Zdravím,
poslední dobou se mi hodně seká notebook, někdy je jej musím i vypnout násilně. Prosím o kontrolu logu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Štěpuš at 2018-04-08 19:21:14
Microsoft Windows 10 Home
System drive C: has 38 GB (4%) free of 911 GB
Total RAM: 3988 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:21:40, on 8. 4. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
C:\ProgramData\Battle.net\Agent\Agent.6082\Agent.exe
C:\Program Files (x86)\Battle.net\Battle.net.exe
C:\Program Files (x86)\Battle.net\Battle.net.9997\Battle.net Helper.exe
C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.138\deploy\LeagueClient.exe
C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.138\deploy\LeagueClientUx.exe
C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.138\deploy\LeagueClientUxRender.exe
C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.138\deploy\LeagueClientUxRender.exe
C:\Program Files\trend micro\Štěpuš.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Štěpuš\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: CPP - CalcServer.lnk = C:\CPP\CppKalkulacky\CppCalcServer.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 11438 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1e5e6ee8-e2cd-45c2-b9df-89fcbeac5f9f -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3dec1e05-ffb0-4313-bbcb-48dda5d2ecbf -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a6e8e3ad-b511-4c7e-917f-d1e47bb308b3 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-134e8b1a-120d-4b8a-abc6-d56adc31055b -LifetimeId:b67cdcad-3423-47a6-84a8-d4f0c7258637 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k networkservice -s TermService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s SessionEnv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\WINDOWS\system32\DbxSvc.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs
dashost.exe {f2ba1f9e-f77c-4793-a4012c8a4afa2ac5}
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe" -ServerName:App.AppX495fygk72hjw82j58ny5h3nr8hpsd8vs.mca
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
Spotify.exe --autostart
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --capture-python --no-upload-gzip --no-rate-limit --database=C:\Users\Štěpuš\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-46.4.65 --annotation=client_session_id=eb45e055-cb48-4311-9262-745638042441 --annotation=host_int_account1_boot=17222766240 --annotation=machine_id=4ef8f4c8-3103-4602-b929-77dbfe4dbdf9 --annotation=platform=win --annotation=platform_version=10 --initial-client-data=0x22c,0x230,0x220,0x238,0x224,0x72258db8,0x72258dc8,0x72258dd8
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:eb45e055-cb48-4311-9262-745638042441 -target-handle:596 -target-shutdown-event:592 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_9240_ROGVRWGRCCVIZBPU
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Štěpuš\AppData\Local\SpotifyAppX\User Data\Crashpad" "--metrics-dir=C:\Users\Štěpuš\AppData\Local\SpotifyAppX\User Data" --url=https://crashdump.spotify.com:443 --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.0.75.483 --initial-client-data=0x678,0x67c,0x680,0x674,0x684,0x7268edf0,0x7268ee00,0x7268ee0c
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe" --type=gpu-process --disable-d3d11 --lang=en-US --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\debug.log" --log-severity=disable --product-version=Spotify/1.0.75.483 --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4642 --gpu-driver-date=3-28-2017 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --lang=en-US --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\debug.log" --log-severity=disable --product-version=Spotify/1.0.75.483 --service-request-channel-token=F12A115B5608966AB6AC70CEC63FAD2A --mojo-platform-channel-handle=2260 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe" --type=renderer --disable-browser-side-navigation --disable-pinch --service-pipe-token=F623E4084E2A84AA1F0BB5D81EC5E9F6 --lang=en-US --lang=en-US --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\debug.log" --log-severity=disable --product-version=Spotify/1.0.75.483 --disable-spell-checking --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=F623E4084E2A84AA1F0BB5D81EC5E9F6 --renderer-client-id=3 --mojo-platform-channel-handle=3312 /prefetch:1
