Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Chrome, přesměrování na stránku http://clx.im/

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Ejcej
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 24 črc 2011 20:31

Chrome, přesměrování na stránku http://clx.im/

#1 Příspěvek od Ejcej »

Zdravím, prosím o radu. Už několik dní se snažím zbavit nevyžádané funkce chromu, který přesměrovává po kliknutí na clx.im. Bohužel eset ani spybot nic nenašel.

Děkuji předem za pomoc:

Log RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by Makiki at 2016-06-22 21:41:52
Microsoft Windows 10 Pro
System drive C: has 23 GB (40%) free of 56 GB
Total RAM: 4032 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:42:01, on 22. 6. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Makiki.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_3182FBDA453FA9FECEF1E8F0D756A12C] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Makiki\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9132 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\igfxCUIService.exe
dashost.exe {68a190b3-e631-4f14-81648c23ae21f2c0}
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files\KMSpico\Service_KMS.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\alg.exe
sihost.exe
taskeng.exe {C6CBD402-9246-4FEA-B2E2-1100B5193876}
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
igfxEM.exe
igfxTray.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
"C:\Program Files\ESET\ESET Endpoint Security\egui.exe" /hide /waitservice
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
taskhostw.exe
"C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1605.1472.0_x64__8wekyb3d8bbwe\Time.exe" -ServerName:App.AppXq8avk61zazpy808ab5ppkf6taqp47km6.mca
"C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.9.5250.0_x64__8wekyb3d8bbwe\Solitaire.exe" -ServerName:App.AppXx8xn0rs58sab7mvbtxgdhw97cpm1dzhb.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe" -ServerName:microsoft.windowslive.calendar.AppXg9pag83k0brz0hvt3yj6hxda2h2y7w14.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server

"C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7070.57611.0_x64__8wekyb3d8bbwe\onenoteim.exe" -ServerName:microsoft.onenoteim.AppXxqb9ypsz6cs1w07e1pmjy4ww4dy9tpqr.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory="Default"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=51.0.2704.103 --handshake-handle=0x1b0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Disabled/ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --type=gpu-process --channel="5440.0.1122162870\341867618" --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,25,46,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4331 --mojo-platform-channel-handle=1232 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=BC10BCC10A66B0205F05E330125C1938 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5440.2.1728489925\153757986" --mojo-platform-channel-handle=2576 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=9BE3A5EA189788E68AB04E196107C370 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5440.3.1987256387\1078123884" --mojo-platform-channel-handle=2640 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledNoId/RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=6ABC0D037B6D5716B5DE379A8622FF0E --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5440.4.1263974969\1913718904" --mojo-platform-channel-handle=2668 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PreRead/Default/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=7F23D0019AD9FC40F733029BB7CBA541 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5440.16.1615287123\433143990" --mojo-platform-channel-handle=4796 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PreRead/Default/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=65DF963BBF29FA715830254E7D56E3E7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5440.25.285989697\1512975868" --mojo-platform-channel-handle=7020 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5440.51.196353262\990259177" --ppapi-flash-args --lang=cs --device-scale-factor=1 --mojo-platform-channel-handle=8972 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PreRead/Default/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=F3DA09C52385663CC4FCA5861C58D5EA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5440.54.878882009\1449960755" --mojo-platform-channel-handle=9016 /prefetch:1
"C:\WINDOWS\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PreRead/Default/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=15FA84238489E56E0E6C7520AC098FE7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5440.55.676175428\1807217900" --mojo-platform-channel-handle=7808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="5440.56.1124491789\512764407" --lang=cs --device-scale-factor=1 --mojo-platform-channel-handle=6556 /prefetch:4
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe" /scan
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8508 CREDAT:75009 /prefetch:2
"fontdrvhost.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8508 CREDAT:206082 /prefetch:2
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\Users\Makiki\AppData\Local\Microsoft\Windows\INetCache\IE\UDYUNAOP\hijackthis.log
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,IncidentReportingModuleLoadAnalysis<SafeBrowsingIncidentReportingServiceFeatures,IncidentReportingSuspiciousModuleReporting<SafeBrowsingIncidentReportingServiceFeatures,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow,WebFontsIntervention<WebFontsIntervention,*WebRTC-EnableWebRtcEcdsa<WebRTC-EnableWebRtcEcdsa,brotli-encoding<BrotliEncoding --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,RenderingPipelineThrottling<RenderingPipelineThrottling --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrotliEncoding/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Disabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*OutOfProcessPac/Default/*PageRevisitInstrumentation/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PreRead/Default/*QUIC/EnabledNoId/*RenderingPipelineThrottling/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Launch50Permanent_11011_1_1_10/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/*SafeBrowsingIncidentReportingServiceFeatures/WithSuspiciousModuleReporting/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_09/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*WebFontsIntervention/Enabled/WebRTC-EnableWebRtcEcdsa/Default/ --primordial-pipe-token=C229B1CB28A856F48449630D75E919DE --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="5440.74.925501185\754991436" --mojo-platform-channel-handle=8664 /prefetch:1
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8508 CREDAT:206105 /prefetch:2
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Total Commander\TOTALCMD64.EXE"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 628 636 8192 632
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8508 CREDAT:206112 /prefetch:2
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1877727151-1174883427-2376452987-1001177_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1877727151-1174883427-2376452987-1001177 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8508 CREDAT:206115 /prefetch:2
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe178_ Global\UsGthrCtrlFltPipeMssGthrPipe178 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Makiki\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0bfe64811ab3d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d1aba3fe10bf08.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0919126771a2d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0e2f75c105fb7.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0efbc38d5cde4.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d12f7446228c79.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d15de1cfd2676e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27 212904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-09-02 7636696]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-09-01 1396592]
"egui"=C:\Program Files\ESET\ESET Endpoint Security\egui.exe [2014-09-24 4124360]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-07-17 3944136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-05-17 23496872]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"GoogleChromeAutoLaunch_3182FBDA453FA9FECEF1E8F0D756A12C"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-06-15 941720]
"OneDrive"=C:\Users\Makiki\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-18 554184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2015-06-16 4127488]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-22 21:14:16 ----D---- C:\Program Files\trend micro
2016-06-22 21:14:15 ----D---- C:\rsit
2016-06-12 21:50:36 ----A---- C:\autoexec.bat
2016-06-12 21:48:58 ----A---- C:\WINDOWS\system32\drivers\EsgScanner.sys

