05B-784A-416F-B14C-31A1FBAF8B19}_is1) (Version: 15.04.0015 - Mail.Ru Group)
CMake 3.0.2, a cross-platform, open-source build system (HKLM-x32\...\CMake 3.0.2) (Version: 3.0.2 - Kitware)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dark Souls II Crown of the Ivory King (HKLM-x32\...\Dark Souls II Crown of the Ivory King_is1) (Version:  - )
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
doxygen 1.8.9.1 (HKLM\...\doxygen_is1) (Version: 1.8.9.1 - Dimitri van Heesch)
Dropbox (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Dropbox) (Version: 3.14.4 - Dropbox, Inc.)
Dying Light Ultimate Edition version 1.0.6.1 (HKLM-x32\...\Dying Light Ultimate Edition_is1) (Version: 1.0.6.1 - Mr DJ)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
ESET NOD32 Antivirus (HKLM\...\{07E7B9EE-1910-49F5-9A1C-7EDB0D6BFE58}) (Version: 4.2.76.1 - ESET, spol. s r.o.)
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version:  - Eurobattle.net)
f.lux (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Flux) (Version:  - )
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.01 - Ubisoft)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
GitHub (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google App Engine (HKLM-x32\...\{AE010912-007D-11DD-A3C1-001636EEECBD}) (Version: 1.9.18.0 - Google Inc.)
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Heroku Toolbelt 3.42.25 (HKLM-x32\...\Heroku Toolbelt_is1) (Version: 3.42.25 - Heroku, Inc.)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
import.io (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
JabRef 2.10 (HKLM-x32\...\JabRef 2.10) (Version: 2.10 - JabRef Team)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
JetBrains PyCharm 5.0.2 (HKLM-x32\...\PyCharm 5.0.2) (Version: 143.1184.3 - JetBrains s.r.o.)
KitchenDraw 6.5 (HKLM-x32\...\KitchenDraw_is1) (Version:  - Pragma)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ Compiler Package for Python 2.7 (HKLM-x32\...\{692514A8-5484-45FC-B0AE-BE2DF7A75891}) (Version: 9.0.1.30729 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{0666E46E-A860-4353-BE6D-13AA72FABB57}) (Version: 1.3.0.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
New Quest - Contract - Skellige's Most Wanted (HKLM-x32\...\New Quest - Contract: Skellige's Most Wanted_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Where the Cat and Wolf Play... (HKLM-x32\...\New Quest - Where the Cat and Wolf Play..._is1) (Version: 1.0.0.0 - GOG.com)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Node.js (HKLM\...\{8C7BB038-9DF2-4B43-8BF7-42D95559E459}) (Version: 4.1.1 - Node.js Foundation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 361.75 (Version: 361.75 - NVIDIA Corporation) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PostgreSQL 9.5  (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
pyexiv2 0.3.2 for Python 2.7 (64 bits) (HKLM\...\pyexiv2-0.3.2-py27-amd64) (Version: 0.3.2 - )
PyQt GPL v4.11.2 for Python v2.7 (x64) (HKLM\...\PyQt GPL v4.11.2 for Python v2.7 (x64)) (Version: 4.11.2 - )
PyQt GPL v5.3.2 for Python v3.4 (x64) (HKLM\...\PyQt GPL v5.3.2 for Python v3.4 (x64)) (Version: 5.3.2 - )
Python 2.7 matplotlib-1.4.3 (64-bit) (HKLM\...\matplotlib-py2.7) (Version:  - )
Python 2.7 numpy-1.9.0 (64-bit) (HKLM\...\numpy-py2.7) (Version:  - )
Python 2.7 py2exe-0.6.9 (HKLM\...\py2exe-py2.7) (Version:  - )
Python 2.7 pygame-1.9.2a0 (64-bit) (HKLM\...\pygame-py2.7) (Version:  - )
Python 2.7 pywin32-219 (HKLM\...\pywin32-py2.7) (Version:  - )
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Python 3.4 py2exe-0.9.2.0 (HKLM\...\py2exe-py3.4) (Version:  - )
Python 3.4.0 (64-bit) (HKLM\...\{863162a8-ecc2-35ea-bdf7-e09ac456e164}) (Version: 3.4.150 - Python Software Foundation)
Qt (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\Qt) (Version: 1.0.1 - Digia Plc)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Ruby 2.1.7-p400 (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{64763A89-6347-43AF-833F-3840615C62AE}_is1) (Version: 2.1.7-p400 - RubyInstaller Team)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SceneBuilder (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\{com.oracle.javafx.scenebuilder.app}}_is1) (Version: 8.0.0 - Gluon)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skellige Armor Set (HKLM-x32\...\Skellige Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Slik Subversion 1.8.10 (x64) (HKLM\...\{77E9DE63-9345-4940-A288-0DF70243E2B2}) (Version: 1.8.10017 - SlikSvn & The SharpSvn Project)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3 - Wild Hunt (HKLM-x32\...\The Witcher 3 - Wild Hunt_is1) (Version:  - )
