Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakující okno s reklamou AdChoices v MS Edge

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
vkudla
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 zář 2015 16:33

Vyskakující okno s reklamou AdChoices v MS Edge

#1 Příspěvek od vkudla »

Při spuštění PC se samovolně otevře okno MS Edge s reklamou Adchoices.
Díky za pomoc Vlasta

Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel 1 at 2017-08-28 22:47:43
Microsoft Windows 10 Pro
System drive C: has 64 GB (57%) free of 114 GB
Total RAM: 8145 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:47:46, on 28.08.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\uzivatel 1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
D:\SW\Steam\Steam.exe
C:\Games\World_of_Tanks\WargamingGameUpdater.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\SW\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Adguard\Adguard.exe
C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\uzivatel 1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [OneDrive] "C:\Users\uzivatel 1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "D:\SW\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Adguard] C:\Program Files (x86)\Adguard\Adguard.exe /nosplash
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: GIGABYTE XTREME GAMING ENGINE.lnk = C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Steam Update.bat
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adguard Service - Performix LLC - C:\Program Files (x86)\Adguard\AdguardSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9673 bytes

======Listing Processes======









winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s nsi
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8fbbc300-d911-4bb1-89bb-8a32c3b15a96 -SystemEventPortName:HostProcess-0ff26bb2-34c4-4bb7-a288-1ea8cb5963bf -IoCancelEventPortName:HostProcess-95fb4900-9089-4b58-ad46-503f6d10b117 -NonStateChangingEventPortName:HostProcess-eb1f723d-476c-41bf-ba3d-6ff2713af2be -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4d8fa77b-34ad-4f32-9c38-cb1d390020db -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
dashost.exe {4db66840-14ac-4453-8487a12d4b0aaed1}
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k netsvcs -s SENS
atieclxx
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection

c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
"C:\Program Files (x86)\Adguard\AdguardSvc.exe"
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\Windows\system32\IProsetMonitor.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc

C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc

c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
AvastUI.exe /nogui
"C:\Users\uzivatel 1\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"D:\SW\Steam\Steam.exe" -silent
"C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
D:\SW\Steam\bin\cef\cef.win7\steamwebhelper.exe "-lang=cs_CZ" "-cachedir=C:\Users\uzivatel 1\AppData\Local\Steam\htmlcache" "-steampid=10180" "-buildid=1500335472" "-steamid=0" "-clientui=D:\SW\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=D:\SW\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
szndesktop.exe default start
"C:\Program Files (x86)\Adguard\Adguard.exe" /nosplash
"C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe" /h
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
c:\windows\system32\svchost.exe -k netsvcs -s BITS
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=60.0.3112.113 --initial-client-data=0x1e4,0x1e8,0x1ec,0x1e0,0x1f0,0x7ffcfd0029b8,0x7ffcfd0029f8,0x7ffcfd0029d0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2376 --on-initialized-event-handle=512 --parent-handle=508 /prefetch:6
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1388,4254826951251258935,18096292315277413809,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,20,21,24,43,77 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x67df --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=22.19.162.4 --gpu-driver-date=4-24-2017 --service-request-channel-token=6865E66605DA153707B7EFF950DCA2F7 --mojo-platform-channel-handle=1400 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,4254826951251258935,18096292315277413809,131072 --service-pipe-token=771D555FEAF9591C7A725BFD5C3E696B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=771D555FEAF9591C7A725BFD5C3E696B --renderer-client-id=7 --mojo-platform-channel-handle=2496 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,4254826951251258935,18096292315277413809,131072 --service-pipe-token=55EFA1406392ABA515BCF4CC7F4592FD --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=55EFA1406392ABA515BCF4CC7F4592FD --renderer-client-id=4 --mojo-platform-channel-handle=3088 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,4254826951251258935,18096292315277413809,131072 --service-pipe-token=D1228F485711B21E19BB821BFB50A64C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=D1228F485711B21E19BB821BFB50A64C --renderer-client-id=5 --mojo-platform-channel-handle=3172 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1388,4254826951251258935,18096292315277413809,131072 --service-pipe-token=F625F17D888BEA8A94EEA8A5C23F42D2 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553 --service-request-channel-token=F625F17D888BEA8A94EEA8A5C23F42D2 --renderer-client-id=6 --mojo-platform-channel-handle=3164 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 704 708 716 8192 712
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x40c
"C:\Users\uzivatel 1\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-12 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-12 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-12 255088]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-12 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-10-21 9037832]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2016-09-20 71168]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-07-29 213832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\uzivatel 1\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-07-29 1536208]
"Steam"=D:\SW\Steam\steam.exe [2017-07-18 3062560]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2017-02-28 3135752]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-05-19 9773272]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-07-28 27815896]
"cz.seznam.software.autoupdate"=C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Adguard"=C:\Program Files (x86)\Adguard\Adguard.exe [2017-03-27 5622032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-17 1160408]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
Steam Update.bat

