Dobrý den,
dříve jsem používala antivirový program ESET, ale nedávno jsem přešla na Avast. Od té doby se mi již dvakrát stalo, že se někdo dostal na můj účet. Email.cz mě upozornil, že se na můj účet přihlásil někdo z Vietnamu a facebook.com, že někdo z Brna. Předem děkuji za jakoukoli radu. Připojuji log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaroslav at 2017-05-05 18:19:24
Microsoft Windows 10 Home
System drive C: has 50 GB (27%) free of 183 GB
Total RAM: 3946 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:19:29, on 5.5.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jaroslav.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Gold! RemindBoard] C:\myGold\Gold! RemindBoard\Gold! RemindBoard_GG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jaroslav\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Jaroslav\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10233 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\WLANExt.exe 1827067609264
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {b364a107-6c47-48b8-b66a1eb1b7e59ed6}
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0xc0,0xc4,0x240,0xbc,0x244,0x6ea47dc8,0x6ea47dbc,0x6ea47dd4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5208 --on-initialized-event-handle=676 --parent-handle=680 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1512 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,19,20,23,26,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x68e0 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.1008 --gpu-driver-date=11-4-2015 --service-request-channel-token=028087A3AA20EA7B14D3D012C2333FE9 --mojo-platform-channel-handle=1524 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=347AE0EFB8D515AE954C307FCE3337D0 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=347AE0EFB8D515AE954C307FCE3337D0 --renderer-client-id=4 --mojo-platform-channel-handle=3064 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=F4EEB289E50357F9B7746C87D1272E49 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=F4EEB289E50357F9B7746C87D1272E49 --renderer-client-id=5 --mojo-platform-channel-handle=3192 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=0909A9E2C8A0F45E9AEBAFD6DB3F9C53 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=0909A9E2C8A0F45E9AEBAFD6DB3F9C53 --renderer-client-id=6 --mojo-platform-channel-handle=3228 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=AAB0FB954EC8C35D5895B38891E42DD1 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=AAB0FB954EC8C35D5895B38891E42DD1 --renderer-client-id=7 --mojo-platform-channel-handle=3332 /prefetch:1
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=BFCDCE07F0B2E3E2A1F1BD557F7BC5A8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=BFCDCE07F0B2E3E2A1F1BD557F7BC5A8 --renderer-client-id=10 --mojo-platform-channel-handle=5728 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=FBD75361E01176964B1ED8D3004E1221 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=FBD75361E01176964B1ED8D3004E1221 --renderer-client-id=14 --mojo-platform-channel-handle=7076 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=939941CF63A3AE426D95A7347013C1FA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=939941CF63A3AE426D95A7347013C1FA --renderer-client-id=19 --mojo-platform-channel-handle=7352 /prefetch:1
"fontdrvhost.exe"
"C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\compattelrunner.exe
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" -mode=scheduled
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MeYwx2gzRkqZVdWX.1
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\WINDOWS\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:37
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=017D1D88954B70085DFA433A1F65AAF7 --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=017D1D88954B70085DFA433A1F65AAF7 --renderer-client-id=38 --mojo-platform-channel-handle=8840 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=0B37AE4877331BD4B8FE30986FF1913C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=0B37AE4877331BD4B8FE30986FF1913C --renderer-client-id=44 --mojo-platform-channel-handle=9248 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=55F5F49441C6B2842B72A41D21D40A51 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=55F5F49441C6B2842B72A41D21D40A51 --renderer-client-id=54 --mojo-platform-channel-handle=9616 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x19c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1512 --primordial-pipe-token=CA6AC3ADE78B2F0110C04267A28736F3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=CA6AC3ADE78B2F0110C04267A28736F3 --renderer-client-id=62 --mojo-platform-channel-handle=10236 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Jaroslav\Desktop\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Defraggler Volume C Task.job - C:\Program Files\Defraggler\df64.exe "C:" /ts /user "Jaroslav" /appPath "C:\Program Files\Defraggler"
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000Core.job - C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-2701842232-1085011673-912201240-1000UA.job - C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-08 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-08 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-21 2149160]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-17 14040296]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-04-14 213824]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"=C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-13 143144]
"OneDrive"=C:\Users\Jaroslav\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-01-22 1517280]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-03-23 3019552]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-06 9288408]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-03-14 27545048]
"GalaxyClient"=C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [2017-03-29 4027968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4shared Desktop]
C:\Program Files (x86)\4shared Desktop\desktop.exe startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-03 1160408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-14 1840720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-26 652624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFARestart]
C:\ProgramData\MFAData\pack\avgrunasx.exe /usereg []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyPC]
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\launcher.exe delay 20000 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Jaroslav\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Jaroslav\AppData\Roaming\Spotify\SpotifyWebHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WeatherBugAlert]
C:\Program Files (x86)\AWS\WeatherBug Alert\WeatherBugAlert.exe [2010-02-22 442368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
C:\Program Files\Zune\ZuneLauncher.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut11_C03C290FA6F54A2B8A2DFE2786A1E275.exe [2010-10-21 156952]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]
"Gold! RemindBoard"=C:\myGold\Gold! RemindBoard\Gold! RemindBoard_GG.exe [2013-06-17 170496]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]
C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-05-05 17:47:37 ----D---- C:\ProgramData\SWCUTemp
2017-04-14 10:28:25 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-04-13 18:46:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-13 18:46:18 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-04-13 18:46:17 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-04-13 18:46:17 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2017-04-13 18:46:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2017-04-13 18:46:16 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2017-04-13 18:46:15 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-04-13 18:46:15 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-04-13 18:46:15 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-04-13 18:46:14 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-04-13 18:46:14 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2017-04-13 18:46:14 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2017-04-13 18:46:14 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2017-04-13 18:46:14 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2017-04-13 18:46:13 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-04-13 18:46:13 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2017-04-13 18:46:13 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2017-04-13 18:46:12 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-04-13 18:46:12 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2017-04-13 18:46:12 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2017-04-13 18:46:12 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-04-13 18:46:12 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-04-13 18:46:11 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-04-13 18:46:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2017-04-13 18:46:11 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2017-04-13 18:46:11 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2017-04-13 18:46:11 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-04-13 18:46:11 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2017-04-13 18:46:11 ----A---- C:\WINDOWS\SYSWOW64\apprepsync.dll
2017-04-13 18:46:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2017-04-13 18:46:10 ----A---- C:\WINDOWS\SYSWOW64\mbsmsapi.dll
2017-04-13 18:46:10 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2017-04-13 18:46:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Streaming.dll
2017-04-13 18:46:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2017-04-13 18:46:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2017-04-13 18:46:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-13 18:46:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.AccountsControl.dll