The Witcher 3: Wild Hunt - Alternative Look for Ciri (HKLM-x32\...\Alternative Look for Ciri_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - New Finisher Animations (HKLM-x32\...\New Finisher Animations_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3: Wild Hunt - NEW GAME + (HKLM-x32\...\NEW GAME +_is1) (Version: 1.0.0.0 - GOG.com)
Towerfall - Ascension - Dark World (HKLM-x32\...\Towerfall: Ascension - Dark World_is1) (Version: 2.0.0.1 - GOG.com)
Towerfall - Ascension (HKLM-x32\...\1430924174_is1) (Version: 2.0.0.1 - GOG.com)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.6 - Tunngle.net GmbH)
TweakNow DiskAnalyzer (HKLM-x32\...\TweakNow DiskAnalyzer_is1) (Version: 1.3.0 - TweakNow.com)
Unity Web Player (HKU\S-1-5-21-3833239083-678279768-2220751185-1001\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{C224EEBF-D40A-4056-9DD3-EE74666F74AB}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VPython 6.05 (HKLM\...\VPython for Python 2.7_is1) (Version:  - )
WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WinEdt 9 (HKLM\...\WinEdt 9) (Version: 9.0 - WinEdt Team)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
Wireshark 1.12.8 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.8 - The Wireshark developer community, hxxp://www.wireshark.org)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA00-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA01-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA02-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA03-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{581FFA04-FC33-0007-0202-95003A5CDE89}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\BitTorrent Sync\SyncShellExtension64_A0.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{6775BBF1-8D9D-4D14-A999-4E78DF8DCEC6}\InprocServer32 -> C:\Users\jonas\AppData\Local\Temp\mcse64_00.dll => No File
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> G:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3833239083-678279768-2220751185-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.31.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {26BF622C-C174-448A-9F53-9DC5F4618579} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {30729FBC-48F6-44B7-8A31-AAA49E1BE1B5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4C9A9A15-0D39-4E66-AC29-11756D24F3C8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {5498636D-DE74-4B67-B17F-3AA0F9537CE0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15] (Dropbox, Inc.)
Task: {63064C3A-F629-434D-BB53-8416560ADD8F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {63459A48-771B-4060-9D5A-AD0E86937E6D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {70B5E652-216D-4682-9F2B-FA000AC16B9D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {A733E1CE-3018-400C-A9C6-7E568E499D22} - System32\Tasks\{F3174046-6E23-4FD3-A6C4-3105F1AFED9D} => pcalua.exe -a G:\Cloud@Mail.Ru\Downloads\WDM_R273.exe -d G:\Cloud@Mail.Ru\Downloads
Task: {AF1DE7AD-2AA2-4A3C-9862-964CA40B671F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-05-15] (Dropbox, Inc.)
Task: {D0BFDCD1-BCDF-4425-B1AC-F6E5FE894EDC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E36732E4-5AE7-4D26-A782-38E10F581A80} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F149083D-1F52-49F1-BDD5-96F574231CC9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {F946A854-374D-4608-8907-44535FE77678} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001Core.job => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3833239083-678279768-2220751185-1001UA.job => C:\Users\jonas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.7-p400\Interactive Ruby.lnk -> G:\Program Files (x86)\Heroku\ruby-2.1.7\bin\irb.bat ()
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\jonas\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()
Shortcut: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud SDK\Google App Engine Launcher.lnk -> G:\Program Files\Google\Cloud SDK\GoogleAppEngineLauncher.bat ()
 