"C:\ProgramData\Battle.net\Agent\Agent.6082\Agent.exe" --session=6527505571001102867
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\AUDIODG.EXE 0x744
"C:\Program Files (x86)\Battle.net\Battle.net.exe" --updatepid=11676
"Battle.net Helper.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\Štěpuš\AppData\Local\Battle.net\Logs\libcef-20180408T090214.402366.log" --log-severity=error --product-version="Battle.net/1.11.2.9997 Chrome/62.0.3202.94" --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4642 --gpu-driver-date=3-28-2017 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --lang=en-US --log-file="C:\Users\Štěpuš\AppData\Local\Battle.net\Logs\libcef-20180408T090214.402366.log" --log-severity=error --product-version="Battle.net/1.11.2.9997 Chrome/62.0.3202.94" --service-request-channel-token=AA7FEEC309EF06A0B2628C18CF049A45 --mojo-platform-channel-handle=2764 /prefetch:2
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:/Riot Games/League of Legends/RADS/projects/league_client/releases/0.0.0.138/deploy/LeagueClient.exe" "--release=0.0.0.108"
"C:/Riot Games/League of Legends/RADS/projects/league_client/releases/0.0.0.138/deploy/LeagueClientUx.exe" "--release=0.0.0.108" "--rads-product-directory=C:/Riot Games/League of Legends/RADS/solutions/league_client_sln/releases/0.0.0.108/deploy/" "--remoting-auth-token=lKh48KI6kP-8HORE6JsoRA" "--respawn-command=LeagueClient.exe" "--respawn-display-name=League of Legends" "--app-port=50104" "--install-directory=C:/Riot Games/League of Legends/" "--app-name=LeagueClient" "--ux-name=LeagueClientUx" "--ux-helper-name=LeagueClientUxHelper" "--log-dir=LeagueClient Logs" "--bugsplat-name=league_client_riotgames_com" "--bugsplat-platform-id=EUN1" "--app-log-file-path=C:/Riot Games/League of Legends/Logs/LeagueClient Logs/2018-04-08T14-18-12_8560_LeagueClient.log" "--app-pid=8560" "--no-proxy-server"
LeagueClientUxRender.exe --type=gpu-process --channel="11812.0.1289994319\1193409346" --no-sandbox --lang=en-US --log-file="C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.138\deploy\debug.log" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4642 --lang=en-US --log-file="C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.138\deploy\debug.log" /prefetch:2 --app-name=LeagueClient --ux-name=LeagueClientUx --ux-helper-name=LeagueClientUxHelper --log-dir="LeagueClient Logs" --bugsplat-name=league_client_riotgames_com --app-port=50104 --bugsplat-platform-id=EUN1 --app-log-file-path="C:/Riot Games/League of Legends/Logs/LeagueClient Logs/2018-04-08T14-18-12_8560_LeagueClient.log" --primary-ux-log-file-path="C:/Riot Games/League of Legends/Logs/LeagueClient Logs/2018-04-08T14-18-21_11812_LeagueClientUx.log"
LeagueClientUxRender.exe --type=renderer --no-sandbox --disable-databases --lang=en-US --lang=en-US --log-file="C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.138\deploy\debug.log" --disable-spell-checking --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="11812.1.995104557\526881950" /prefetch:1 --app-name=LeagueClient --ux-name=LeagueClientUx --ux-helper-name=LeagueClientUxHelper --log-dir="LeagueClient Logs" --bugsplat-name=league_client_riotgames_com --app-port=50104 --bugsplat-platform-id=EUN1 --app-log-file-path="C:/Riot Games/League of Legends/Logs/LeagueClient Logs/2018-04-08T14-18-12_8560_LeagueClient.log" --primary-ux-log-file-path="C:/Riot Games/League of Legends/Logs/LeagueClient Logs/2018-04-08T14-18-21_11812_LeagueClientUx.log"
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe198_ Global\UsGthrCtrlFltPipeMssGthrPipe198 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=65.0.3325.181 --initial-client-data=0x1dc,0x1e0,0x1e4,0x1d8,0x1e8,0x7ff9e73bf1e8,0x7ff9e73bf1f8,0x7ff9e73bf208