C:\Users\uzivatel 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE XTREME GAMING ENGINE.lnk - C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-08-28 22:47:43 ----D---- C:\rsit
2017-08-28 22:47:43 ----D---- C:\Program Files\trend micro
2017-08-28 22:47:36 ----D---- C:\ProgramData\SWCUTemp
2017-08-28 22:02:35 ----HD---- C:\OneDriveTemp
2017-08-28 22:00:43 ----A---- C:\WINDOWS\system32\drivers\adgnetworkwfpdrv.sys
2017-08-28 22:00:42 ----A---- C:\WINDOWS\SYSWOW64\drivers\vwifikerneldrv.sys
2017-08-28 22:00:42 ----A---- C:\WINDOWS\SYSWOW64\d3dx9_11.dll.tmp
2017-08-28 22:00:42 ----A---- C:\ProgramData\fontcacheev1.dat
2017-08-28 22:00:40 ----D---- C:\Users\uzivatel 1\AppData\Roaming\Performix LLC
2017-08-28 22:00:40 ----D---- C:\ProgramData\Adguard
2017-08-28 22:00:39 ----D---- C:\Program Files (x86)\Adguard
2017-08-28 21:16:10 ----D---- C:\AdwCleaner
2017-08-22 22:01:52 ----D---- C:\ProgramData\Caphyon
2017-08-22 22:00:42 ----D---- C:\Users\uzivatel 1\AppData\Roaming\Blizzard
2017-08-22 21:11:30 ----D---- C:\Program Files (x86)\Seznam.cz
2017-08-22 21:11:12 ----D---- C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz
2017-07-29 13:29:52 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2017-08-28 22:47:43 ----RD---- C:\Program Files
2017-08-28 22:47:19 ----D---- C:\WINDOWS\Temp
2017-08-28 22:44:31 ----D---- C:\Users\uzivatel 1\AppData\Roaming\Skype
2017-08-28 22:20:13 ----D---- C:\WINDOWS\Prefetch
2017-08-28 22:07:52 ----D---- C:\WINDOWS\System32
2017-08-28 22:07:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-28 22:04:14 ----D---- C:\WINDOWS\system32\sru
2017-08-28 22:02:13 ----D---- C:\WINDOWS\INF
2017-08-28 22:02:08 ----D---- C:\Windows
2017-08-28 22:00:48 ----D---- C:\WINDOWS\system32\Tasks
2017-08-28 22:00:43 ----SHDC---- C:\WINDOWS\Installer
2017-08-28 22:00:43 ----D---- C:\WINDOWS\system32\drivers
2017-08-28 22:00:42 ----HD---- C:\ProgramData
2017-08-28 22:00:42 ----D---- C:\WINDOWS\SYSWOW64\drivers
2017-08-28 22:00:42 ----D---- C:\WINDOWS\SysWOW64
2017-08-28 22:00:39 ----RD---- C:\Program Files (x86)
2017-08-28 22:00:34 ----D---- C:\ProgramData\Package Cache
2017-08-28 21:49:54 ----D---- C:\WINDOWS\SoftwareDistribution
2017-08-28 21:46:41 ----D---- C:\Users\uzivatel 1\AppData\Roaming\Media Player Classic
2017-08-28 21:46:39 ----DC---- C:\WINDOWS\Panther
2017-08-28 21:46:39 ----D---- C:\WINDOWS\debug
2017-08-28 21:44:53 ----SD---- C:\ProgramData\Microsoft
2017-08-28 21:23:16 ----D---- C:\WINDOWS\system32\catroot2
2017-08-28 21:11:21 ----HD---- C:\Program Files\WindowsApps
2017-08-28 21:11:21 ----D---- C:\WINDOWS\AppReadiness
2017-08-27 21:26:38 ----D---- C:\WINDOWS\system32\SleepStudy
2017-08-26 15:40:24 ----D---- C:\WINDOWS\system32\DriverStore
2017-08-26 10:55:45 ----D---- C:\WINDOWS\system32\config
2017-08-22 20:27:26 ----RD---- C:\WINDOWS\Microsoft.NET
2017-08-11 18:09:21 ----D---- C:\WINDOWS\WinSxS
2017-08-10 11:11:57 ----D---- C:\Users\uzivatel 1\AppData\Roaming\.minecraft
2017-08-10 10:28:03 ----D---- C:\WINDOWS\CbsTemp
2017-08-10 10:22:42 ----D---- C:\WINDOWS\system32\MRT
2017-08-10 10:21:48 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-08-03 20:30:30 ----D---- C:\ProgramData\Skype
2017-07-31 17:15:09 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-07-29 18:41:28 ----D---- C:\WINDOWS\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-07-29 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-07-29 343288]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-07-29 57728]
R0 AswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-07-06 84392]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-07-06 361336]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-09-20 795640]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 adgnetworkwfpdrv;adgnetworkwfpdrv; C:\WINDOWS\system32\drivers\adgnetworkwfpdrv.sys [2017-03-27 81000]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-07-29 320008]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-07-06 41800]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-07-06 110352]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-08-11 1015880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-07-06 585608]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-08-11 146704]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-07-06 198768]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [2017-05-16 36558208]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [2017-05-16 528760]
R3 AtiHDAudioService;@oem15.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2016-09-28 110104]
R3 atillk64;atillk64; \??\C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\AtiTool\atillk64.sys [2006-07-19 14608]
R3 e1dexpress;@oem8.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [2016-07-26 543184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-10-21 5371912]
R3 MEIx64;@oem21.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-06-26 205984]
R3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw64e.sys [2016-09-01 50640]
S0 amdkmafd;@oem10.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2016-08-18 49448]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-03-20 127904]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-03-20 161696]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-03-20 143776]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-07-06 46984]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-03-18 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2017-04-11 26192]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-03-20 230816]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Adguard Service;Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [2017-03-27 151312]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-17 82640]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-05-16 551808]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-07-29 263312]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_32852;CDPUserSvc_32852; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-09-20 17976]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2016-08-24 294968]
R2 OneSyncSvc_32852;OneSyncSvc_32852; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-07 336320]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-07-29 7430992]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_32852;PimIndexMaintenanceSvc_32852; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-07-18 1608480]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-11 153752]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-06-01 317400]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_32852;DevicesFlowUserSvc_32852; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2017-07-17 400656]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-12-17 137488]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-11 153752]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2017-04-11 194032]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_32852;MessagingService_32852; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-03-20 3913064]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-03-18 302592]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2017-07-07 846752]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#2 Příspěvek od altrok »

Krasny den Vam preju :bye:


:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).


:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan (Skenovani), pote na Clean (Cisteni)
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

vkudla
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 zář 2015 16:33

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#3 Příspěvek od vkudla »

Díky. Ale tohle zatím nepomohlo. ADW Cleaner nic nenašel a dělá to pořád.

# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 03 08:19:51 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 09-01-2017.2
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1136 B] - [2017/8/28 19:23:7]
C:/AdwCleaner/AdwCleaner[S0].txt - [968 B] - [2017/8/28 19:22:25]


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#4 Příspěvek od altrok »

:arrow: Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pokud budete mit problemy se stazenim FRSTLauncheru, staci kdyz pouzijete samotny FRST.exe/FRST64.exe.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