ShortcutWithArgument: C:\Users\jonas\Desktop\Google Cloud SDK Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "SET CLOUDSDK_CONFIG=C:\Users\jonas\AppData\Roaming\gcloud&"G:\Program Files\Google\Cloud SDK\cloud_env.bat""
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.7-p400\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K G:\Program Files (x86)\Heroku\ruby-2.1.7\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qt\5.3\MSVC 2010 OpenGL (32-bit)\Qt 5.3 32-bit for Desktop (MSVC 2010 OpenGL).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /A /Q /K G:\Qt\5.3\msvc2010_opengl\bin\qtenv2.bat
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 32-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" amd64"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual C++ Compiler Package for Python 2.7\Visual C++ 2008 64-bit Cross Tools Command Prompt.lnk -> C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) -> /k ""C:\Users\jonas\AppData\Local\Programs\Common\Microsoft\Visual C++ for Python\9.0\vcvarsall.bat" x86_amd64"
ShortcutWithArgument: C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud SDK\Google Cloud SDK Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "SET CLOUDSDK_CONFIG=C:\Users\jonas\AppData\Roaming\gcloud&"G:\Program Files\Google\Cloud SDK\cloud_env.bat""
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-02-10 11:23 - 2016-01-23 02:04 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-24 17:44 - 2013-05-07 08:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-21 09:07 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-06-14 19:40 - 2014-07-23 21:47 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-14 19:40 - 2014-07-23 21:47 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-12-22 11:07 - 2015-12-16 07:59 - 00183296 _____ () G:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2015-12-22 11:07 - 2015-08-26 09:40 - 02257408 _____ () G:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2014-04-24 17:44 - 2016-02-08 09:19 - 00027136 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-04-24 17:44 - 2013-05-07 08:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-09-02 10:10 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-20 10:33 - 2016-01-12 19:44 - 00034768 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-05 07:15 - 2016-01-12 19:45 - 00019408 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-02-05 07:15 - 2016-01-12 19:44 - 00116688 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-11-20 10:33 - 2016-01-12 19:44 - 00093640 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00018376 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\select.pyd
2015-11-20 10:33 - 2016-02-04 20:41 - 00019760 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00105928 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-02-05 07:15 - 2016-01-12 19:44 - 00392144 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-11-20 10:33 - 2016-02-04 20:41 - 00381752 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00692688 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00020816 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-11-20 10:33 - 2016-01-12 19:45 - 00112592 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 01682760 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00020808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-11-20 10:33 - 2016-02-04 20:41 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-11-20 10:33 - 2016-02-04 20:41 - 00021840 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00038696 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-05 07:15 - 2016-01-12 19:46 - 00020936 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00024528 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00114640 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00124880 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00021832 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00024016 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00175560 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00030160 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00043472 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00028616 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00048592 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00026456 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-11-20 10:33 - 2016-01-12 19:46 - 00057808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00024016 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00117056 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00024392 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-05 07:15 - 2016-01-12 19:47 - 00036296 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\librsync.dll