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5784 --on-initialized-event-handle=652 --parent-handle=656 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1612,16381808451587510985,16604724343413983846,131072 --gpu-preferences=KAAAAAAAAAAABwAAAQAAAAAAAAAAAGAAAQAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --gpu-vendor-id=0x8086 --gpu-device-id=0x0a16 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4642 --gpu-driver-date=3-28-2017 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1341 --service-request-channel-token=BC01D7EC961E7D442C9843968CF17AAB --mojo-platform-channel-handle=1620 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1612,16381808451587510985,16604724343413983846,131072 --service-pipe-token=6FBD89F9E5303A0E5D43D96FB04B7C52 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=6FBD89F9E5303A0E5D43D96FB04B7C52 --renderer-client-id=3 --mojo-platform-channel-handle=2940 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1612,16381808451587510985,16604724343413983846,131072 --service-pipe-token=9D58896EAD185AAB16938C62537C0575 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=9D58896EAD185AAB16938C62537C0575 --renderer-client-id=9 --mojo-platform-channel-handle=5272 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1612,16381808451587510985,16604724343413983846,131072 --service-pipe-token=A4CE9C931E060E3BFA02F4D0A96373A1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=A4CE9C931E060E3BFA02F4D0A96373A1 --renderer-client-id=11 --mojo-platform-channel-handle=4376 /prefetch:1
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Štěpuš\Downloads\RSITx64.exe"
======Scheduled tasks folder======
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Předpokládám problém se svchost.exe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Předpokládám problém se svchost.exe
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Předpokládám problém se svchost.exe
Tady log, který mi to vypsalo
# AdwCleaner 7.0.8.0 - Logfile created on Sun Apr 08 21:10:49 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
Deleted: C:\Users\Štěpuš\Downloads\ReimageRepair.exe
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
Plugin deleted: Movie Search -
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [4044 B] - [2016/8/28 7:0:27]
C:/AdwCleaner/AdwCleaner[C2].txt - [1346 B] - [2016/9/14 15:16:39]
C:/AdwCleaner/AdwCleaner[C3].txt - [1311 B] - [2016/9/16 19:20:7]
C:/AdwCleaner/AdwCleaner[S0].txt - [4141 B] - [2016/8/28 6:59:3]
C:/AdwCleaner/AdwCleaner[S1].txt - [1652 B] - [2016/9/14 15:16:13]
C:/AdwCleaner/AdwCleaner[S2].txt - [1680 B] - [2016/9/16 19:19:37]
C:/AdwCleaner/AdwCleaner[S3].txt - [1828 B] - [2016/9/23 20:15:48]
C:/AdwCleaner/AdwCleaner[S4].txt - [1900 B] - [2016/10/17 7:14:19]
C:/AdwCleaner/AdwCleaner[S5].txt - [1830 B] - [2018/4/8 20:59:8]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########
# AdwCleaner 7.0.8.0 - Logfile created on Sun Apr 08 21:10:49 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
Deleted: C:\Users\Štěpuš\Downloads\ReimageRepair.exe
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
Deleted: C:\Windows\SysNative\drivers\EsgScanner.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
Plugin deleted: Movie Search -
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [4044 B] - [2016/8/28 7:0:27]
C:/AdwCleaner/AdwCleaner[C2].txt - [1346 B] - [2016/9/14 15:16:39]
C:/AdwCleaner/AdwCleaner[C3].txt - [1311 B] - [2016/9/16 19:20:7]
C:/AdwCleaner/AdwCleaner[S0].txt - [4141 B] - [2016/8/28 6:59:3]
C:/AdwCleaner/AdwCleaner[S1].txt - [1652 B] - [2016/9/14 15:16:13]
C:/AdwCleaner/AdwCleaner[S2].txt - [1680 B] - [2016/9/16 19:19:37]
C:/AdwCleaner/AdwCleaner[S3].txt - [1828 B] - [2016/9/23 20:15:48]
C:/AdwCleaner/AdwCleaner[S4].txt - [1900 B] - [2016/10/17 7:14:19]
C:/AdwCleaner/AdwCleaner[S5].txt - [1830 B] - [2018/4/8 20:59:8]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Předpokládám problém se svchost.exe
Teď Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Předpokládám problém se svchost.exe
log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Štěpuš (administrator) on STEPUS (09-04-2018 14:18:15)
Running from C:\Users\Štěpuš\Desktop
Loaded Profiles: Štěpuš (Available Profiles: UpdatusUser & Štěpuš & Tomas & Guest)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe.old
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsUI.exe
() C:\Program Files\Reason\Security\rsLggr.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsService.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_bg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [324216 2017-10-26] (ESET)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3639616 2018-03-28] (Dropbox, Inc.)