vkudla
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 zář 2015 16:33

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#5 Příspěvek od vkudla »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by uzivatel 1 (administrator) on DESKTOP-LSA438F (04-09-2017 20:34:34)
Running from C:\Users\uzivatel 1\Downloads
Loaded Profiles: uzivatel 1 (Available Profiles: uzivatel 1)
Platform: Windows 10 Pro Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Performix LLC) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) D:\SW\Steam\Steam.exe
(Wargaming.net) C:\Games\World_of_Tanks\WargamingGameUpdater.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) D:\SW\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\SW\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Performix LLC) C:\Program Files (x86)\Adguard\Adguard.exe
() C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(GIGABYTE Technology Co.,Ltd.) C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9037832 2016-10-21] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-29] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [Steam] => D:\SW\Steam\steam.exe [3071776 2017-08-28] (Valve Corporation)
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3135752 2017-02-28] (Wargaming.net)
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [5622032 2017-03-27] (Performix LLC)
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2017-04-14]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Steam Update.bat [2017-07-21] ()
Startup: C:\Users\uzivatel 1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE XTREME GAMING ENGINE.lnk [2017-09-04]
ShortcutTarget: GIGABYTE XTREME GAMING ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3f24cf43-c4c7-426d-982a-a362f1e30116}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-606738512-83190012-4274381972-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {05013F08-7281-4938-8B0B-928DCED0554E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {20F16A1C-74E6-42E1-A6D1-6A0FE5144C40} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {285F6BF7-9AA4-4DB1-914D-EDD3C563A5A7} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {3B320290-D69F-46F3-A316-B7C5DAF58022} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {497C06F6-B6D3-43B5-B284-E84C4B2FD4C7} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {B460689B-44BC-4402-B0C0-85D5B486B2D0} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {CD1109AE-B543-4A59-92BD-96A66C6CDBA9} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {D0D81AD4-4E5F-476A-83DA-5408705D8D8F} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-606738512-83190012-4274381972-1001 -> {EA12DDD8-9F53-4927-9F8B-7A98212D874B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-12] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-12] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-12] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-12] (Google Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> D:\SW\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\SW\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\SW\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default [2017-09-04]
CHR Extension: (Prezentace Google) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-14]
CHR Extension: (Dokumenty Google) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-14]
CHR Extension: (Disk Google) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-14]
CHR Extension: (Seznam Lištička - Email) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-22]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-08-22]
CHR Extension: (YouTube) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-14]
CHR Extension: (Avast SafePrice) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-26]
CHR Extension: (Tabulky Google) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-13]
CHR Extension: (Avast Online Security) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-08-22]
CHR Extension: (Gmail) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-14]
CHR Extension: (Chrome Media Router) - C:\Users\uzivatel 1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-11]
CHR HKU\S-1-5-21-606738512-83190012-4274381972-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-606738512-83190012-4274381972-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-606738512-83190012-4274381972-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [151312 2017-03-27] (Performix LLC)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-29] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-29] (AVAST Software)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [400656 2017-07-17] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [81000 2017-03-27] ()
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-07-29] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-07-29] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-07-29] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-07-29] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-07-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-07-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-07-06] (AVAST Software)
R0 AswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-07-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-11] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-07-06] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-07-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-07-06] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Advanced Micro Devices)
R3 atillk64; C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\AtiTool\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [543184 2016-07-26] (Intel Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-04 20:34 - 2017-09-04 20:34 - 000017318 _____ C:\Users\uzivatel 1\Downloads\FRST.txt
2017-09-04 20:33 - 2017-09-04 20:34 - 000000000 ____D C:\FRST
2017-09-04 20:30 - 2017-09-04 20:30 - 002395648 _____ (Farbar) C:\Users\uzivatel 1\Downloads\FRST64.exe
2017-09-04 20:26 - 2017-09-04 20:26 - 000000000 ___HD C:\OneDriveTemp
2017-09-03 10:17 - 2017-09-03 10:17 - 008182736 _____ (Malwarebytes) C:\Users\uzivatel 1\Downloads\adwcleaner_7.0.2.1.exe
2017-09-02 17:32 - 2017-09-02 18:30 - 1527289856 _____ C:\Users\uzivatel 1\Downloads\Divoké-vlny-2---CZ-dabing-(2017)_Animovaný---Komedie---Rodinný---Sportovní.avi
2017-08-28 22:47 - 2017-08-28 22:47 - 001222144 _____ C:\Users\uzivatel 1\Downloads\RSITx64.exe
2017-08-28 22:47 - 2017-08-28 22:47 - 000000000 ____D C:\rsit
2017-08-28 22:47 - 2017-08-28 22:47 - 000000000 ____D C:\Program Files\trend micro
2017-08-28 22:00 - 2017-09-04 20:34 - 000000000 ____D C:\ProgramData\Adguard
2017-08-28 22:00 - 2017-09-04 20:26 - 000000000 ____D C:\Program Files (x86)\Adguard
2017-08-28 22:00 - 2017-08-28 22:00 - 000000994 _____ C:\Users\Public\Desktop\Adguard.lnk
2017-08-28 22:00 - 2017-08-28 22:00 - 000000259 _____ C:\WINDOWS\SysWOW64\Drivers\vwifikerneldrv.sys
2017-08-28 22:00 - 2017-08-28 22:00 - 000000259 _____ C:\WINDOWS\SysWOW64\d3dx9_11.dll.tmp
2017-08-28 22:00 - 2017-08-28 22:00 - 000000259 _____ C:\ProgramData\fontcacheev1.dat
2017-08-28 22:00 - 2017-08-28 22:00 - 000000000 ____D C:\Users\uzivatel 1\AppData\Roaming\Performix LLC
2017-08-28 22:00 - 2017-08-28 22:00 - 000000000 ____D C:\Users\uzivatel 1\AppData\Local\Performix_LLC
2017-08-28 22:00 - 2017-08-28 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard
2017-08-28 22:00 - 2017-03-27 08:01 - 000081000 _____ () C:\WINDOWS\system32\Drivers\adgnetworkwfpdrv.sys
2017-08-28 21:59 - 2017-08-28 21:59 - 000173328 _____ C:\Users\uzivatel 1\Downloads\adguardInstaller.exe
2017-08-28 21:16 - 2017-09-03 10:19 - 000000000 ____D C:\AdwCleaner
2017-08-26 15:59 - 2017-08-26 15:59 - 001958403 _____ C:\Users\uzivatel 1\Downloads\locked Are you a Lucker 1.3.w3m
2017-08-22 22:43 - 2017-08-22 22:43 - 000001258 _____ C:\Users\uzivatel 1\Desktop\Frozen Throne.lnk
2017-08-22 22:01 - 2017-08-22 22:01 - 000000000 ____D C:\ProgramData\Caphyon
2017-08-22 22:00 - 2017-08-22 22:00 - 000000000 ____D C:\Users\uzivatel 1\AppData\Roaming\Blizzard
2017-08-22 21:17 - 2017-08-22 21:17 - 000000000 ____D C:\Users\uzivatel 1\AppData\Local\ATI
2017-08-22 21:11 - 2017-09-04 20:31 - 000000000 ____D C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz
2017-08-22 21:11 - 2017-08-22 21:11 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2017-08-22 21:10 - 2017-08-22 21:10 - 009304616 _____ C:\Users\uzivatel 1\Downloads\WGBSetup.exe
2017-08-12 21:21 - 2017-08-12 21:21 - 000125029 _____ C:\Users\uzivatel 1\Downloads\0811971957627234_20170810_X_008_000_M_C.pdf
2017-08-12 12:26 - 2017-08-12 12:26 - 000001251 _____ C:\Users\uzivatel 1\Desktop\Warcraft III – zástupce.lnk
2017-08-11 17:42 - 2017-08-11 18:16 - 2166634563 _____ C:\Users\uzivatel 1\Downloads\Warcraft-3-+-Frozen-Throne-CZ-Full-Patched-1.26.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-04 20:29 - 2017-04-12 13:35 - 000000000 ____D C:\Users\uzivatel 1\AppData\Roaming\Skype
2017-09-04 20:26 - 2017-06-04 10:36 - 000003500 _____ C:\WINDOWS\System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE
2017-09-04 20:26 - 2017-04-12 19:10 - 000000000 ____D C:\Users\uzivatel 1\Documents\temp
2017-09-04 20:26 - 2017-04-11 20:38 - 000000000 ___RD C:\Users\uzivatel 1\OneDrive
2017-09-04 19:29 - 2017-06-04 10:36 - 000004216 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FE2AE2AA-CA22-4423-BAAF-93EA3840024C}
2017-09-04 12:08 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-04 12:08 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-03 12:52 - 2017-06-04 10:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-03 10:26 - 2017-06-04 10:42 - 002136566 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-03 10:26 - 2017-03-20 06:39 - 000933450 _____ C:\WINDOWS\system32\perfh005.dat
2017-09-03 10:26 - 2017-03-20 06:39 - 000206538 _____ C:\WINDOWS\system32\perfc005.dat
2017-09-03 10:20 - 2017-06-04 10:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-03 10:20 - 2017-06-04 10:32 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-03 10:20 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-01 14:46 - 2017-06-04 10:33 - 000000000 ____D C:\Users\uzivatel 1
2017-09-01 13:11 - 2017-04-15 09:49 - 000001189 _____ C:\Users\uzivatel 1\Desktop\nativelog.txt
2017-09-01 11:40 - 2017-04-15 09:40 - 000000000 ____D C:\Users\uzivatel 1\AppData\Roaming\.minecraft
2017-08-28 22:02 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-28 22:00 - 2017-06-04 10:32 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-28 21:46 - 2017-05-28 11:30 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-28 21:46 - 2017-04-17 17:06 - 000000000 ____D C:\Users\uzivatel 1\AppData\Roaming\Media Player Classic
2017-08-28 21:05 - 2017-04-11 20:40 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 21:05 - 2017-04-11 20:40 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-23 18:44 - 2017-04-11 20:40 - 000002115 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-08-23 18:44 - 2017-04-11 20:40 - 000002113 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-08-23 18:44 - 2017-04-11 20:40 - 000002103 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-08-23 18:44 - 2017-04-11 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-08-22 22:38 - 2017-04-16 21:55 - 000000610 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-08-22 22:37 - 2017-04-13 22:31 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-08-11 17:48 - 2017-04-18 19:29 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-08-11 17:48 - 2017-04-18 19:29 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-08-11 17:24 - 2017-06-04 10:36 - 000004022 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1492536703
2017-08-11 17:24 - 2017-04-18 19:31 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-10 10:28 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-10 10:22 - 2017-04-11 23:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-10 10:21 - 2017-04-11 23:56 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-10 10:19 - 2017-04-11 20:37 - 000000000 ____D C:\Users\uzivatel 1\AppData\Local\Packages