2017-04-13 18:46:09 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2017-04-13 18:46:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-04-13 18:46:08 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2017-04-13 18:46:08 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2017-04-13 18:46:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2017-04-13 18:46:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SerialCommunication.dll
2017-04-13 18:46:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll
2017-04-13 18:46:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Perception.dll
2017-04-13 18:46:07 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-04-13 18:46:07 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2017-04-13 18:46:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2017-04-13 18:46:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll
2017-04-13 18:46:06 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2017-04-13 18:46:06 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2017-04-13 18:46:06 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2017-04-13 18:46:06 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2017-04-13 18:46:06 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-04-13 18:46:05 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2017-04-13 18:46:05 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-04-13 18:46:05 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiver.dll
2017-04-13 18:46:05 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2017-04-13 18:46:05 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2017-04-13 18:46:05 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2017-04-13 18:46:05 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2017-04-13 18:46:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Usb.dll
2017-04-13 18:46:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.AllJoyn.dll
2017-04-13 18:46:04 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-04-13 18:46:04 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2017-04-13 18:46:03 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2017-04-13 18:46:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2017-04-13 18:46:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-13 18:46:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.MediaControl.dll
2017-04-13 18:46:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Audio.dll
2017-04-13 18:46:03 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2017-04-13 18:46:03 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-04-13 18:46:03 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostUser.dll
2017-04-13 18:46:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.SystemManagement.dll
2017-04-13 18:46:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2017-04-13 18:46:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2017-04-13 18:46:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.LowLevel.dll
2017-04-13 18:46:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2017-04-13 18:46:02 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2017-04-13 18:46:02 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2017-04-13 18:46:02 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2017-04-13 18:46:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Http.dll
2017-04-13 18:46:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.dll
2017-04-13 18:46:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2017-04-13 18:46:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-13 18:46:01 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2017-04-13 18:46:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2017-04-13 18:46:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2017-04-13 18:45:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2017-04-13 18:45:58 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2017-04-13 18:45:58 ----A---- C:\WINDOWS\SYSWOW64\dlnashext.dll
2017-04-13 18:45:58 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2017-04-13 18:45:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFiDirect.dll
2017-04-13 18:45:57 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2017-04-13 18:45:57 ----A---- C:\WINDOWS\SYSWOW64\CryptoWinRT.dll
2017-04-13 18:45:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-13 18:45:56 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2017-04-13 18:45:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Midi.dll
2017-04-13 18:45:55 ----A---- C:\WINDOWS\SYSWOW64\PlayToDevice.dll
2017-04-13 18:45:55 ----A---- C:\WINDOWS\SYSWOW64\dialclient.dll
2017-04-13 18:45:53 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2017-04-13 18:45:52 ----A---- C:\WINDOWS\SYSWOW64\RTMediaFrame.dll
2017-04-13 18:45:52 ----A---- C:\WINDOWS\SYSWOW64\msdtcprx.dll
2017-04-13 18:45:51 ----A---- C:\WINDOWS\SYSWOW64\WsmSvc.dll
2017-04-13 18:45:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-13 18:45:49 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2017-04-13 18:45:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.Perception.Stub.dll
2017-04-13 18:45:49 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2017-04-13 18:45:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2017-04-13 18:45:48 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2017-04-13 18:45:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-13 18:45:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2017-04-13 18:45:47 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2017-04-13 18:45:47 ----A---- C:\WINDOWS\SYSWOW64\apprepapi.dll
2017-04-13 18:45:46 ----A---- C:\WINDOWS\SYSWOW64\oleacc.dll
2017-04-13 18:45:46 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2017-04-13 18:45:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2017-04-13 18:45:45 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2017-04-13 18:45:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.FaceAnalysis.dll
2017-04-13 18:45:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Scanners.dll
2017-04-13 18:45:43 ----A---- C:\WINDOWS\SYSWOW64\WinRtTracing.dll
2017-04-13 18:45:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-13 18:45:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2017-04-13 18:45:43 ----A---- C:\WINDOWS\SYSWOW64\PlayToReceiver.dll
2017-04-13 18:45:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2017-04-13 18:45:42 ----A---- C:\WINDOWS\SYSWOW64\RADCUI.dll
2017-04-13 18:45:41 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2017-04-13 18:45:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2017-04-13 18:45:40 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2017-04-13 18:45:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-13 18:45:38 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2017-04-13 18:45:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2017-04-13 18:45:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.3D.dll
2017-04-13 18:45:37 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2017-04-13 18:45:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Ocr.dll
2017-04-13 18:45:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-13 18:45:36 ----A---- C:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-04-13 18:45:36 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2017-04-13 18:45:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-13 18:45:35 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2017-04-13 18:45:35 ----A---- C:\WINDOWS\SYSWOW64\AppointmentActivation.dll
2017-04-13 18:45:34 ----A---- C:\WINDOWS\SYSWOW64\WwaApi.dll
2017-04-13 18:45:34 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-04-13 18:45:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2017-04-13 18:45:34 ----A---- C:\WINDOWS\SYSWOW64\Geolocation.dll
2017-04-13 18:45:34 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2017-04-13 18:45:33 ----A---- C:\WINDOWS\SYSWOW64\vaultcli.dll
2017-04-13 18:45:33 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2017-04-13 18:45:33 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-04-13 18:45:32 ----A---- C:\WINDOWS\SYSWOW64\ipsecsnp.dll
2017-04-13 18:45:32 ----A---- C:\WINDOWS\SYSWOW64\apds.dll
2017-04-13 18:45:31 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2017-04-13 18:45:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2017-04-13 18:45:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2017-04-13 18:45:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Core.dll
2017-04-13 18:45:30 ----A---- C:\WINDOWS\SYSWOW64\ipsmsnap.dll
2017-04-13 18:45:28 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerUI.dll
2017-04-13 18:45:28 ----A---- C:\WINDOWS\SYSWOW64\sbe.dll
2017-04-13 18:45:28 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2017-04-13 18:45:28 ----A---- C:\WINDOWS\SYSWOW64\AuthBroker.dll
2017-04-13 18:45:28 ----A---- C:\WINDOWS\system32\drivers\BasicDisplay.sys
2017-04-13 18:45:27 ----A---- C:\WINDOWS\SYSWOW64\XblAuthTokenBrokerExt.dll
2017-04-13 18:45:27 ----A---- C:\WINDOWS\SYSWOW64\XblAuthManagerProxy.dll
2017-04-13 18:45:27 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-04-13 18:45:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-13 18:45:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.HostName.dll
2017-04-13 18:45:26 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2017-04-13 18:45:26 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2017-04-13 18:45:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.Diagnostics.dll
2017-04-13 18:45:25 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2017-04-13 18:45:25 ----A---- C:\WINDOWS\SYSWOW64\ExSMime.dll