======List of files/folders modified in the last 1 month======

2016-06-22 21:41:37 ----D---- C:\WINDOWS\Temp
2016-06-22 21:32:00 ----D---- C:\WINDOWS\system32\sru
2016-06-22 21:14:52 ----D---- C:\WINDOWS\Prefetch
2016-06-22 21:14:16 ----RD---- C:\Program Files
2016-06-22 21:01:37 ----D---- C:\WINDOWS\system32\drivers\etc
2016-06-22 17:29:10 ----D---- C:\WINDOWS\AppReadiness
2016-06-22 16:33:38 ----HD---- C:\Program Files\WindowsApps
2016-06-21 18:08:27 ----D---- C:\WINDOWS\Microsoft.NET
2016-06-19 19:20:52 ----D---- C:\WINDOWS\System32
2016-06-19 19:20:52 ----D---- C:\WINDOWS\INF
2016-06-19 19:20:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-18 12:54:47 ----D---- C:\WINDOWS\system32\config
2016-06-18 10:35:11 ----D---- C:\WINDOWS\WinSxS
2016-06-18 10:35:11 ----D---- C:\WINDOWS\SysWOW64
2016-06-18 10:35:11 ----D---- C:\WINDOWS\CbsTemp
2016-06-15 19:29:49 ----SHDC---- C:\WINDOWS\Installer
2016-06-15 19:27:52 ----D---- C:\WINDOWS\system32\MRT
2016-06-15 19:24:15 ----A---- C:\WINDOWS\system32\MRT.exe
2016-06-15 18:53:10 ----D---- C:\Windows
2016-06-15 18:52:58 ----D---- C:\WINDOWS\system32\catroot2
2016-06-14 20:33:01 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-06-12 22:12:51 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-12 22:11:05 ----D---- C:\WINDOWS\system32\CatRoot
2016-06-12 21:54:59 ----D---- C:\WINDOWS\system32\Tasks
2016-06-12 21:49:51 ----D---- C:\WINDOWS\system32\drivers
2016-06-12 20:32:50 ----D---- C:\ProgramData\Spybot - Search & Destroy
2016-06-06 19:57:17 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-06-05 18:29:12 ----D---- C:\WINDOWS\system32\DriverStore
2016-05-31 17:26:22 ----D---- C:\WINDOWS\rescache
2016-05-31 17:08:42 ----D---- C:\WINDOWS\system32\WDI
2016-05-31 17:05:21 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-05-31 17:05:21 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-05-31 17:05:21 ----D---- C:\WINDOWS\SYSWOW64\Dism
2016-05-31 17:05:21 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-05-31 17:05:19 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-05-31 17:05:19 ----D---- C:\WINDOWS\system32\wbem
2016-05-31 17:05:19 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2016-05-31 17:05:18 ----D---- C:\WINDOWS\system32\oobe
2016-05-31 17:05:18 ----D---- C:\WINDOWS\system32\migration
2016-05-31 17:05:18 ----D---- C:\WINDOWS\system32\en-US
2016-05-31 17:05:18 ----D---- C:\WINDOWS\system32\Dism
2016-05-31 17:05:18 ----D---- C:\WINDOWS\system32\cs-CZ
2016-05-31 17:05:18 ----D---- C:\WINDOWS\system32\Boot
2016-05-31 17:05:18 ----D---- C:\WINDOWS\system32\appraiser
2016-05-31 17:05:15 ----RSD---- C:\WINDOWS\Media
2016-05-31 17:05:15 ----RSD---- C:\WINDOWS\Fonts
2016-05-31 17:05:15 ----RD---- C:\WINDOWS\PurchaseDialog
2016-05-31 17:05:15 ----D---- C:\WINDOWS\Provisioning
2016-05-31 17:05:15 ----D---- C:\WINDOWS\PolicyDefinitions
2016-05-31 17:05:15 ----D---- C:\WINDOWS\bcastdvr
2016-05-31 17:05:15 ----D---- C:\WINDOWS\AppPatch
2016-05-31 17:05:15 ----D---- C:\Program Files\Windows Portable Devices
2016-05-31 17:05:15 ----D---- C:\Program Files\Windows Multimedia Platform
2016-05-31 17:05:15 ----D---- C:\Program Files\Windows Media Player
2016-05-31 17:05:15 ----D---- C:\Program Files\Windows Journal
2016-05-31 17:05:15 ----D---- C:\Program Files\Internet Explorer
2016-05-31 17:05:15 ----D---- C:\Program Files (x86)\Windows Portable Devices
2016-05-31 17:05:15 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2016-05-31 17:05:15 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-31 17:05:14 ----D---- C:\WINDOWS\OCR