==================== Files in the root of some directories =======

2017-04-11 21:20 - 2017-04-17 14:20 - 000586752 _____ () C:\Users\uzivatel 1\AppData\Local\file__0.localstorage
2017-06-04 10:32 - 2017-06-04 10:32 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-08-28 22:00 - 2017-08-28 22:00 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat


Some files in TEMP:
====================
2016-10-19 17:11 - 2016-10-19 17:11 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\uzivatel 1\AppData\Local\Temp\libeay32.dll
2016-10-19 17:11 - 2016-10-19 17:11 - 000970912 _____ (Microsoft Corporation) C:\Users\uzivatel 1\AppData\Local\Temp\msvcr120.dll
2016-10-19 17:11 - 2016-10-19 17:11 - 000772672 _____ () C:\Users\uzivatel 1\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-01 13:44

==================== End of FRST.txt ============================

vkudla
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 zář 2015 16:33

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#6 Příspěvek od vkudla »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by uzivatel 1 (04-09-2017 20:35:01)
Running from C:\Users\uzivatel 1\Downloads
Windows 10 Pro Version 1703 (X64) (2017-06-04 08:39:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-606738512-83190012-4274381972-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-606738512-83190012-4274381972-503 - Limited - Disabled)
Guest (S-1-5-21-606738512-83190012-4274381972-501 - Limited - Disabled)
uzivatel 1 (S-1-5-21-606738512-83190012-4274381972-1001 - Administrator - Enabled) => C:\Users\uzivatel 1