2017-04-13 18:45:25 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-04-13 18:45:24 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2017-04-13 18:45:23 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-04-13 18:45:22 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-04-13 18:45:22 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2017-04-13 18:45:22 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2017-04-13 18:45:22 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-04-13 18:45:21 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2017-04-13 18:45:19 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-13 18:45:15 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-13 18:45:14 ----A---- C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-13 18:45:13 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2017-04-13 18:45:12 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-13 18:45:12 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-13 18:45:11 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2017-04-13 18:45:11 ----A---- C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-13 18:45:10 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-04-13 18:45:09 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2017-04-13 18:45:09 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-13 18:45:09 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-13 18:45:09 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-04-13 18:45:08 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2017-04-13 18:45:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-13 18:45:07 ----A---- C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-13 18:45:07 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2017-04-13 18:45:06 ----A---- C:\WINDOWS\system32\WwaApi.dll
2017-04-13 18:45:06 ----A---- C:\WINDOWS\system32\WinRtTracing.dll
2017-04-13 18:45:06 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-13 18:45:05 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-13 18:45:04 ----A---- C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-13 18:45:02 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-13 18:44:58 ----A---- C:\WINDOWS\system32\shell32.dll
2017-04-13 18:44:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-04-13 18:44:51 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2017-04-13 18:44:49 ----A---- C:\WINDOWS\system32\mos.dll
2017-04-13 18:44:44 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-13 18:44:41 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-13 18:44:38 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-04-13 18:44:37 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-13 18:44:36 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-04-13 18:44:35 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-13 18:44:35 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-13 18:44:33 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2017-04-13 18:44:32 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2017-04-13 18:44:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-04-13 18:44:30 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-04-13 18:44:28 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-04-13 18:44:28 ----A---- C:\WINDOWS\system32\usocore.dll
2017-04-13 18:44:27 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2017-04-13 18:44:27 ----A---- C:\WINDOWS\system32\puiobj.dll
2017-04-13 18:44:27 ----A---- C:\WINDOWS\system32\oleaut32.dll
2017-04-13 18:44:27 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-13 18:44:26 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2017-04-13 18:44:26 ----A---- C:\WINDOWS\system32\MusNotification.exe
2017-04-13 18:44:26 ----A---- C:\WINDOWS\system32\LsaIso.exe
2017-04-13 18:44:26 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-04-13 18:44:25 ----A---- C:\WINDOWS\system32\smartscreen.exe
2017-04-13 18:44:24 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-04-13 18:44:24 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2017-04-13 18:44:23 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-13 18:44:23 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-13 18:44:23 ----A---- C:\WINDOWS\system32\EmailApis.dll
2017-04-13 18:44:22 ----A---- C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-13 18:44:22 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-13 18:44:21 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-13 18:44:20 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-04-13 18:44:19 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-13 18:44:19 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-13 18:44:19 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-13 18:44:19 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-13 18:44:18 ----A---- C:\WINDOWS\system32\wscapi.dll
2017-04-13 18:44:18 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-13 18:44:18 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2017-04-13 18:44:17 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-13 18:44:16 ----A---- C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-13 18:44:16 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-04-13 18:44:16 ----A---- C:\WINDOWS\system32\mbsmsapi.dll
2017-04-13 18:44:16 ----A---- C:\WINDOWS\system32\efswrt.dll
2017-04-13 18:44:14 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2017-04-13 18:44:13 ----A---- C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-13 18:44:13 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-13 18:44:12 ----A---- C:\WINDOWS\system32\wpnapps.dll
2017-04-13 18:44:12 ----A---- C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-13 18:44:12 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-13 18:43:50 ----A---- C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-13 18:43:50 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2017-04-13 18:43:50 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-13 18:43:49 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-13 18:43:49 ----A---- C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-13 18:43:49 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-13 18:43:49 ----A---- C:\WINDOWS\system32\rdpencom.dll
2017-04-13 18:43:48 ----A---- C:\WINDOWS\system32\localspl.dll
2017-04-13 18:43:45 ----A---- C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-13 18:43:44 ----A---- C:\WINDOWS\system32\wpninprc.dll
2017-04-13 18:43:44 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2017-04-13 18:43:44 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-13 18:43:43 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-13 18:43:38 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-04-13 18:43:25 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-04-13 18:43:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-04-13 18:43:17 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-04-13 18:43:13 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-04-13 18:43:09 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-04-13 18:43:05 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-04-13 18:43:01 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-04-13 18:43:00 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-13 18:42:58 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-04-13 18:42:54 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-04-13 18:42:53 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-04-13 18:42:52 ----A---- C:\WINDOWS\system32\quartz.dll
2017-04-13 18:42:51 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-13 18:42:50 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-04-13 18:42:49 ----A---- C:\WINDOWS\system32\ole32.dll
2017-04-13 18:42:48 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-04-13 18:42:46 ----A---- C:\WINDOWS\system32\wininet.dll
2017-04-13 18:42:45 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-04-13 18:42:45 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-04-13 18:42:44 ----A---- C:\WINDOWS\HelpPane.exe
2017-04-13 18:42:43 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-13 18:42:43 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-04-13 18:42:42 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2017-04-13 18:42:40 ----A---- C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-13 18:42:40 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2017-04-13 18:42:39 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-13 18:42:39 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-13 18:42:35 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-13 18:42:34 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-13 18:42:33 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2017-04-13 18:42:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-13 18:42:31 ----A---- C:\WINDOWS\system32\RDXService.dll
2017-04-13 18:42:30 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-13 18:42:30 ----A---- C:\WINDOWS\system32\msdtctm.dll
2017-04-13 18:42:29 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-13 18:42:29 ----A---- C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-13 18:42:29 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2017-04-13 18:42:28 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2017-04-13 18:42:28 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-13 18:42:28 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-13 18:42:27 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-13 18:42:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-04-13 18:42:24 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-13 18:42:23 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-04-13 18:42:22 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-04-13 18:42:22 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-13 18:42:22 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-13 18:42:22 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-13 18:42:22 ----A---- C:\WINDOWS\system32\asycfilt.dll