2015-11-20 10:33 - 2016-02-04 20:41 - 00023376 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-11-20 10:33 - 2016-01-12 19:44 - 00134608 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-05 07:15 - 2016-01-12 19:44 - 00134088 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-05 07:15 - 2016-01-12 19:45 - 00240584 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00052024 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00021824 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00019776 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00020800 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00020280 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-11-20 10:33 - 2016-01-12 19:47 - 00350152 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-01-21 20:18 - 2016-02-04 20:41 - 00022352 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00084792 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-02-05 07:15 - 2016-02-04 20:41 - 01826096 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-11-20 10:33 - 2016-01-12 19:45 - 00083912 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\sip.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 03928880 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 01971504 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00531248 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00132912 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00223544 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00207672 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00158008 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00042808 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-05 07:15 - 2016-01-12 19:49 - 00017864 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-05 07:15 - 2016-01-12 19:49 - 01631184 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-11-20 10:33 - 2016-02-04 20:41 - 00024904 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00546096 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-02-05 07:15 - 2016-02-04 20:41 - 00357680 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 22:45 - 2016-01-12 19:52 - 00697304 _____ () C:\Users\jonas\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-04-03 20:14 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2016-02-05 07:53 - 2016-02-03 08:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-05 07:53 - 2016-02-03 08:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll
2014-04-24 17:48 - 2013-09-16 05:19 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\Users\jonas\Local Settings:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local\Data aplikací:TaoZwDtWBw69ijNEkGvRmM
AlternateDataStreams: C:\Users\jonas\AppData\Local\Temp:t4LoDps9uRBcCimDR60z
AlternateDataStreams: C:\Users\jonas\AppData\Local\Temporary Internet Files:Z0uHERu6ep2bcmxcp4avX
AlternateDataStreams: C:\Users\Public\DRM:احتضان
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2016-02-08 09:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3833239083-678279768-2220751185-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jonas\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "G:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => 
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\jonas\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A9761036-2492-4509-9B24-0D7D3222B72A}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1B41E6D-8EC2-4048-AF92-BBFB3E0793D7}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F7AB77D0-1FBB-467D-8C70-5774D8EAC59A}] => (Allow) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C41D80CE-0F17-4ECF-96FD-FB1C4F07D666}] => (Allow) C:\Users\jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CAC326BF-E525-4E3C-A570-6F67CD49CC69}] => (Allow) G:\Program Files\Steam\Steam.exe
FirewallRules: [{328EF74F-2E68-448B-8EBF-ADB1EFE9272D}] => (Allow) G:\Program Files\Steam\Steam.exe
FirewallRules: [{6CAB3EBA-A8A8-4E78-BB4B-653C68BE5891}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{36CE1EA1-A3C0-49D1-B259-6D5C0E5E6485}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5DED1022-32AC-4A63-8E13-57C5FB3A2C3D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{5E546E71-29E4-4161-BA10-9F375EFB8D2A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FC7B9113-3FAD-45CB-8F37-9C4A1A6517BB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{61BCA08F-1361-4D6D-B7E7-BAC8ED062784}G:\cloud@mail.ru\hry\warcraft iii\war3.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [UDP Query User{1C9C1031-FE35-41B7-B7E5-EA27196EEF95}G:\cloud@mail.ru\hry\warcraft iii\war3.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{5EF15B9C-4E2D-40EC-8857-222F5E6BC62D}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{9E7E9158-AAE6-4C44-A496-55A70FF43F5D}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\war3.exe