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adguard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 6.1.331.1732 - Performix LLC) Hidden
Adguard (HKLM-x32\...\{e2a82ed3-dba7-43f6-8ef3-e303140c55dd}) (Version: 6.1.331.1732 - Performix LLC)
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Dirty Bomb (HKLM\...\Steam App 333930) (Version: - Splash Damage®)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Google Drive (HKLM-x32\...\{A90339B3-2C3F-492E-B3A7-0BDFC691E526}) (Version: 2.34.6425.2548 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Heaven DX11 Benchmark version 3.0 (HKLM\...\Unigine Heaven DX11 Benchmark (Basic Edition)_is1) (Version: 3.0 - Unigine Corp.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Network Connections 21.1.29.0 (HKLM\...\PROSetDX) (Version: 21.1.29.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
OCCT 4.4.1 (HKLM-x32\...\OCCT) (Version: 4.4.1 - Ocbase.com)
PCMark Vantage (HKLM-x32\...\{F241EC95-C81A-466E-8006-6B0B364B07A0}) (Version: 1.2.0.0 - Futuremark)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Seznam Software (HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
THE SETTLERS - Dědictví králů (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Warcraft 3 + The Frozen Throne CZ (HKLM-x32\...\Warcraft 3 + The Frozen Throne CZ 1.0.0) (Version: 1.0.0 - Blizzard)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
World of Tanks (HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
XTREME GAMING ENGINE (HKLM-x32\...\GIGABYTE XTREME GAMING ENGINE_is1) (Version: 1.1.4.1 - GIGABYTE Technology Co.,Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-08-04] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-29] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-29] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-29] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-08-04] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-07-29] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4F16E3C0-9FE9-4873-A4A6-9A40A2D27EF3} - System32\Tasks\{1C9D33E7-96BE-428F-A863-F4A374431BDC} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/cs/abandoninstall?source=lightinstaller&page=tsInstall
Task: {539EB760-4802-47DE-9AD7-1559142224FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-11] (Google Inc.)
Task: {7588A57B-C411-41B8-90FA-2DE0CFCFC8AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-11] (Google Inc.)
Task: {968A03F7-4971-4A8E-A8B3-25C9707F4EF6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-07-29] (AVAST Software)
Task: {9C55D2CA-FF14-492A-B256-5400592596E5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {A91290C9-4454-4B04-A0C2-BD348DCA2358} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-14] (AVAST Software)
Task: {C66FDD05-C210-458E-BD34-D590C2974C9F} - System32\Tasks\Launcher GIGABYTE XTREME GAMING ENGINE => C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe [2016-09-26] (GIGABYTE Technology Co.,Ltd.)
Task: {C99723A9-E2C4-4E5F-AAFB-4A79A9D8D27C} - System32\Tasks\{ABCFA506-8DE5-4DA0-B416-28301FBBDF82} => "c:\windows\system32\launchwinapp.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {D2C008EA-A56A-41B3-96ED-91F71009BBAA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {FA25B7EA-95E7-47D3-A1A1-63437C92C6BD} - System32\Tasks\SafeZone scheduled Autoupdate 1492536703 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-08-22 21:11 - 2017-02-08 13:38 - 000079872 _____ () C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\2922libfoxloader-x64.dll
2017-03-18 22:59 - 2017-03-20 06:41 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-08-22 21:11 - 2017-06-14 16:17 - 000466640 _____ () C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-08-22 20:17 - 2017-08-22 20:18 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-22 20:17 - 2017-08-22 20:18 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-22 20:17 - 2017-08-22 20:18 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-22 20:17 - 2017-08-22 20:18 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-08-22 21:11 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2017-08-28 21:05 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-28 21:05 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2017-03-27 20:41 - 2017-03-27 20:41 - 001415952 _____ () C:\Program Files (x86)\Adguard\AdguardNetApi.DLL
2017-03-27 20:41 - 2017-03-27 20:41 - 000142096 _____ () C:\Program Files (x86)\Adguard\AdguardNetLib.DLL
2017-07-29 13:29 - 2017-07-29 13:29 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-29 13:29 - 2017-07-29 13:29 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-07-06 13:00 - 2017-07-06 13:00 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-22 21:11 - 2015-05-26 13:37 - 000078504 _____ () C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\2922libfoxloader.dll
2017-07-29 13:29 - 2017-07-29 13:29 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-07-29 13:29 - 2017-07-29 13:29 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-07-29 13:29 - 2017-07-29 13:29 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-07-29 13:29 - 2017-07-29 13:29 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-08-30 10:46 - 2017-08-04 23:19 - 000678176 _____ () D:\SW\Steam\SDL2.dll
2017-06-05 20:01 - 2016-09-01 03:02 - 004969248 _____ () D:\SW\Steam\v8.dll
2017-08-30 10:46 - 2017-08-28 22:05 - 002505504 _____ () D:\SW\Steam\video.dll
2017-06-05 20:01 - 2016-09-01 03:02 - 001563936 _____ () D:\SW\Steam\icui18n.dll
2017-06-05 20:01 - 2016-09-01 03:02 - 001195296 _____ () D:\SW\Steam\icuuc.dll
2017-06-05 20:01 - 2016-01-27 09:49 - 002549760 _____ () D:\SW\Steam\libavcodec-56.dll
2017-06-05 20:01 - 2016-01-27 09:49 - 000491008 _____ () D:\SW\Steam\libavformat-56.dll
2017-06-05 20:01 - 2016-01-27 09:49 - 000332800 _____ () D:\SW\Steam\libavresample-2.dll
2017-06-05 20:01 - 2016-01-27 09:49 - 000442880 _____ () D:\SW\Steam\libavutil-54.dll
2017-06-05 20:01 - 2016-01-27 09:49 - 000485888 _____ () D:\SW\Steam\libswscale-3.dll
2017-08-30 10:46 - 2017-08-28 22:05 - 000885024 _____ () D:\SW\Steam\bin\chromehtml.DLL
2017-06-05 20:01 - 2016-07-05 00:17 - 000266560 _____ () D:\SW\Steam\openvr_api.dll
2017-07-24 15:57 - 2017-07-24 15:57 - 001991640 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-08-30 10:46 - 2017-07-18 00:50 - 073115424 _____ () D:\SW\Steam\bin\cef\cef.win7\libcef.dll
2017-06-12 07:14 - 2017-05-17 03:54 - 000678176 _____ () D:\SW\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-05 20:01 - 2015-09-25 01:52 - 000119208 _____ () D:\SW\Steam\winh264.dll
2017-08-22 21:11 - 2015-05-26 13:38 - 000862888 _____ () C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2017-04-12 19:10 - 2016-08-18 20:26 - 000225792 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\GvFireware.dll
2017-04-12 19:10 - 2014-05-01 02:49 - 000025088 _____ () C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\BSL430.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-606738512-83190012-4274381972-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel 1\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img3.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{232AD995-EA44-4389-8627-3E8F12020730}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B064E90-BD13-4171-9EC1-7EAA0C8003D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{78B9041A-BE09-4BB4-AE58-0457AA339BDD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CD86961E-EA53-4847-84CC-8B039355BF44}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{7EDBB125-D8E0-465B-8EBA-EC5199812F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{6599CBC1-BF4F-4B8A-B76E-DB2DA4F4B94B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{FD942CF2-12E4-4DCB-A019-574DB24C7BBA}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{13637F1F-DF13-4E5C-B52E-D78780D247E9}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{487600C1-B06C-4244-B880-B188FF3E9796}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [{5B27A1A6-5009-484E-A5B5-55FA125292DF}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
FirewallRules: [TCP Query User{80E698A3-9B8F-4894-AF3E-2B2B3298A845}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CAB74B40-F45C-4D7F-AB67-4AF2A9F1E492}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2AA131CB-3E4E-4CAA-8DA5-235952A1E7BB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{095560A9-33C8-4441-B7E4-6CA86167A342}] => (Allow) D:\SW\Steam\Steam.exe
FirewallRules: [{231395F9-3346-47B4-891E-D9F21710C3B9}] => (Allow) D:\SW\Steam\Steam.exe
FirewallRules: [{B9B1D96D-24B9-4547-B071-B027DC064661}] => (Allow) D:\SW\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B53CC538-6B9E-47A1-A5F6-CF4EA83494BC}] => (Allow) D:\SW\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{781D0C2C-0743-465A-8E62-34B033EEFE8B}] => (Allow) D:\SW\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D45FAA9C-29C0-4AF1-B1A9-3CBC6ACE80CF}] => (Allow) D:\SW\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7ED396B1-071B-49E5-ABFA-DFB8155C1673}] => (Allow) D:\SW\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{FFF1DB9D-BF46-4D4A-A4A2-C288FB304387}] => (Allow) D:\SW\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [TCP Query User{BFC4DDFC-1337-4F7A-AE16-9720061E6D7B}D:\sw\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Block) D:\sw\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [UDP Query User{B09861CB-CD67-4F5E-A264-C68F46CDDAE5}D:\sw\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe] => (Block) D:\sw\steam\steamapps\common\dirty bomb\binaries\win32\shootergame-win32-shipping.exe
FirewallRules: [{766CEB3D-C2ED-4D50-BA71-3CB6D5E4AEFB}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
FirewallRules: [{B693FB1F-B600-4A40-81B5-B8CA8E854794}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [TCP Query User{F6A51558-096D-4390-B74F-99B297532C11}D:\hry\warcraft\warcraft iii\lancraft.exe] => (Block) D:\hry\warcraft\warcraft iii\lancraft.exe
FirewallRules: [UDP Query User{1AC9B8A9-3CDE-436D-A237-F4A2D37ACD02}D:\hry\warcraft\warcraft iii\lancraft.exe] => (Block) D:\hry\warcraft\warcraft iii\lancraft.exe
FirewallRules: [TCP Query User{EA604D00-E38F-4A6D-AD8B-BB3893E81FFB}D:\hry\warcraft\warcraft iii\war3.exe] => (Block) D:\hry\warcraft\warcraft iii\war3.exe
FirewallRules: [UDP Query User{77849A7F-EC5E-4096-B1DA-C4D4FE9186DF}D:\hry\warcraft\warcraft iii\war3.exe] => (Block) D:\hry\warcraft\warcraft iii\war3.exe
FirewallRules: [{D00606C5-2A88-4261-BABE-41F4639C3719}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F10C230D-D51E-49AF-BE4F-CD4023DBD506}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/28/2017 10:00:35 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (08/26/2017 09:45:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-LSA438F)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/24/2017 02:29:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-LSA438F)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/24/2017 02:29:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-LSA438F)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/20/2017 01:33:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-LSA438F)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/11/2017 01:22:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-LSA438F)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (08/10/2017 10:19:13 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (08/10/2017 10:19:13 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (08/06/2017 02:27:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: hl2.exe, verze: 0.0.0.0, časové razítko: 0x58a7ebd6
Název chybujícího modulu: engine.dll, verze: 0.0.0.0, časové razítko: 0x598112e5
Kód výjimky: 0xc0000005
Posun chyby: 0x000931cb
ID chybujícího procesu: 0x2bb8
Čas spuštění chybující aplikace: 0x01d30ea34ba6088f
Cesta k chybující aplikaci: D:\SW\Steam\steamapps\common\Team Fortress 2\hl2.exe
Cesta k chybujícímu modulu: d:\sw\steam\steamapps\common\team fortress 2\bin\engine.dll
ID zprávy: 34948275-6f62-4dc9-9716-9baa7242af81
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/31/2017 10:24:53 AM) (Source: ESENT) (EventID: 104) (User: )
Description: qmgr.dll (6292) QmgrDatabaseInstance: Databázový stroj zastavil instanci (0) s chybou (-1090).