2017-04-13 18:42:21 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-13 18:42:20 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-13 18:42:20 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-13 18:42:20 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2017-04-13 18:42:19 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-13 18:42:19 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2017-04-13 18:42:19 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-04-13 18:42:18 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-13 18:42:18 ----A---- C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-13 18:42:18 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-13 18:42:16 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2017-04-13 18:42:16 ----A---- C:\WINDOWS\system32\dafpos.dll
2017-04-13 18:42:15 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-04-13 18:42:15 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-04-13 18:42:15 ----A---- C:\WINDOWS\system32\PlayToDevice.dll
2017-04-13 18:42:14 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-04-13 18:42:14 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-13 18:42:14 ----A---- C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-13 18:42:14 ----A---- C:\WINDOWS\system32\FontProvider.dll
2017-04-13 18:42:13 ----A---- C:\WINDOWS\system32\Geolocation.dll
2017-04-13 18:42:12 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-04-13 18:42:11 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-13 18:42:10 ----A---- C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-13 18:42:09 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-04-13 18:42:09 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-04-13 18:42:09 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2017-04-13 18:42:07 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-04-13 18:42:07 ----A---- C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-13 18:42:07 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-04-13 18:42:07 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-04-13 18:42:05 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-04-13 18:42:05 ----A---- C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-13 18:42:05 ----A---- C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-13 18:42:03 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-04-13 18:42:02 ----A---- C:\WINDOWS\system32\flvprophandler.dll
2017-04-13 18:42:02 ----A---- C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-13 18:42:02 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-04-13 18:42:01 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2017-04-13 18:42:01 ----A---- C:\WINDOWS\system32\dosvc.dll
2017-04-13 18:42:01 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-04-13 18:42:00 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-13 18:41:58 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-13 18:41:58 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-04-13 18:41:58 ----A---- C:\WINDOWS\system32\CastLaunch.dll
2017-04-13 18:41:56 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-13 18:41:42 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-04-13 18:41:41 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-04-13 18:41:40 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2017-04-13 18:41:39 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-13 18:41:38 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2017-04-13 18:41:36 ----A---- C:\WINDOWS\system32\actxprxy.dll
2017-04-13 18:41:35 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-04-13 18:41:35 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-13 18:41:34 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-04-13 18:41:34 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-04-13 18:41:33 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-13 18:41:33 ----A---- C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-13 18:41:33 ----A---- C:\WINDOWS\system32\atmfd.dll
2017-04-13 18:41:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-13 18:41:32 ----A---- C:\WINDOWS\system32\twinui.dll
2017-04-13 18:41:31 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-13 18:41:30 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-13 18:41:30 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2017-04-13 18:41:30 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-04-13 18:41:30 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2017-04-13 18:41:29 ----A---- C:\WINDOWS\system32\WinTypes.dll
2017-04-13 18:41:29 ----A---- C:\WINDOWS\system32\ShareHost.dll
2017-04-13 18:41:29 ----A---- C:\WINDOWS\system32\qedit.dll
2017-04-13 18:41:29 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-04-13 18:41:29 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-13 18:41:29 ----A---- C:\WINDOWS\system32\apprepsync.dll
2017-04-13 18:41:28 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-13 18:41:28 ----A---- C:\WINDOWS\system32\sbe.dll
2017-04-13 18:41:28 ----A---- C:\WINDOWS\system32\dlnashext.dll
2017-04-13 18:41:28 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2017-04-13 18:41:28 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2017-04-13 18:41:27 ----A---- C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-13 18:41:27 ----A---- C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-13 18:41:26 ----A---- C:\WINDOWS\system32\wer.dll
2017-04-13 18:41:26 ----A---- C:\WINDOWS\system32\msxml6.dll
2017-04-13 18:41:26 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-04-13 18:41:26 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-13 18:41:26 ----A---- C:\WINDOWS\system32\AppContracts.dll
2017-04-13 18:41:25 ----A---- C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-13 18:41:25 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2017-04-13 18:41:25 ----A---- C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-13 18:41:24 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-13 18:41:24 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-13 18:41:24 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-13 18:41:24 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-13 18:41:23 ----A---- C:\WINDOWS\system32\psmsrv.dll
2017-04-13 18:41:23 ----A---- C:\WINDOWS\system32\invagent.dll
2017-04-13 18:41:23 ----A---- C:\WINDOWS\system32\devinv.dll
2017-04-13 18:41:23 ----A---- C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-13 18:41:23 ----A---- C:\WINDOWS\system32\appraiser.dll
2017-04-13 18:41:23 ----A---- C:\WINDOWS\system32\acmigration.dll
2017-04-13 18:41:22 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-13 18:41:22 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-13 18:41:22 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-13 18:41:22 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-13 18:41:21 ----A---- C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-13 18:41:21 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-13 18:41:21 ----A---- C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-13 18:41:21 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-13 18:41:21 ----A---- C:\WINDOWS\system32\aeinv.dll
2017-04-13 18:41:20 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-13 18:41:20 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-13 18:41:20 ----A---- C:\WINDOWS\system32\oleacc.dll
2017-04-13 18:41:20 ----A---- C:\WINDOWS\system32\apprepapi.dll
2017-04-13 18:41:19 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-13 18:41:19 ----A---- C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-13 18:41:19 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2017-04-13 18:41:17 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-04-13 18:41:17 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-13 18:41:17 ----A---- C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-13 18:41:16 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-04-13 18:41:16 ----A---- C:\WINDOWS\system32\AuthBroker.dll
2017-04-13 18:41:15 ----A---- C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-13 18:41:15 ----A---- C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-13 18:41:15 ----A---- C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-13 18:41:15 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2017-04-13 18:41:15 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-13 18:41:14 ----A---- C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-13 18:41:14 ----A---- C:\WINDOWS\system32\vaultcli.dll
2017-04-13 18:41:14 ----A---- C:\WINDOWS\system32\Family.Client.dll
2017-04-13 18:41:13 ----A---- C:\WINDOWS\system32\cdp.dll
2017-04-13 18:41:12 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-04-13 18:41:12 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-04-13 18:41:12 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-13 18:41:12 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-04-13 18:41:12 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2017-04-13 18:41:11 ----A---- C:\WINDOWS\system32\atmlib.dll
======List of files/folders modified in the last 1 month======
2017-05-05 18:19:27 ----D---- C:\Program Files\trend micro
2017-05-05 18:19:06 ----D---- C:\WINDOWS\Temp
2017-05-05 18:16:40 ----HD---- C:\Program Files\WindowsApps
2017-05-05 18:02:33 ----D---- C:\WINDOWS\system32\config
2017-05-05 18:00:30 ----D---- C:\WINDOWS\system32\appraiser
2017-05-05 18:00:16 ----D---- C:\WINDOWS\CbsTemp
2017-05-05 18:00:06 ----D---- C:\WINDOWS\system32\catroot2
2017-05-05 18:00:05 ----SHD---- C:\System Volume Information
2017-05-05 17:55:11 ----D---- C:\WINDOWS\WinSxS
2017-05-05 17:51:50 ----SHD---- C:\WINDOWS\Installer
2017-05-05 17:51:49 ----D---- C:\WINDOWS\system32\Tasks
2017-05-05 17:51:00 ----D---- C:\WINDOWS\AppReadiness
2017-05-05 17:49:57 ----D---- C:\WINDOWS\system32\drivers
2017-05-05 17:49:39 ----D---- C:\Windows
2017-05-05 17:48:43 ----D---- C:\Users\Jaroslav\AppData\Roaming\Skype
2017-05-05 17:47:37 ----HD---- C:\ProgramData
2017-05-05 17:43:23 ----D---- C:\WINDOWS\system32\SleepStudy
2017-04-30 16:32:00 ----D---- C:\WINDOWS\system32\sru