FirewallRules: [{4D98A5BD-C155-4716-BFFB-F9530D8680D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C4B0E158-26D6-4557-8945-46A2E2C5AA50}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [TCP Query User{5BA0945F-A8AB-462C-9D45-4F1A8C88BA2D}C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F759EA7F-6978-4262-AF3F-834D2C4DD6CB}C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jonas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CADB71D3-1966-4947-BC7E-8B853FDF2EB1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7EBA233C-CF7F-4AC8-8539-BB7D9CAB6AB5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{70C11166-7288-4191-8ECA-9134E68C7DC7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{10896008-4E6F-4EB0-AE6C-E257E522BA82}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E07FEB57-63C3-470F-A2D3-F6BE5E9FB590}] => (Allow) G:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{90E35914-0C7D-4402-AC79-DFF0F6932958}] => (Allow) G:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{9982DF72-015D-483C-9E6E-73D5968D9A9B}] => (Allow) LPort=7935
FirewallRules: [{BCAB1C08-216D-4FA5-B502-A86C927286D3}] => (Allow) G:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{ADBB6653-282A-42C8-AE0A-470721DD271D}] => (Allow) G:\Program Files\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{A80E35EE-DF15-4EED-931B-A1819E21D28F}G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [UDP Query User{D93CBF69-4A14-4D21-A3D3-E70C704989C2}G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe] => (Allow) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{E8E8A2D2-728C-4207-BA8E-029D03357E55}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{5BB28CE9-4FAB-4A1E-A3F6-94C0F8E74707}] => (Block) G:\cloud@mail.ru\hry\warcraft iii\eurobattle.net\gproxy.exe
FirewallRules: [{E43FE05E-0D3C-4DB7-BC0C-572249CD19D1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{39DAF841-FEB1-405A-B7EA-855494AF55E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{71579848-0124-455D-B0B8-97E92ED14B40}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F57C39C5-6B21-4042-B19A-3FDD28655F99}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4891815C-3522-4499-BD0C-3B2B6CF19391}] => (Allow) G:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{C89E9524-C300-4D9A-BFE8-6BD1C7FDFCCF}] => (Allow) G:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{56A4FB25-66BF-445F-919F-50EB4396928D}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{6A714A49-E29E-45FE-ADC9-0010BE7E4A94}] => (Allow) C:\Users\jonas\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{47D04D33-188C-4173-9288-06657286AE0D}G:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{9AE75997-9D88-47F0-BC8E-30E6C921FF94}G:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{8F6A759C-A2C9-4035-A466-6CCE9F359661}] => (Block) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{71665B01-F6D0-49BB-A580-03B29434D290}] => (Block) G:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [TCP Query User{F22B5F0D-4C38-49DF-B211-4EE739EC14A7}G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [UDP Query User{56413D5F-E7AA-41E8-BCB0-826620656213}G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{17666D0B-8244-4C1B-ABA5-69EC42B38511}] => (Block) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{CEB8354E-6ECB-4FAB-8215-BD82A8833A5D}] => (Block) G:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe
FirewallRules: [{5B0443C7-5B2A-4E6F-A852-A59363EE0335}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{2B95183D-2939-456B-8BEB-3EF836744702}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{A3CAABD5-BC92-46E6-994E-FA678010D5F6}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{66F2E2A6-F7EA-4417-A67B-30AAD4B90B47}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{005C4B74-D32F-40D5-B9E9-26DF7F692523}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{C0B6EFE8-B1A0-4E41-8F4E-90C4F1E30BB7}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{570DCD3E-4A43-4052-A051-3FD9D40A1A2C}] => (Allow) C:\Program Files (x86)\Common Files\Microsoft Shared\XNA\XnaTrans\v3.0\XnaTransX.exe
FirewallRules: [{EFFC1DD8-F869-40B4-BDF2-D4ABCD366824}] => (Allow) C:\Program Files (x86)\Microsoft XNA\XNA Game Studio\v4.0\Bin\XnaLiveProxy.exe
FirewallRules: [{AB930C93-5902-497D-9821-1ED914D74502}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{96007E15-957A-4E33-B70A-D65AFDE1F505}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{96BF12DF-F946-447F-A392-78C0737A6528}G:\program files\codemasters\operation flashpoint\flashpointresistance.exe] => (Allow) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [UDP Query User{584BB2BC-9D4A-4BAD-9312-D48BD4A38C74}G:\program files\codemasters\operation flashpoint\flashpointresistance.exe] => (Allow) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [{D348FBC1-9522-4C8B-9D2A-DA21E23C6A6C}] => (Block) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [{FA4CB2C6-141D-44A1-B60D-64E87B736BAE}] => (Block) G:\program files\codemasters\operation flashpoint\flashpointresistance.exe