Sekvence interního načasování:
[1] 0.000003 +J(0)
[2] 0.000015 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
[3] 0.000002 +J(0)
[4] 0.000003 +J(0)
[5] 0.0 +J(0)
[6] 0.000031 +J(0) +M(C:0K, Fs:2, WS:-44K # 0K, PF:-52K # 0K, P:-52K)
[7] -
[8] 0.000004 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
[9] 0.000806 +J(0) +M(C:0K, Fs:2, WS:-28K # 0K, PF:-36K # 0K, P:-36K)
[10] -
[11] 0.000005 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
[12] -
[13] 0.000018 +J(0) +M(C:0K, Fs:0, WS:-4K # 0K, PF:-4K # 0K, P:-4K)
[14] 0.000110 +J(0) +M(C:0K, Fs:0, WS:0K # 0K, PF:-4K # 0K, P:-4K)
[15] 0.000006 +J(0) +M(C:0K, Fs:0, WS:-8K # 0K, PF:-12K # 0K, P:-12K)
[16] 0.000001 +J(0).


System errors:
=============
Error: (09/04/2017 08:26:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atidgllk neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (09/04/2017 08:26:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\AtiToo

Error: (09/04/2017 08:26:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atidgllk neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (09/04/2017 08:26:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\AtiToo

Error: (09/04/2017 08:16:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LSA438F)
Description: Server {0002DF02-0000-0000-C000-000000000046} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/04/2017 08:16:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-LSA438F)
Description: Server {0002DF02-0000-0000-C000-000000000046} se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/04/2017 07:26:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atidgllk neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (09/04/2017 07:26:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\AtiToo

Error: (09/04/2017 07:26:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba atidgllk neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (09/04/2017 07:26:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\AtiToo


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 36%
Total physical RAM: 8145.46 MB
Available physical RAM: 5142.46 MB
Total Virtual: 9425.46 MB
Available Virtual: 6052.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.3 GB) (Free:59.91 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:874.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 8A849E58)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: ACD83F12)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#7 Příspěvek od altrok »

:arrow: Mate vypnutou funkci bodu obnoveni - velice doporucuji tuto funkci zapnout.
  • Kliknete pravym na Tento pocitac -> Vlastnosti -> Upresnit nastaveni systemu -> nahore zalozka Ochrana systemu -> oznacte systemovy disk (vetsinou C: ) -> Konfigurovat -> vyberte Obnovit nastaveni systemu a predchozi verze souboru a ulozte klikem na Pouzit.
  • Pokud si chcete hrat s velikosti mista na disku, ktere je vyuzito body obnoveni, nedoporucuji tuto hranici snizovat pod 1 GB. Pokud mate mista na disku dost, ponechte defaultni 3-5% vyuziti disku.