2017-04-30 13:32:26 ----D---- C:\Users\Jaroslav\AppData\Roaming\Dropbox
2017-04-30 11:29:53 ----RD---- C:\WINDOWS\Microsoft.NET
2017-04-30 10:31:13 ----RD---- C:\Program Files (x86)
2017-04-29 09:00:32 ----D---- C:\ProgramData\Microsoft Help
2017-04-22 07:58:39 ----D---- C:\WINDOWS\debug
2017-04-22 07:43:54 ----D---- C:\WINDOWS\INF
2017-04-21 18:45:19 ----D---- C:\WINDOWS\Prefetch
2017-04-21 18:32:55 ----D---- C:\Program Files (x86)\Steam
2017-04-21 18:29:43 ----RD---- C:\Program Files
2017-04-21 18:29:43 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-04-21 18:27:08 ----ASD---- C:\ProgramData\Microsoft
2017-04-21 18:23:45 ----D---- C:\Program Files (x86)\Seznam.cz
2017-04-21 18:21:58 ----D---- C:\WINDOWS\System32
2017-04-21 18:21:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-16 20:44:43 ----D---- C:\WINDOWS\rescache
2017-04-16 20:27:15 ----D---- C:\WINDOWS\system32\DriverStore
2017-04-15 13:14:10 ----RSD---- C:\WINDOWS\assembly
2017-04-15 01:14:50 ----AD---- C:\Program Files\Microsoft Silverlight
2017-04-15 01:14:49 ----AD---- C:\Program Files (x86)\Microsoft Silverlight
2017-04-15 01:12:02 ----D---- C:\WINDOWS\SYSWOW64\sr-Latn-CS
2017-04-15 01:12:01 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-04-15 01:12:01 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-04-15 01:12:01 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2017-04-15 01:12:01 ----D---- C:\WINDOWS\SysWOW64
2017-04-15 01:11:52 ----D---- C:\WINDOWS\system32\wbem
2017-04-15 01:11:52 ----D---- C:\WINDOWS\system32\sr-Latn-CS
2017-04-15 01:11:52 ----D---- C:\WINDOWS\system32\setup
2017-04-15 01:11:51 ----SD---- C:\WINDOWS\system32\F12
2017-04-15 01:11:51 ----D---- C:\WINDOWS\system32\migration
2017-04-15 01:11:51 ----D---- C:\WINDOWS\system32\Dism
2017-04-15 01:11:51 ----D---- C:\WINDOWS\system32\cs-CZ
2017-04-15 01:11:46 ----D---- C:\WINDOWS\ShellExperiences
2017-04-15 01:11:46 ----D---- C:\WINDOWS\Provisioning
2017-04-15 01:11:45 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2017-04-15 01:11:45 ----RD---- C:\Program Files\Windows Defender
2017-04-15 01:11:45 ----D---- C:\Program Files\Windows Photo Viewer
2017-04-15 01:11:45 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-04-15 01:11:45 ----D---- C:\Program Files (x86)\Windows Defender
2017-04-15 00:14:55 ----D---- C:\WINDOWS\system32\MRT
2017-04-15 00:05:21 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-04-14 17:56:46 ----D---- C:\WINDOWS\LiveKernelReports
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-04-14 189768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-04-14 334088]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-04-14 48528]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-04-14 75704]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-04-14 339696]
R0 iaStor;@oem23.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2010-04-27 540696]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-04-14 307736]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-04-14 32600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-04-14 101152]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-04-14 1005048]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-04-29 556784]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 13824]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-04-29 128648]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-04-14 164064]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-16 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-16 674288]
R3 AtiHDAudioService;@oem28.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 bcbtums;@oem9.inf,%BCBTUMS.SvcDesc%;Bluetooth USB LD Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2013-10-28 170712]
R3 BCM43XX;@oem30.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl664.sys [2011-07-05 4745280]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-10-01 84992]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-09-17 4519144]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-10-01 175616]
R3 Sftfs;Sftfs; C:\WINDOWS\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\WINDOWS\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\WINDOWS\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\WINDOWS\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 SynTP;@oem27.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2010-05-21 1377840]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-04-14 38296]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-10-01 114176]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 btwampfl;@oem9.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2013-10-28 166104]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem50.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-01 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 MarvinBus;Pinnacle Marvin Bus 64; C:\WINDOWS\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2010-11-11 15144]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem51.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 ssudserd;@oem52.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys [2016-09-05 165504]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-04-14 261712]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_3fe9d;CDPUserSvc_3fe9d; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-10-01 26112]
R2 OneSyncSvc_3fe9d;Hostitel synchronizace_3fe9d; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-09-17 312056]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-04-14 7398336]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_3fe9d;Data kontaktů_3fe9d; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2017-03-29 284736]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2017-03-29 6625856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_3fe9d;Služba zasílání zpráv_3fe9d; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\syswow64\GameMon.des [2016-02-24 4362656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-04 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-02-03 82640]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-08 270936]
S4 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-16 255472]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S4 BcmBtRSupport;@oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2013-10-28 2255064]
S4 DiagTrack;Propojená uživatelská prostředí a telemetrie; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S4 lxdnCATSCustConnectService;lxdnCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [2009-04-28 29184]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-06-18 935208]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-10-13 1459488]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nechtěná přihlášení
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěná přihlášení
Zdravím!
1. Změňte heslo na FB.
2. Spusťte tuto utilitu:
1. Změňte heslo na FB.
2. Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěná přihlášení
Dobrý večer,
heslo jsem si změnila hned jak jsem zjistila, že k přihlášení došlo. Log:
# AdwCleaner v6.046 - Log vytvořen 06/05/2017 v 22:36:08
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-05-05.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Jaroslav - HELČA-NOTEBOOK
# Spuštěno z : C:\Users\Jaroslav\Desktop\adwcleaner_6.046.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\WINDOWS\SysNative\tprb
[-] Složka smazána: C:\WINDOWS\SysWOW64\mjcm
***** [ Soubory ] *****
[-] Soubor smazán: C:\user.js
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\APNMCP
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\apnmcp
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Hodnota smazána: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Klíč smazán: HKU\.DEFAULT\Software\VNT
[-] Klíč smazán: HKU\.DEFAULT\Software\Auslogics
[-] Klíč smazán: HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Conduit
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\AskToolbar
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\AVG Security Toolbar
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\SweetIM
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\VNT
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Auslogics
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[-] Klíč smazán: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\StartNow Toolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\AskToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\AVG Security Toolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\SweetIM
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Hodnota smazána: HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Klíč smazán: HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\SearchScopes\{586BB8B2-2A67-4CA1-814D-55A496EB2176}
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{586BB8B2-2A67-4CA1-814D-55A496EB2176}
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{586BB8B2-2A67-4CA1-814D-55A496EB2176}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\SpeedUpMyPC
***** [ Prohlížeče ] *****
[-] [C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: nafaimnnclfjfedmmabolbppcngeolgf
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4467 Bajty] - [06/05/2017 22:36:08]
C:\AdwCleaner\AdwCleaner[R0].txt - [21970 Bajty] - [13/07/2015 18:41:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [20100 Bajty] - [13/07/2015 18:43:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [4742 Bajty] - [06/05/2017 22:35:09]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4761 Bajty] ##########
heslo jsem si změnila hned jak jsem zjistila, že k přihlášení došlo. Log:
# AdwCleaner v6.046 - Log vytvořen 06/05/2017 v 22:36:08
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-05-05.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Jaroslav - HELČA-NOTEBOOK
# Spuštěno z : C:\Users\Jaroslav\Desktop\adwcleaner_6.046.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\WINDOWS\SysNative\tprb
[-] Složka smazána: C:\WINDOWS\SysWOW64\mjcm