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2014-09-10 59064]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-06-25 670056]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2014-08-19 219696]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2014-08-19 155896]
R1 EpfwLWF;@oem8.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2014-08-19 40512]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2014-08-19 198096]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-04-23 112640]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-03-29 245760]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-04-23 84992]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-12-19 7858088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-09-02 4264536]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-20 99288]
R3 netr28x;@oem25.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2015-06-12 2554528]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-03-29 181248]
R3 RSP2STOR;@oem26.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2015-06-05 310528]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 rtbth;@oem27.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\WINDOWS\System32\drivers\rtbth.sys [2015-06-03 1219200]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-17 42696]
R3 SynTP;@oem28.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2015-07-17 614088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-10-30 221184]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 arusb_win7x;Atheros 11n Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\arusb_win7x.sys [2009-10-21 767488]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-04-23 954368]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-02-13 117248]
S3 EsgScanner;EsgScanner; C:\WINDOWS\system32\DRIVERS\EsgScanner.sys [2016-06-12 22704]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-09-19 38264]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-03-29 258912]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-04-23 131424]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\WINDOWS\System32\drivers\usbser.sys [2016-04-23 67072]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-17 98208]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [2014-09-24 1029704]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-06-25 16232]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-12-19 373160]
R2 OneSyncSvc_3e4c4;Hostitel synchronizace_3e4c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-08-18 291032]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-06-16 1750712]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-06-16 2102496]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2015-07-24 224712]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2015-02-02 971968]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-07-17 246472]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_3e4c4;Data kontaktů_3e4c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 UnistoreSvc_3e4c4;Úložiště uživatelských dat_3e4c4; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-11 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_a90490;Hostitel synchronizace_a90490; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-12-19 300968]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [2014-09-24 41672]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [2014-09-24 190152]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-11 107848]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3e4c4;Služba zasílání zpráv_3e4c4; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_a90490;Služba zasílání zpráv_a90490; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_a90490;Data kontaktů_a90490; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_a90490;Úložiště uživatelských dat_a90490; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------