  • Znovu spustte FRST.exe/FRST64.exe
  • stisknete Ctrl + y (obe klavesy zaroven)
  • otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
  • stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
  • kliknete na tlacitko Fix
  • po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
    HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
    HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
    HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    CMD: type "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Steam Update.bat"
    CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
    2017-08-28 22:47 - 2017-08-28 22:47 - 001222144 _____ C:\Users\uzivatel 1\Downloads\RSITx64.exe
    2017-08-28 22:47 - 2017-08-28 22:47 - 000000000 ____D C:\rsit
    2017-08-28 22:47 - 2017-08-28 22:47 - 000000000 ____D C:\Program Files\trend micro
    Folder: C:\ProgramData\Caphyon
    CMD: dir "C:\Windows\Inf" /AD
    CMD: dir "C:\PROGRA~1"
    CMD: dir "C:\PROGRA~2"
    CMD: dir "C:\PROGRA~3"
    CMD: dir "%localappdata%"
    CMD: dir "%appdata%"
    Hosts:
    EmptyTemp:
    End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

vkudla
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 zář 2015 16:33

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#8 Příspěvek od vkudla »

Díky za pomoc. Zatím to ale nepomohlo. Přikládám fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by uzivatel 1 (08-09-2017 21:02:26) Run:1
Running from C:\Users\uzivatel 1\Downloads
Loaded Profiles: uzivatel 1 (Available Profiles: uzivatel 1)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\uzivatel 1\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-606738512-83190012-4274381972-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
CMD: type "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Steam Update.bat"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
2017-08-28 22:47 - 2017-08-28 22:47 - 001222144 _____ C:\Users\uzivatel 1\Downloads\RSITx64.exe
2017-08-28 22:47 - 2017-08-28 22:47 - 000000000 ____D C:\rsit
2017-08-28 22:47 - 2017-08-28 22:47 - 000000000 ____D C:\Program Files\trend micro
Folder: C:\ProgramData\Caphyon
CMD: dir "C:\Windows\Inf" /AD
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-606738512-83190012-4274381972-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-606738512-83190012-4274381972-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
HKU\S-1-5-21-606738512-83190012-4274381972-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully

========= type "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Steam Update.bat" =========

@echo off
title Steam update check...

start "" http://casualient.com/1le4
========= End of CMD: =========

Chrome NewTab => removed successfully
C:\Users\uzivatel 1\Downloads\RSITx64.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully

========================= Folder: C:\ProgramData\Caphyon ========================

2017-08-22 22:01 - 2017-08-22 22:01 - 000000000 ____D () C:\ProgramData\Caphyon\Advanced Installer
2017-08-22 22:01 - 2017-08-22 22:01 - 000000000 ____D () C:\ProgramData\Caphyon\Advanced Installer\{96300402-6158-4F47-A56C-EBC9B02988C1}
2017-08-22 22:01 - 2017-08-22 22:00 - 001675748 _____ (Blizzard) C:\ProgramData\Caphyon\Advanced Installer\{96300402-6158-4F47-A56C-EBC9B02988C1}\Warcraft 3 + The Frozen Throne CZ.exe

====== End of Folder: ======


========= dir "C:\Windows\Inf" /AD =========

Volume in drive C has no label.
Volume Serial Number is 1032-CD2A

Directory of C:\Windows\Inf

08.09.2017 21:02 <DIR> .
08.09.2017 21:02 <DIR> ..
20.03.2017 06:39 <DIR> .NET CLR Data
20.03.2017 06:39 <DIR> .NET CLR Networking
20.03.2017 06:39 <DIR> .NET CLR Networking 4.0.0.0
20.03.2017 06:39 <DIR> .NET Data Provider for Oracle
20.03.2017 06:39 <DIR> .NET Data Provider for SqlServer
20.03.2017 06:39 <DIR> .NET Memory Cache 4.0
20.03.2017 06:39 <DIR> .NETFramework
20.03.2017 06:39 <DIR> BITS
20.03.2017 06:39 <DIR> en-US
20.03.2017 06:39 <DIR> ESENT
04.06.2017 10:33 <DIR> Intel Storage Counters
20.03.2017 06:39 <DIR> MSDTC
04.06.2017 11:26 <DIR> MSDTC Bridge 3.0.0.0
20.03.2017 06:39 <DIR> MSDTC Bridge 4.0.0.0
20.03.2017 06:39 <DIR> PERFLIB
20.03.2017 06:39 <DIR> PNRPSvc
20.03.2017 06:39 <DIR> rdyboost
20.03.2017 06:39 <DIR> RemoteAccess
04.06.2017 11:26 <DIR> ServiceModelEndpoint 3.0.0.0
04.06.2017 11:26 <DIR> ServiceModelOperation 3.0.0.0
04.06.2017 11:26 <DIR> ServiceModelService 3.0.0.0
04.06.2017 11:26 <DIR> SMSvcHost 3.0.0.0
20.03.2017 06:39 <DIR> SMSvcHost 4.0.0.0
20.03.2017 06:39 <DIR> TAPISRV
20.03.2017 06:39 <DIR> TermService
20.03.2017 06:39 <DIR> UGatherer
20.03.2017 06:39 <DIR> UGTHRSVC
20.03.2017 06:39 <DIR> usbhub
04.06.2017 11:26 <DIR> Windows Workflow Foundation 3.0.0.0
20.03.2017 06:39 <DIR> Windows Workflow Foundation 4.0.0.0
08.09.2017 14:14 <DIR> WmiApRpl
20.03.2017 06:39 <DIR> wsearchidxpi
0 File(s) 0 bytes
34 Dir(s) 63˙297˙478˙656 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~1" =========

Volume in drive C has no label.
Volume Serial Number is 1032-CD2A

Directory of C:\PROGRA~1

08.09.2017 21:02 <DIR> .
08.09.2017 21:02 <DIR> ..
04.06.2017 10:33 <DIR> AMD
18.04.2017 19:31 <DIR> AVAST Software
19.04.2017 17:24 <DIR> CCleaner
04.06.2017 10:33 <DIR> Common Files
11.04.2017 20:41 <DIR> Google
04.06.2017 10:33 <DIR> Intel
04.06.2017 11:30 <DIR> Internet Explorer
04.06.2017 11:26 <DIR> MSBuild
04.06.2017 10:32 <DIR> Realtek
04.06.2017 11:26 <DIR> Reference Assemblies
11.04.2017 21:14 <DIR> Unigine
26.05.2017 14:52 <DIR> UNP
14.07.2017 21:08 <DIR> Windows Defender
20.03.2017 06:41 <DIR> Windows Defender Advanced Threat Protection
20.03.2017 06:39 <DIR> Windows Mail
20.03.2017 06:40 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
04.06.2017 10:38 <DIR> Windows NT
14.07.2017 21:08 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> Windows Security
18.03.2017 23:03 <DIR> WindowsPowerShell
0 File(s) 0 bytes
24 Dir(s) 63˙297˙474˙560 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Volume in drive C has no label.
Volume Serial Number is 1032-CD2A