***** [ Soubory ] *****
[-] Soubor smazán: C:\user.js
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\APNMCP
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\apnmcp
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Hodnota smazána: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Klíč smazán: HKU\.DEFAULT\Software\VNT
[-] Klíč smazán: HKU\.DEFAULT\Software\Auslogics
[-] Klíč smazán: HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Conduit
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\AskToolbar
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\AVG Security Toolbar
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\SweetIM
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\VNT
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Auslogics
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[-] Klíč smazán: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\StartNow Toolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\AskToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\AVG Security Toolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2701842232-1085011673-912201240-1000\Software\SweetIM
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Hodnota smazána: HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Klíč smazán: HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\SearchScopes\{586BB8B2-2A67-4CA1-814D-55A496EB2176}
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{586BB8B2-2A67-4CA1-814D-55A496EB2176}
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{586BB8B2-2A67-4CA1-814D-55A496EB2176}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\SpeedUpMyPC
***** [ Prohlížeče ] *****
[-] [C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: nafaimnnclfjfedmmabolbppcngeolgf
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4467 Bajty] - [06/05/2017 22:36:08]
C:\AdwCleaner\AdwCleaner[R0].txt - [21970 Bajty] - [13/07/2015 18:41:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [20100 Bajty] - [13/07/2015 18:43:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [4742 Bajty] - [06/05/2017 22:35:09]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4761 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěná přihlášení
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěná přihlášení
Dobrý večer. Log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-05-2017 01
Ran by Jaroslav (administrator) on HELČA-NOTEBOOK (07-05-2017 23:15:00)
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav & Kraviny & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2149160 2010-05-21] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-09-17] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-14] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Gold! RemindBoard] => C:\myGold\Gold! RemindBoard\Gold! RemindBoard_GG.exe [170496 2013-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Dropbox Update] => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-23] (Valve Corporation)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4876864 2017-05-05] (GOG.com)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [152064 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-14] (AVAST Software)
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay4] -> {CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-08-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4694aaa7-e6f5-48fe-b57d-63654c8464c6}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{aa837cb9-c66d-4e46-9b8d-1a0082f3b89e}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {3f8f0f37-95c0-4a85-87a4-641a896a1d35} URL = hxxp://www.firmy.cz/phr/{searchTerms}?sourceid ... arch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {5a77b724-ed9c-4fd6-987d-838b8e592594} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {de90e581-2b9c-41fe-b06c-0a75f99d9bc9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {df5f9b9f-bd36-4d62-b963-45b58f76bd26} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13169
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-08] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2701842232-1085011673-912201240-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jaroslav\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "","hxxp://www.shirai.cz/anime-zobraz/61/soul-eate ... =10&&st=23"
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default [2017-05-07]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2016-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (TimeDoser) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkneeaihlcdllananjlkmppnkdahdcc [2016-04-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Avast Passwords) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-04-05]
CHR Extension: (Avast SafePrice) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-05]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-05-05]
CHR Extension: (Page Refresh) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmooaemjmediafeacjplpbpenjnpcneg [2016-05-23]
CHR Extension: (Little Alchemy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-04-22]
CHR Extension: (WorkFlowy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\koegeopamaoljbmhnfjbclbocehhgmkm [2016-09-29]
CHR Extension: (StayFocusd) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2016-04-22]
CHR Extension: (Skype) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-09]
CHR Extension: (Foxkeh Theme) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdfmcddmngjdmjmhhpcnbnmnkdhpjhef [2015-08-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05]
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-05-05]
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.4.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.1.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.1.3.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\Partner-1.0.3.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-14] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-14] (AVAST Software)
S4 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [512576 2017-05-05] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7942208 2017-05-05] (GOG.com)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 lxdnCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [29184 2009-04-28] (Lexmark International, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-09-17] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [307736 2017-04-14] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-04-14] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334088 2017-04-14] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-04-14] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-04-14] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-04-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-04-29] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-04-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-04-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1005048 2017-04-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [556784 2017-04-29] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [164064 2017-04-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-04-14] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-11-11] (Windows (R) 2003 DDK 3790 provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2016-07-16] (Marvell)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-05-2017 01
Ran by Jaroslav (administrator) on HELČA-NOTEBOOK (07-05-2017 23:15:00)
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav & Kraviny & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2149160 2010-05-21] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-09-17] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-14] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Gold! RemindBoard] => C:\myGold\Gold! RemindBoard\Gold! RemindBoard_GG.exe [170496 2013-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Dropbox Update] => C:\Users\Jaroslav\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-23] (Valve Corporation)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [4876864 2017-05-05] (GOG.com)
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [152064 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-14] (AVAST Software)
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay4] -> {CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
Startup: C:\Users\Jaroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-08-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jaroslav\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4694aaa7-e6f5-48fe-b57d-63654c8464c6}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{aa837cb9-c66d-4e46-9b8d-1a0082f3b89e}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {3f8f0f37-95c0-4a85-87a4-641a896a1d35} URL = hxxp://www.firmy.cz/phr/{searchTerms}?sourceid ... arch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {5a77b724-ed9c-4fd6-987d-838b8e592594} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {de90e581-2b9c-41fe-b06c-0a75f99d9bc9} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13169
SearchScopes: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> {df5f9b9f-bd36-4d62-b963-45b58f76bd26} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13169
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-08] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-08] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2701842232-1085011673-912201240-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jaroslav\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "","hxxp://www.shirai.cz/anime-zobraz/61/soul-eate ... =10&&st=23"
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default [2017-05-07]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2016-04-22]