FirewallRules: [TCP Query User{62D2F4C3-282C-4125-BDA2-18F2FE3E6BA0}G:\unity\tutorialspace\builds\hra.exe] => (Allow) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [UDP Query User{C9BB3218-A8B5-4CEA-81A1-F6E6DE9464DF}G:\unity\tutorialspace\builds\hra.exe] => (Allow) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [{60BC01D9-4D98-44D9-A5CC-10E6919BE356}] => (Block) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [{D8738C0A-F69D-45CC-8502-0457A12F3B94}] => (Block) G:\unity\tutorialspace\builds\hra.exe
FirewallRules: [TCP Query User{AA89A5B3-DAAB-4292-B634-52EAD5019516}G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{33305600-EBAC-49D7-B81B-2C4B9EE35CF1}G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{F53611F2-9673-43D5-9AEA-243C0E146681}] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{88075BF3-A8EC-41B2-91F0-F18907925A01}] => (Allow) G:\program files (x86)\ borderlands the pre-sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{DE350AD5-0718-4DD1-9BAC-69747D9D3FFC}] => (Allow) G:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\DARKSOULS.exe
FirewallRules: [TCP Query User{FD4953EA-303D-42DB-830B-64A504E0B7CE}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{A6AA170F-0788-4514-8A72-E59195174F65}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{C8F7A7B7-CF57-40FB-AA5A-CCC93566E611}] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{3D34E05B-D6DF-4F96-916E-2271EB44A629}] => (Block) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [{7B1E3C3D-9AA5-4B74-B18C-E1FEC7BDED37}] => (Allow) LPort=25555
FirewallRules: [TCP Query User{D4C67678-F7CB-47BB-B129-B56900FFF326}C:\eclipse-java-php\eclipse.exe] => (Allow) C:\eclipse-java-php\eclipse.exe
FirewallRules: [UDP Query User{C0CEB00C-9A2F-4C73-A581-1DFEBA9ECDCD}C:\eclipse-java-php\eclipse.exe] => (Allow) C:\eclipse-java-php\eclipse.exe
FirewallRules: [{64BEDF24-75C0-483F-8CFD-A2BCC72D9D46}] => (Block) C:\eclipse-java-php\eclipse.exe
FirewallRules: [{851FF17C-060A-462D-A418-A8A3BB2061C3}] => (Block) C:\eclipse-java-php\eclipse.exe
FirewallRules: [TCP Query User{E58A102A-182C-4A1D-BC15-21A1337C8668}E:\bp\game\build\game.exe] => (Allow) E:\bp\game\build\game.exe
FirewallRules: [UDP Query User{33B056DA-8474-41E2-89C6-96F3F454E9A8}E:\bp\game\build\game.exe] => (Allow) E:\bp\game\build\game.exe
FirewallRules: [{F6045E92-CE60-42E9-9782-EAABDB27B7E3}] => (Block) E:\bp\game\build\game.exe
FirewallRules: [{43DDCFA6-4D8B-4CFF-AD98-EC0EE6D37B2D}] => (Block) E:\bp\game\build\game.exe
FirewallRules: [TCP Query User{CFC08413-E58E-4D19-92CB-0516D4C0EEE3}E:\bp\demonstrační hra\build\game.exe] => (Allow) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [UDP Query User{2C1CBE7D-C2C4-49FF-A54D-91B6DD197BF5}E:\bp\demonstrační hra\build\game.exe] => (Allow) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [{D54FE33D-A1DF-4A8B-A1A3-BD8E31EAAC81}] => (Block) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [{E0D7B238-EE15-4105-87AA-7C57EE00C436}] => (Block) E:\bp\demonstrační hra\build\game.exe
FirewallRules: [TCP Query User{57AF70E5-13AE-48CC-B1CC-0A57FE3811C2}D:\demonstrační hra\build\game.exe] => (Allow) D:\demonstrační hra\build\game.exe
FirewallRules: [UDP Query User{E1C5451D-F024-466D-8DC0-4954DCAB14A3}D:\demonstrační hra\build\game.exe] => (Allow) D:\demonstrační hra\build\game.exe
FirewallRules: [{109647ED-C460-47BE-A544-AE23219BD0DD}] => (Block) D:\demonstrační hra\build\game.exe
FirewallRules: [{0A091EB8-1692-46D8-8F85-8E78EBA5C1E1}] => (Block) D:\demonstrační hra\build\game.exe
FirewallRules: [TCP Query User{F334B254-9015-41B5-831B-6CEDAA4C20F8}E:\bp\demonstrační hra\build\x86\game.exe] => (Allow) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [UDP Query User{A8BAAE6C-5590-41CF-ACD0-A1B5BDCF803A}E:\bp\demonstrační hra\build\x86\game.exe] => (Allow) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [{10E94A18-1D92-4FF3-AFA0-674EA55A76B1}] => (Block) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [{35DF64DF-E3FC-46A5-B077-C4A525536670}] => (Block) E:\bp\demonstrační hra\build\x86\game.exe
FirewallRules: [TCP Query User{DCFEF4FC-EB04-45AA-B5FE-EA77E13B13CC}C:\python27\python.exe] => (Allow) C:\python27\python.exe
FirewallRules: [UDP Query User{E51AB367-FF46-41B9-AC52-699C666E782D}C:\python27\python.exe] => (Allow) C:\python27\python.exe
FirewallRules: [{F0152D3E-B131-4A31-835E-1F864F323CF8}] => (Block) C:\python27\python.exe
FirewallRules: [{A6D4A542-B9E1-470A-93F4-CDE3C21D1DF8}] => (Block) C:\python27\python.exe
FirewallRules: [{51775A54-74E0-4B8D-8A1B-C5E66410C9C0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3772998F-4E7D-4FF1-9174-8EACFC4199FF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CA9CB20C-5706-47AD-A271-EB9D16CFD5EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6AD1A012-2AC1-404C-9C03-B980B9CB2B3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5CD38C58-7FE1-44B5-93BE-DF0E738D9A2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{BCC81747-B2E2-4624-B2E2-5A7CBD91FCC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C18FC379-24C3-4EA9-86AB-64524AB7616A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{693FBDF6-0781-4CB6-AAC3-A771E37A9DE4}C:\virtualenvs\paseni\scripts\python.exe] => (Allow) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [UDP Query User{475B1E2D-AC3A-491C-BE95-84673E7C11F4}C:\virtualenvs\paseni\scripts\python.exe] => (Allow) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [{7967677C-D0D8-46DF-B9BC-36EB03549174}] => (Block) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [{623FF2F9-9C7F-480C-A36D-ED5CD771904F}] => (Block) C:\virtualenvs\paseni\scripts\python.exe