Log FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by Makiki (administrator) on MAKIKI_NOTEBOOK (22-06-2016 21:45:30)
Running from C:\Users\Makiki\Downloads
Loaded Profiles: Makiki (Available Profiles: Makiki)
Platform: Windows 10 Pro Version 1511 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1605.1472.0_x64__8wekyb3d8bbwe\Time.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.9.5250.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.7070.57611.0_x64__8wekyb3d8bbwe\onenoteim.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files\Total Commander\TOTALCMD64.EXE


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [4124360 2014-09-24] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1877727151-1174883427-2376452987-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23496872 2016-05-17] (Google)
HKU\S-1-5-21-1877727151-1174883427-2376452987-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1877727151-1174883427-2376452987-1001\...\Run: [GoogleChromeAutoLaunch_3182FBDA453FA9FECEF1E8F0D756A12C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-1877727151-1174883427-2376452987-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 10.0.0.10
Tcpip\..\Interfaces\{be8bbd35-5725-4381-8d86-5fc83195c85a}: [DhcpNameServer] 10.0.0.1 10.0.0.10

Internet Explorer:
==================
HKU\S-1-5-21-1877727151-1174883427-2376452987-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2015-02-11] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.facebook.com/
CHR StartupUrls: Default -> "hxxps://www.facebook.com/"
CHR Profile: C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-11]
CHR Extension: (Dokumenty Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-12-09]
CHR Extension: (YouTube) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-03]
CHR Extension: (Vyhledávání Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-02-11]
CHR Extension: (Tabulky Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-03]
CHR Extension: (Adblock Super) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-09-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-02-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Profile: C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Překladač Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-12-13]
CHR Extension: (Prezentace Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-22]
CHR Extension: (Disk Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (KeePassX on rollApp) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\appmfmkomidhmcnkdkjcnhdonjppnajo [2015-07-12]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-12-13]
CHR Extension: (YouTube) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (Adblock Plus) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-06]
CHR Extension: (Adblock na Youtube™) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-03-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-04-22]
CHR Extension: (Dropbox for Gmail) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-13]
CHR Extension: (DNSSEC Validator) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\feijekkdahhnjbhpiffgejphmokchdbo [2015-04-22]
CHR Extension: (Tabulky Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-22]
CHR Extension: (Záložky na iCloudu) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (AdBlock) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-06]
CHR Extension: (TLSA Validator) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmgeefghnadlmkpbjfamblomkoknhjga [2015-04-22]
CHR Extension: (Downloads) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2015-04-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-22]
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2015-04-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (BazQux Reader - Your RSS Feed Reader) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ojgfbobcblfebofgadefjfggnlclddko [2015-04-22]
CHR Extension: (Dynamické tabulky na Disku Googlu (experimentální funkce)) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfoeakahkgllhkommkfeehmkfcloagkl [2015-04-22]
CHR Extension: (Gmail) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-22]
CHR Profile: C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Překladač Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-12-11]
CHR Extension: (Prezentace Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-29]
CHR Extension: (Dokumenty Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-29]
CHR Extension: (Disk Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-04-04]
CHR Extension: (YouTube) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Print Extension) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bpkeigdcgenbnkhgepkihlgfabkhdong [2015-04-29]
CHR Extension: (Adblock Plus) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-12]
CHR Extension: (Adblock na Youtube™) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-03-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-04-29]
CHR Extension: (DNSSEC Validator) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\feijekkdahhnjbhpiffgejphmokchdbo [2015-12-02]
CHR Extension: (Tabulky Google) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-29]
CHR Extension: (Záložky na iCloudu) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-04]
CHR Extension: (AdBlock) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-12]
CHR Extension: (TLSA Validator) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmgeefghnadlmkpbjfamblomkoknhjga [2015-12-02]
CHR Extension: (Downloads) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2015-04-29]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-29]
CHR HKU\S-1-5-21-1877727151-1174883427-2376452987-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1877727151-1174883427-2376452987-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [41672 2014-09-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1029704 2014-09-24] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [190152 2014-09-24] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-18] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 arusb_win7x; C:\Windows\system32\DRIVERS\arusb_win7x.sys [767488 2009-10-21] (Atheros Communications, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [219696 2014-08-19] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [155896 2014-08-19] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [198096 2014-08-19] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [40512 2014-08-19] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [59064 2014-09-10] (ESET)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-06-12] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-22 21:45 - 2016-06-22 21:45 - 00023575 _____ C:\Users\Makiki\Downloads\FRST.txt
2016-06-22 21:44 - 2016-06-22 21:45 - 00000000 ____D C:\FRST
2016-06-22 21:44 - 2016-06-22 21:44 - 02387456 _____ (Farbar) C:\Users\Makiki\Downloads\FRST64.exe
2016-06-22 21:41 - 2016-06-22 21:41 - 01222144 _____ C:\Users\Makiki\Downloads\RSITx64.exe
2016-06-22 21:14 - 2016-06-22 21:41 - 00000000 ____D C:\Program Files\trend micro
2016-06-22 21:14 - 2016-06-22 21:14 - 00000000 ____D C:\rsit
2016-06-22 21:01 - 2016-06-12 19:15 - 00452788 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160622-210137.backup
2016-06-12 21:50 - 2016-06-12 21:50 - 00000000 _____ C:\autoexec.bat
2016-06-12 21:48 - 2016-06-12 21:48 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-06-12 21:47 - 2016-06-12 21:48 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\Makiki\Downloads\SpyHunter-Installer (1).exe
2016-06-12 21:39 - 2016-06-12 21:39 - 00000000 ____D C:\Users\Makiki\AppData\Local\MicrosoftEdge
2016-06-12 19:41 - 2016-06-12 19:41 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\Makiki\Downloads\SpyHunter-Installer.exe
2016-06-12 19:15 - 2016-05-15 18:01 - 00452616 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160612-191542.backup