CHR Extension: (Dokumenty Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (TimeDoser) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkneeaihlcdllananjlkmppnkdahdcc [2016-04-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Avast Passwords) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-04-05]
CHR Extension: (Avast SafePrice) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-05]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-05-05]
CHR Extension: (Page Refresh) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmooaemjmediafeacjplpbpenjnpcneg [2016-05-23]
CHR Extension: (Little Alchemy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-04-22]
CHR Extension: (WorkFlowy) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\koegeopamaoljbmhnfjbclbocehhgmkm [2016-09-29]
CHR Extension: (StayFocusd) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2016-04-22]
CHR Extension: (Skype) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-09]
CHR Extension: (Foxkeh Theme) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdfmcddmngjdmjmhhpcnbnmnkdhpjhef [2015-08-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05]
CHR Profile: C:\Users\Jaroslav\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-05-05]
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eibfgbclmgnmffinenpipoibfdoblond] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-rv-1.4.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkfpcckoflkdgjdobdkpclgngaahgbpi] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-email-1.1.4.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ghoooididkjbjjldgojdgceoinbhbjmh] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\listicka-chrome-slovnik-1.1.3.crx <not found>
CHR HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lelcohngbjgpiibagnfmncojacafbbpg] - C:\Users\Jaroslav\AppData\Roaming\Seznam.cz\bin\Partner-1.0.3.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-14] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-14] (AVAST Software)
S4 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [512576 2017-05-05] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7942208 2017-05-05] (GOG.com)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 lxdnCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\lxdnserv.exe [29184 2009-04-28] (Lexmark International, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-09-17] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [307736 2017-04-14] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-04-14] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334088 2017-04-14] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-04-14] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-04-14] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-04-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-04-29] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-04-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-04-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1005048 2017-04-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [556784 2017-04-29] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [164064 2017-04-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-04-14] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-11-11] (Windows (R) 2003 DDK 3790 provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2016-07-16] (Marvell)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Přílohy
-
- Addition.rar
- (16.02 KiB) Staženo 72 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěná přihlášení
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay4] -> {CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => -> No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
CHR StartupUrls: Default -> "","hxxp://www.shirai.cz/anime-zobraz/61/soul-eate ... =10&&st=23"
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
U3 idsvc; no ImagePath
Task: {20A0FD0A-E2E4-4453-960B-0E6E5E1AEBF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {49956CD9-9DD9-406F-B771-BE976B1273BE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {70FCCAA7-79FA-4E61-BD06-4FE8D821FF46} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {76E57406-1329-47C7-93DE-D2FF48B404D8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {814081D8-3BBC-4B72-9BD5-737060B65325} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8D3D8022-AE28-483C-81D7-D1DBA14CB060} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {970CC64D-5DC8-4A1F-8B46-14B35065881E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A5903CD8-8524-4407-A2C1-DABEB0DBF587} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {CC790D77-5244-4394-9A76-4074F3805274} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D1D65824-ECBF-4EE5-8314-FEA3E342E74F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D78003B5-35F2-4B01-9F2E-910FC1547D85} - System32\Tasks\{E6B474E1-5E0E-4858-86FC-377A8F55B18B} => pcalua.exe -a D:\SystemSoftware\BASW-11871A\bcmwlu00.exe -d D:\SystemSoftware\BASW-11871A
Task: {DB6F5FCA-6E15-4B29-8684-48445218AC24} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E9D3A772-95CE-4D97-A520-E1C1E839B718} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F34AB906-C7DE-4861-810D-33318C605C04} - System32\Tasks\{8514756E-EA4C-4387-9AC1-AAB5AB95D337} => pcalua.exe -a E:\eauninstall.exe -d E:\
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [126]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [254]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěná přihlášení
Dobrý den. Log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-05-2017 01
Ran by Jaroslav (09-05-2017 17:46:11) Run:1
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav & Kraviny & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay4] -> {CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => -> No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
CHR StartupUrls: Default -> "","hxxp://www.shirai.cz/anime-zobraz/61/soul-eate ... =10&&st=23"
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
U3 idsvc; no ImagePath
Task: {20A0FD0A-E2E4-4453-960B-0E6E5E1AEBF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {49956CD9-9DD9-406F-B771-BE976B1273BE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {70FCCAA7-79FA-4E61-BD06-4FE8D821FF46} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {76E57406-1329-47C7-93DE-D2FF48B404D8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {814081D8-3BBC-4B72-9BD5-737060B65325} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8D3D8022-AE28-483C-81D7-D1DBA14CB060} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {970CC64D-5DC8-4A1F-8B46-14B35065881E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A5903CD8-8524-4407-A2C1-DABEB0DBF587} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {CC790D77-5244-4394-9A76-4074F3805274} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D1D65824-ECBF-4EE5-8314-FEA3E342E74F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D78003B5-35F2-4B01-9F2E-910FC1547D85} - System32\Tasks\{E6B474E1-5E0E-4858-86FC-377A8F55B18B} => pcalua.exe -a D:\SystemSoftware\BASW-11871A\bcmwlu00.exe -d D:\SystemSoftware\BASW-11871A
Task: {DB6F5FCA-6E15-4B29-8684-48445218AC24} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E9D3A772-95CE-4D97-A520-E1C1E839B718} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F34AB906-C7DE-4861-810D-33318C605C04} - System32\Tasks\{8514756E-EA4C-4387-9AC1-AAB5AB95D337} => pcalua.exe -a E:\eauninstall.exe -d E:\
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [126]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [254]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4SyncOverlay1 => key removed successfully
HKCR\CLSID\{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4SyncOverlay2 => key removed successfully
HKCR\CLSID\{C72C6188-BEF2-46E5-A89A-52F0ED75219E} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4SyncOverlay3 => key removed successfully
HKCR\CLSID\{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4SyncOverlay4 => key removed successfully
HKCR\CLSID\{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => value removed successfully
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => key not found.
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{46463300-6A76-A76A-76A7-7A786E7484D7} => value removed successfully
HKCR\CLSID\{46463300-6A76-A76A-76A7-7A786E7484D7} => key not found.
HKCR\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
C:\Program Files (x86)\Skype\Toolbars => moved successfully
Chrome StartupUrls => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => key removed successfully
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => not found.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20A0FD0A-E2E4-4453-960B-0E6E5E1AEBF3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20A0FD0A-E2E4-4453-960B-0E6E5E1AEBF3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49956CD9-9DD9-406F-B771-BE976B1273BE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49956CD9-9DD9-406F-B771-BE976B1273BE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70FCCAA7-79FA-4E61-BD06-4FE8D821FF46} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70FCCAA7-79FA-4E61-BD06-4FE8D821FF46} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76E57406-1329-47C7-93DE-D2FF48B404D8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76E57406-1329-47C7-93DE-D2FF48B404D8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{814081D8-3BBC-4B72-9BD5-737060B65325} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{814081D8-3BBC-4B72-9BD5-737060B65325} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D3D8022-AE28-483C-81D7-D1DBA14CB060} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D3D8022-AE28-483C-81D7-D1DBA14CB060} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{970CC64D-5DC8-4A1F-8B46-14B35065881E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{970CC64D-5DC8-4A1F-8B46-14B35065881E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5903CD8-8524-4407-A2C1-DABEB0DBF587} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5903CD8-8524-4407-A2C1-DABEB0DBF587} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC790D77-5244-4394-9A76-4074F3805274} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC790D77-5244-4394-9A76-4074F3805274} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1D65824-ECBF-4EE5-8314-FEA3E342E74F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1D65824-ECBF-4EE5-8314-FEA3E342E74F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D78003B5-35F2-4B01-9F2E-910FC1547D85} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D78003B5-35F2-4B01-9F2E-910FC1547D85} => key removed successfully