FirewallRules: [TCP Query User{0325708A-2302-46CE-AAA2-10BF19D1ED71}C:\virtualenvs\flowerchecker\scripts\python.exe] => (Allow) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [UDP Query User{D699BFD7-E5F9-4151-A923-B28023169470}C:\virtualenvs\flowerchecker\scripts\python.exe] => (Allow) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{9BF412A7-44C5-46E2-9B87-1B0EA654698A}] => (Block) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{2B1E361F-D550-43EF-A7D8-83EF4CF8862C}] => (Block) C:\virtualenvs\flowerchecker\scripts\python.exe
FirewallRules: [{457CAC73-0697-437A-A1B5-5219FCA48176}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{E0EB51B9-FA9B-4B59-880D-855E081A3DE8}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{4CDAC51B-900D-4DED-8419-DB8B3A21EB12}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{7F0BC6F5-1EBD-4D4A-A150-65C95AF35533}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{FEC85DF3-E00D-4599-97DE-6B2521846AA1}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{6E0D37CA-5964-453F-B013-5B09B18728E6}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{B445DE60-5F7C-4A73-A2CE-DCBDF3038DA3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{8712F09E-5936-4371-A40F-35F473F6459C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{40EF5867-55A0-4444-BEAA-4AE24082280F}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{9E835F6E-1E49-41D8-9AFC-3DA07EF6F9E9}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon.exe
FirewallRules: [{C2A3B833-91E1-4985-B674-2B42D63CE006}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{9E459401-ABCA-4CDF-8879-564D3A76A2F0}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\fc3_blooddragon_d3d11.exe
FirewallRules: [{0E8ADEAF-52C8-4C5D-857C-8F47CD3E1509}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{F9A3121A-E5BF-430A-91AD-15813C4CC124}] => (Allow) G:\Program Files (x86)\Ubisoft\Far Cry 3 Blood Dragon\bin\FC3BDUpdater.exe
FirewallRules: [{70A93400-B614-4874-8A48-5435E72BF166}] => (Allow) G:\Program Files (x86)\Mr DJ\Dying Light Ultimate Edition\DyingLightGame.exe
FirewallRules: [{0CFC310A-1168-4E68-A6F7-C39354FA8299}] => (Allow) G:\Program Files (x86)\Mr DJ\Dying Light Ultimate Edition\DyingLightGame.exe
FirewallRules: [{4BEEEE15-1D55-4B1C-A261-6C706B369784}] => (Allow) G:\Program Files\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4B62B234-032B-40AC-BE89-07377874001B}] => (Allow) G:\Program Files\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [TCP Query User{CC4CC4FE-5200-47BA-BF1F-B100B54904A3}G:\program files\unity\editor\unity.exe] => (Allow) G:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{4CB56BCB-849D-455E-BA96-4E7A4297AA3C}G:\program files\unity\editor\unity.exe] => (Allow) G:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{97DAF23B-57C4-451D-898A-57009ACE8E88}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{57CAE482-ECE8-4E7E-B5A0-A8DBA1E2FAB1}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{9FAEAF4C-7237-40B0-A85C-045200700543}] => (Allow) C:\Users\jonas\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{F4A73FA6-A7B5-4236-8ECA-A339851C6EF6}] => (Allow) C:\Users\jonas\AppData\Roaming\BitTorrent Sync\BTSync.exe
FirewallRules: [{EAE0185A-609F-43D0-B289-BB130FA1652C}] => (Allow) G:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{90B23691-D14B-471C-B943-8BB70DA715FA}] => (Allow) G:\Program Files\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{770BB1E1-B2C3-4460-91A8-E906858E62A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D0440D52-D569-4EA1-93E3-203A880BD245}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{30F91DEC-6CE0-4F19-9AA6-5D12CC69F22F}G:\program files\call of duty black ops iii\blackops3.exe] => (Allow) G:\program files\call of duty black ops iii\blackops3.exe
FirewallRules: [UDP Query User{3C504FFB-581D-491E-923A-1234456586F5}G:\program files\call of duty black ops iii\blackops3.exe] => (Allow) G:\program files\call of duty black ops iii\blackops3.exe
FirewallRules: [{6D88CB31-F07C-4D38-A7B1-716862EFACF1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{4EFAA497-2A16-49AA-880B-9CD0AA672E38}C:\program files (x86)\jetbrains\pycharm 5.0.2\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm 5.0.2\bin\pycharm.exe
FirewallRules: [UDP Query User{8BEB0939-D384-4F48-98E2-DD8D0A086DC7}C:\program files (x86)\jetbrains\pycharm 5.0.2\bin\pycharm.exe] => (Allow) C:\program files (x86)\jetbrains\pycharm 5.0.2\bin\pycharm.exe
 