Directory of C:\PROGRA~2

28.08.2017 22:00 <DIR> .
28.08.2017 22:00 <DIR> ..
08.09.2017 20:13 <DIR> Adguard
13.04.2017 22:31 <DIR> Adobe
04.06.2017 10:33 <DIR> AMD
05.09.2017 21:14 <DIR> Common Files
13.04.2017 22:27 <DIR> FreeCommander XE
11.04.2017 21:06 <DIR> Futuremark
12.04.2017 19:10 <DIR> GIGABYTE
11.04.2017 20:41 <DIR> Google
11.04.2017 20:41 <DIR> Intel
04.06.2017 11:30 <DIR> Internet Explorer
17.04.2017 14:18 <DIR> K-Lite Codec Pack
14.04.2017 21:13 <DIR> Microsoft Office
18.03.2017 23:03 <DIR> Microsoft.NET
04.06.2017 11:26 <DIR> MSBuild
11.04.2017 20:59 <DIR> OCCTPT
11.04.2017 20:41 <DIR> Realtek
04.06.2017 11:26 <DIR> Reference Assemblies
22.08.2017 21:11 <DIR> Seznam.cz
05.09.2017 21:14 <DIR> Skype
26.04.2017 19:38 <DIR> Ubisoft
11.04.2017 20:52 <DIR> VulkanRT
14.07.2017 21:08 <DIR> Windows Defender
20.03.2017 06:39 <DIR> Windows Mail
20.03.2017 06:40 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.03.2017 23:03 <DIR> Windows NT
14.07.2017 21:08 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> WindowsPowerShell
0 File(s) 0 bytes
31 Dir(s) 63˙297˙466˙368 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Volume in drive C has no label.
Volume Serial Number is 1032-CD2A

Directory of C:\PROGRA~3

08.09.2017 21:01 <DIR> Adguard
13.04.2017 22:31 <DIR> Adobe
06.07.2017 13:00 <DIR> AVAST Software
22.08.2017 22:01 <DIR> Caphyon
16.07.2016 13:47 <DIR> Comms
28.08.2017 22:00 259 fontcacheev1.dat
13.04.2017 19:44 <DIR> Futuremark
11.04.2017 20:41 <DIR> Google
11.04.2017 20:41 <DIR> Intel
04.06.2017 10:40 <DIR> Microsoft OneDrive
28.08.2017 22:00 <DIR> Package Cache
04.06.2017 10:37 <DIR> regid.1991-06.com.microsoft
05.09.2017 21:14 <DIR> Skype
18.03.2017 23:03 <DIR> SoftwareDistribution
04.06.2017 10:39 <DIR> USOPrivate
04.06.2017 10:39 <DIR> USOShared
20.03.2017 06:41 <DIR> WindowsHolographicDevices
1 File(s) 259 bytes
16 Dir(s) 63˙297˙462˙272 bytes free

========= End of CMD: =========


========= dir "%localappdata%" =========

Volume in drive C has no label.
Volume Serial Number is 1032-CD2A

Directory of C:\Users\uzivatel 1\AppData\Local

08.09.2017 09:08 <DIR> .
08.09.2017 09:08 <DIR> ..
11.04.2017 20:39 <DIR> ActiveSync
15.04.2017 09:43 <DIR> AMD
22.08.2017 21:17 <DIR> ATI
14.04.2017 00:38 <DIR> CEF
11.04.2017 20:45 <DIR> Comms
04.06.2017 10:40 <DIR> ConnectedDevicesPlatform
23.06.2017 14:56 <DIR> DBG
25.05.2017 20:39 <DIR> Diagnostics
17.04.2017 14:20 586˙752 file__0.localstorage
13.04.2017 22:27 <DIR> FreeCommanderXE
13.04.2017 22:35 <DIR> Google
28.08.2017 21:44 <DIR> Microsoft
14.04.2017 00:29 <DIR> MicrosoftEdge
12.04.2017 02:10 <DIR> OCCT_-_Ocbase_-_Adrien_Me
10.08.2017 10:19 <DIR> Packages
14.04.2017 00:47 <DIR> PeerDistRepub
28.08.2017 22:00 <DIR> Performix_LLC
12.04.2017 19:10 <DIR> Programs
11.04.2017 20:44 <DIR> Publishers
14.04.2017 00:38 <DIR> Steam
08.09.2017 21:02 <DIR> Temp
11.04.2017 20:37 <DIR> TileDataLayer
26.05.2017 16:35 <DIR> UNP
11.04.2017 20:37 <DIR> VirtualStore
1 File(s) 586˙752 bytes
25 Dir(s) 63˙297˙441˙792 bytes free

========= End of CMD: =========


========= dir "%appdata%" =========

Volume in drive C has no label.
Volume Serial Number is 1032-CD2A

Directory of C:\Users\uzivatel 1\AppData\Roaming

28.08.2017 22:00 <DIR> .
28.08.2017 22:00 <DIR> ..
01.09.2017 11:40 <DIR> .minecraft
11.04.2017 20:37 <DIR> Adobe
18.04.2017 19:29 <DIR> AVAST Software
22.08.2017 22:00 <DIR> Blizzard
12.04.2017 01:07 <DIR> Identities
11.04.2017 20:45 <DIR> Intel Corporation
13.04.2017 22:22 <DIR> Macromedia
28.08.2017 21:46 <DIR> Media Player Classic
28.08.2017 22:00 <DIR> Performix LLC
08.09.2017 20:18 <DIR> Seznam.cz
08.09.2017 20:55 <DIR> Skype
23.04.2017 20:13 <DIR> vlc
16.04.2017 20:33 <DIR> Wargaming.net
0 File(s) 0 bytes
15 Dir(s) 63˙297˙376˙256 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14327792 B
Java, Flash, Steam htmlcache => 431204547 B
Windows/system/drivers => 60713294 B
Edge => 59520426 B
Chrome => 380898903 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 2450 B
NetworkService => 0 B
uzivatel 1 => 125112184 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:02:41 ====

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#9 Příspěvek od altrok »

Odstrante soubor
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Steam Update.bat
a dejte vedet, zda to pomohlo.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

vkudla
Návštěvník
Návštěvník
Příspěvky: 11
Registrován: 27 zář 2015 16:33

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#10 Příspěvek od vkudla »

Dobrý den,
díky moc. Pomohlo to. Dobrá práce altroku. :D

V. Kudla

altrok
Moderátor
Moderátor
Příspěvky: 7257
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Vyskakující okno s reklamou AdChoices v MS Edge

#11 Příspěvek od altrok »

Jeste uklidime pouzite nastroje.
Nemate zac, rad jsem pomohl :worship:


Mejte se krasne a treba zase nekdy :bye:
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

Zamčeno