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-22 21:41 - 2015-02-11 19:31 - 00000992 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-22 18:46 - 2015-07-16 18:41 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bfe64811ab3d.job
2016-06-22 18:46 - 2015-02-11 19:31 - 00000988 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-22 17:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-22 16:33 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-19 19:27 - 2016-05-15 17:40 - 00000000 ____D C:\Users\Makiki
2016-06-19 19:20 - 2016-05-16 03:33 - 00717892 _____ C:\WINDOWS\system32\perfh005.dat
2016-06-19 19:20 - 2016-05-16 03:33 - 00143616 _____ C:\WINDOWS\system32\perfc005.dat
2016-06-19 19:20 - 2016-05-15 17:47 - 01687356 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-19 19:20 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-18 10:35 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-18 07:53 - 2015-02-11 19:32 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 07:53 - 2015-02-11 19:32 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-15 19:27 - 2015-02-11 20:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 19:24 - 2015-02-11 20:05 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 22:12 - 2016-05-15 17:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-12 22:12 - 2016-02-13 15:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-12 22:12 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-12 22:12 - 2015-02-11 20:30 - 00000000 __SHD C:\Users\Makiki\IntelGraphicsProfiles
2016-06-12 20:32 - 2016-05-15 17:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-03 19:13 - 2015-02-11 21:29 - 00002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-06-03 19:13 - 2015-02-11 21:29 - 00002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-06-03 19:13 - 2015-02-11 21:29 - 00002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-06-03 19:13 - 2015-02-11 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-31 18:23 - 2016-02-13 15:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-31 17:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-31 17:06 - 2016-02-13 15:12 - 00206848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-31 17:05 - 2016-02-13 15:04 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-31 17:05 - 2016-02-13 14:55 - 00000000 ____D C:\WINDOWS\OCR
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-05-31 17:05 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-05-31 17:05 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-05-31 17:05 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-05-31 17:04 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-31 17:03 - 2015-02-15 12:59 - 00000000 __RDO C:\Users\Makiki\OneDrive

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-14 21:10

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118302
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Chrome, přesměrování na stránku http://clx.im/

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Ejcej
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 24 črc 2011 20:31

Re: Chrome, přesměrování na stránku http://clx.im/

#3 Příspěvek od Ejcej »

Zdravím,
Dokládám log.

Děkuji za další odpověď.

# AdwCleaner v5.200 - Logfile created 24/06/2016 at 22:14:53
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-23.1 [Server]
# Operating system : Windows 10 Pro (X64)
# Username : Makiki - MAKIKI_NOTEBOOK
# Running from : C:\Users\Makiki\Downloads\adwcleaner_5.200.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage
[-] File Deleted : C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal
[-] File Deleted : C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
[-] File Deleted : C:\Users\Makiki\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1281 bytes] - [24/06/2016 22:14:53]
C:\AdwCleaner\AdwCleaner[R0].txt - [742 bytes] - [06/04/2015 21:18:05]
C:\AdwCleaner\AdwCleaner[S0].txt - [805 bytes] - [06/04/2015 21:19:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [1464 bytes] - [24/06/2016 22:10:16]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1571 bytes] ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118302
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Chrome, přesměrování na stránku http://clx.im/

#4 Příspěvek od Rudy »

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“