==================== Restore Points =========================
 
02-02-2016 11:33:18 Windows Update
08-02-2016 09:13:04 ComboFix created restore point
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/08/2016 09:12:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 4.1.2032.8372, časové razítko: 0x5693fe3d
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19110, časové razítko: 0x568429e5
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004f6c6
ID chybujícího procesu: 0xfb0
Čas spuštění chybující aplikace: 0xNvStreamUserAgent.exe0
Cesta k chybující aplikaci: NvStreamUserAgent.exe1
Cesta k chybujícímu modulu: NvStreamUserAgent.exe2
ID zprávy: NvStreamUserAgent.exe3
 
Error: (02/04/2016 09:06:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: d2mp.exe, verze: 1.0.0.0, časové razítko: 0x53d9610e
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.19110, časové razítko: 0x568429dd
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000000b16d
ID chybujícího procesu: 0xf88
Čas spuštění chybující aplikace: 0xd2mp.exe0
Cesta k chybující aplikaci: d2mp.exe1
Cesta k chybujícímu modulu: d2mp.exe2
ID zprávy: d2mp.exe3
 
Error: (02/04/2016 09:06:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: d2mp.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Configuration.ConfigurationErrorsException
Zásobník:
   na System.Configuration.ConfigurationManager.RefreshSection(System.String)
   na System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
   na System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
   na System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
   na System.Configuration.SettingsBase.GetPropertyValueByName(System.String)
   na System.Configuration.SettingsBase.get_Item(System.String)
   na System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String)
   na System.Configuration.ApplicationSettingsBase.get_Item(System.String)
   na d2mp.Properties.Settings.get_shortcut()
   na d2mp.D2MP.main()
   na d2mp.Program.Main()
 
Error: (01/28/2016 05:26:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NvStreamUserAgent.exe, verze: 4.1.2032.8372, časové razítko: 0x5693fe3d
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.19110, časové razítko: 0x568429e5
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004f6c6
ID chybujícího procesu: 0xfd0
Čas spuštění chybující aplikace: 0xNvStreamUserAgent.exe0
Cesta k chybující aplikaci: NvStreamUserAgent.exe1
Cesta k chybujícímu modulu: NvStreamUserAgent.exe2
ID zprávy: NvStreamUserAgent.exe3
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.
 
Kontext: aplikace Windows
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Prvek nebyl nalezen.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Katalog indexu obsahu je poškozený.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (01/25/2016 08:09:41 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.
 
Kontext: aplikace Windows, katalog SystemIndex
 
Podrobnosti:
Databáze indexu obsahu je poškozená.  (HRESULT : 0xc0041800) (0xc0041800)
 
 
System errors:
=============
Error: (02/08/2016 09:20:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (02/08/2016 09:19:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
Error: (02/08/2016 09:18:18 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
 
Error: (02/08/2016 09:18:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
 
Error: (02/08/2016 09:18:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.
 
Error: (02/08/2016 09:16:26 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
 
Error: (02/08/2016 09:11:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (02/08/2016 09:10:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
Error: (02/08/2016 08:51:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)
 
Error: (02/08/2016 08:50:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WebcamMax, WDM Video Capture neuspěla při spuštění v důsledku následující chyby: 
%%1058
 
 
CodeIntegrity:
===================================
  Date: 2016-02-08 09:18:02.256
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-08 09:18:02.225
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-08 09:18:02.209
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-02-08 09:18:02.193
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-28 17:30:41.485
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-01-28 17:30:41.469
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-11-19 09:44:43.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-19 09:44:43.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-19 09:44:43.796
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-12 10:54:05.794
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 25%
Total physical RAM: 24515.34 MB
Available physical RAM: 18381.34 MB
Total Virtual: 49028.89 MB
Available Virtual: 42622.88 MB
 
==================== Drives ================================
 
Drive c: (System) (Fixed) (Total:100.61 GB) (Free:39.09 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: (Data) (Fixed) (Total:931.51 GB) (Free:184.51 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 7CC95E30)
Partition 1: (Active) - (Size=100.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 71994302)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
  • everything stil seems to run fine


#15 RayS

RayS

  • Malware Response Team
  • 2,378 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:11:35 AM

Posted 09 February 2016 - 10:41 AM

Hi jojkos,

Thank you for the reports and the logs. Now, let's clean up our tools.


Remove Combofix

Click Start and, in the search box, type combofix /uninstall then press Enter. Note the blank space after combofix. This will remove Combofix and its quarantined files (if any) from your computer. It will also restore some of your settings.


Remove disinfection tools as well as their related registry entries and logs

bwebb7v.jpgDownload Delfix from here and save it to your desktop.
delfix.jpg
 

  • Ensure Remove disinfection tools is checked.
  • Click the Run button.

When the tool is finished, a log will open in notepad. Please copy and paste the log into your next reply.


Optionally remove Bitdefender

If you installed Bitdefender using Chrome:

  • Press Alt+F to open the Chrome menu, which lets you customize and control settings in Google Chrome.
  • Click More tools > Extensions.
  • Click the trash can icon next to the Bitdefender entry.

If you installed Bitdefender using Firefox:

  • Press Ctrl+Shft+A to open the Add-Ons Manager.
  • Click the Remove button next to Bitdefender.
  • Click Plugins in the left panel.
  • Click the down arrow next to Bitdefender at right side of screen.
  • Click Never Activate.

Restart your browser.



In your next reply...

  • Please confirm that Combofix did uninstall itself.
  • Copy and paste the entire contents of the Delfix log into the body of your post.
  • Tell me whether you deleted Bitdefender.

Is your PS still running satisfactorily?

Regards,

RayS


I don't accept payment for my help, but it would please me if you perform a kindness for your neighbor. You might also contact your local animal shelter. They can always use a bag of kibble or a few cans of pet food. Who knows... you might even find a life-long furry friend there.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users