C:\WINDOWS\System32\Tasks\{E6B474E1-5E0E-4858-86FC-377A8F55B18B} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E6B474E1-5E0E-4858-86FC-377A8F55B18B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB6F5FCA-6E15-4B29-8684-48445218AC24} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB6F5FCA-6E15-4B29-8684-48445218AC24} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9D3A772-95CE-4D97-A520-E1C1E839B718} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9D3A772-95CE-4D97-A520-E1C1E839B718} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F34AB906-C7DE-4861-810D-33318C605C04} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34AB906-C7DE-4861-810D-33318C605C04} => key removed successfully
C:\WINDOWS\System32\Tasks\{8514756E-EA4C-4387-9AC1-AAB5AB95D337} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8514756E-EA4C-4387-9AC1-AAB5AB95D337} => key removed successfully
C:\ProgramData\Temp => ":2430E4FC" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45600031 B
Java, Flash, Steam htmlcache => 199665218 B
Windows/system/drivers => 11004 B
Edge => 3236 B
Chrome => 414782542 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 46882 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 4082 B
NetworkService => 0 B
Jaroslav => 134272066 B
Kraviny => 70588489 B
DefaultAppPool => 40738 B
RecycleBin => 0 B
EmptyTemp: => 824.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:46:41 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 05-05-2017 01
Ran by Jaroslav (09-05-2017 17:46:11) Run:1
Running from C:\Users\Jaroslav\Desktop
Loaded Profiles: Jaroslav (Available Profiles: Jaroslav & Kraviny & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
ShellIconOverlayIdentifiers: [4SyncOverlay1] -> {2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay2] -> {C72C6188-BEF2-46E5-A89A-52F0ED75219E} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay3] -> {C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => -> No File
ShellIconOverlayIdentifiers: [4SyncOverlay4] -> {CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => -> No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
Toolbar: HKU\S-1-5-21-2701842232-1085011673-912201240-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
CHR StartupUrls: Default -> "","hxxp://www.shirai.cz/anime-zobraz/61/soul-eate ... =10&&st=23"
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
U3 idsvc; no ImagePath
Task: {20A0FD0A-E2E4-4453-960B-0E6E5E1AEBF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {49956CD9-9DD9-406F-B771-BE976B1273BE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {70FCCAA7-79FA-4E61-BD06-4FE8D821FF46} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {76E57406-1329-47C7-93DE-D2FF48B404D8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {814081D8-3BBC-4B72-9BD5-737060B65325} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8D3D8022-AE28-483C-81D7-D1DBA14CB060} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {970CC64D-5DC8-4A1F-8B46-14B35065881E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A5903CD8-8524-4407-A2C1-DABEB0DBF587} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {CC790D77-5244-4394-9A76-4074F3805274} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D1D65824-ECBF-4EE5-8314-FEA3E342E74F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {D78003B5-35F2-4B01-9F2E-910FC1547D85} - System32\Tasks\{E6B474E1-5E0E-4858-86FC-377A8F55B18B} => pcalua.exe -a D:\SystemSoftware\BASW-11871A\bcmwlu00.exe -d D:\SystemSoftware\BASW-11871A
Task: {DB6F5FCA-6E15-4B29-8684-48445218AC24} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E9D3A772-95CE-4D97-A520-E1C1E839B718} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F34AB906-C7DE-4861-810D-33318C605C04} - System32\Tasks\{8514756E-EA4C-4387-9AC1-AAB5AB95D337} => pcalua.exe -a E:\eauninstall.exe -d E:\
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [126]
AlternateDataStreams: C:\ProgramData\Temp:798A3728 [254]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [112]
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4SyncOverlay1 => key removed successfully
HKCR\CLSID\{2012DE06-50C0-48BD-ACDE-88F95D4CAD1F} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4SyncOverlay2 => key removed successfully
HKCR\CLSID\{C72C6188-BEF2-46E5-A89A-52F0ED75219E} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4SyncOverlay3 => key removed successfully
HKCR\CLSID\{C92F6BC2-AF61-4C0E-80E0-939B8282DDB7} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\4SyncOverlay4 => key removed successfully
HKCR\CLSID\{CB1EFEF8-D5E0-49D1-B768-41B48B1D7803} => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => value removed successfully
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => key not found.
HKU\S-1-5-21-2701842232-1085011673-912201240-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{46463300-6A76-A76A-76A7-7A786E7484D7} => value removed successfully
HKCR\CLSID\{46463300-6A76-A76A-76A7-7A786E7484D7} => key not found.
HKCR\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
C:\Program Files (x86)\Skype\Toolbars => moved successfully
Chrome StartupUrls => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => key removed successfully
"C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx" => not found.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20A0FD0A-E2E4-4453-960B-0E6E5E1AEBF3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20A0FD0A-E2E4-4453-960B-0E6E5E1AEBF3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49956CD9-9DD9-406F-B771-BE976B1273BE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49956CD9-9DD9-406F-B771-BE976B1273BE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70FCCAA7-79FA-4E61-BD06-4FE8D821FF46} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70FCCAA7-79FA-4E61-BD06-4FE8D821FF46} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76E57406-1329-47C7-93DE-D2FF48B404D8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76E57406-1329-47C7-93DE-D2FF48B404D8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{814081D8-3BBC-4B72-9BD5-737060B65325} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{814081D8-3BBC-4B72-9BD5-737060B65325} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D3D8022-AE28-483C-81D7-D1DBA14CB060} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D3D8022-AE28-483C-81D7-D1DBA14CB060} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{970CC64D-5DC8-4A1F-8B46-14B35065881E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{970CC64D-5DC8-4A1F-8B46-14B35065881E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5903CD8-8524-4407-A2C1-DABEB0DBF587} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5903CD8-8524-4407-A2C1-DABEB0DBF587} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC790D77-5244-4394-9A76-4074F3805274} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC790D77-5244-4394-9A76-4074F3805274} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D1D65824-ECBF-4EE5-8314-FEA3E342E74F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1D65824-ECBF-4EE5-8314-FEA3E342E74F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D78003B5-35F2-4B01-9F2E-910FC1547D85} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D78003B5-35F2-4B01-9F2E-910FC1547D85} => key removed successfully
C:\WINDOWS\System32\Tasks\{E6B474E1-5E0E-4858-86FC-377A8F55B18B} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E6B474E1-5E0E-4858-86FC-377A8F55B18B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB6F5FCA-6E15-4B29-8684-48445218AC24} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB6F5FCA-6E15-4B29-8684-48445218AC24} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9D3A772-95CE-4D97-A520-E1C1E839B718} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9D3A772-95CE-4D97-A520-E1C1E839B718} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F34AB906-C7DE-4861-810D-33318C605C04} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34AB906-C7DE-4861-810D-33318C605C04} => key removed successfully
C:\WINDOWS\System32\Tasks\{8514756E-EA4C-4387-9AC1-AAB5AB95D337} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8514756E-EA4C-4387-9AC1-AAB5AB95D337} => key removed successfully
C:\ProgramData\Temp => ":2430E4FC" ADS removed successfully.
C:\ProgramData\Temp => ":798A3728" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45600031 B
Java, Flash, Steam htmlcache => 199665218 B
Windows/system/drivers => 11004 B
Edge => 3236 B
Chrome => 414782542 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 46882 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 4082 B
NetworkService => 0 B
Jaroslav => 134272066 B
Kraviny => 70588489 B
DefaultAppPool => 40738 B
RecycleBin => 0 B
EmptyTemp: => 824.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:46:41 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěná přihlášení
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nechtěná přihlášení
Dobrý den,
řekněme, že zatím nedošlo k žádnému jinému nechtěnému přihlášení, takže je to snad v pořádku
Děkuji, Střelcová.
řekněme, že zatím nedošlo k žádnému jinému nechtěnému přihlášení, takže je to snad v pořádku
Děkuji, Střelcová.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nechtěná přihlášení
To jsem rád. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?