HKU\S-1-5-21-2906165807-120342769-459277619-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-2906165807-120342769-459277619-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
Startup: C:\Users\Štěpuš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPP - CalcServer.lnk [2017-03-02]
ShortcutTarget: CPP - CalcServer.lnk -> C:\CPP\CppKalkulacky\CppCalcServer.exe (Pražská softwarová s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{115eccd8-72d8-4640-bb1c-e821bbc9b2d3}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-05] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-05] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
FireFox:
========
FF DefaultProfile: 93xpp70l.default
FF ProfilePath: C:\Users\Štěpuš\AppData\Roaming\Zotero\Zotero\Profiles\93xpp70l.default [2017-10-18]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero\extensions\zoteroOpenOfficeIntegration@zotero.org [2017-10-18] [Legacy] [not signed]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero\extensions\zoteroWinWordIntegration@zotero.org [2017-10-18] [Legacy] [not signed]
FF ProfilePath: C:\Users\Štěpuš\AppData\Roaming\Mozilla\Firefox\Profiles\5tyl9jkt.default-1454157336761 [2018-04-08]
FF Homepage: Mozilla\Firefox\Profiles\5tyl9jkt.default-1454157336761 -> hxxps://www.seznam.cz/?clid=22668
FF NewTab: Mozilla\Firefox\Profiles\5tyl9jkt.default-1454157336761 -> about:newtab
FF SearchPlugin: C:\Users\Štěpuš\AppData\Roaming\Mozilla\Firefox\Profiles\5tyl9jkt.default-1454157336761\searchplugins\seznam-avast.xml [2016-09-23]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]
FF HKU\S-1-5-21-2906165807-120342769-459277619-1002\...\Firefox\Extensions: [{E80ADC41-AFC8-63D1-CE9E-FFDFAC79BFD9}] - C:\Program Files (x86)\version71CheckMeUp\193.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2906165807-120342769-459277619-1002: @my.com/Games -> C:\Users\Štěpuš\AppData\Local\MyComGames\NPMyComDetector.dll [No File]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://movix.searchalgo.com/search/?category=web&s=vsds&q={searchTerms}
CHR DefaultSearchKeyword: Default -> goMusix
CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms}
CHR Profile: C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default [2018-04-09]
CHR Extension: (Prezentace) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Dokumenty) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Adblock Plus) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-28]
CHR Extension: (softorama) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfdniemoeflbhlmcnammemhdahpcjni [2016-08-28]
CHR Extension: (Messages Saver for Facebook™) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\kflkdhmijdgjnlbdkfgdmolcjnflmlhf [2016-09-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Messages Saver for Facebook™) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaimmbbnnhmibhbocchkfcakiankbnlk [2017-11-26]
CHR Extension: (Gmail) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-02] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-28] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2648184 2017-10-26] (ESET)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel Corporation)
R2 rscp; C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe [296728 2018-04-09] (Reason Software Company Inc.)
R2 rsService; C:\Program Files\Reason\Security\rsService.exe [253720 2017-11-19] (Reason Software Company Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-06-01] (Synaptics Incorporated)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-01] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-09-05] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-10-26] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107344 2017-05-04] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-10-26] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2017-10-26] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [102160 2017-10-26] (ESET)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-03-01] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288296 2018-03-01] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-01] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-09 14:15 - 2018-04-09 14:15 - 000031621 _____ C:\Users\Štěpuš\Desktop\FRST3.txt
2018-04-09 14:11 - 2018-04-09 14:17 - 000082184 _____ C:\Users\Štěpuš\Desktop\Addition.txt
2018-04-09 13:59 - 2018-04-09 14:19 - 000019579 _____ C:\Users\Štěpuš\Desktop\FRST.txt
2018-04-09 13:56 - 2018-04-09 13:56 - 000000000 ____D C:\Users\Štěpuš\Desktop\FRST-OlderVersion
2018-04-09 13:51 - 2018-04-09 13:51 - 000099688 _____ C:\Users\Štěpuš\Downloads\Nepotvrzeno 878800.crdownload
2018-04-09 13:49 - 2018-04-09 13:49 - 000111354 _____ C:\Users\Štěpuš\Downloads\Nepotvrzeno 315135.crdownload
2018-04-09 13:47 - 2018-04-09 13:47 - 000000000 ____D C:\ProgramData\Reason
2018-04-09 13:46 - 2018-04-09 13:46 - 000003640 _____ C:\WINDOWS\System32\Tasks\Reason Core Security Scheduled Scan
2018-04-09 13:46 - 2018-04-09 13:46 - 000003470 _____ C:\WINDOWS\System32\Tasks\Reason Core Security
2018-04-09 13:46 - 2018-04-09 13:46 - 000001182 _____ C:\Users\Štěpuš\Desktop\Reason Core Security.lnk
2018-04-09 13:46 - 2018-04-09 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2018-04-09 13:46 - 2018-04-09 13:46 - 000000000 ____D C:\Program Files\Reason
2018-04-09 13:44 - 2018-04-09 13:45 - 011420384 _____ (Reason Software Company Inc.) C:\Users\Štěpuš\Downloads\reason-core-security-setup.exe
2018-04-08 22:47 - 2018-04-08 22:47 - 008222496 _____ (Malwarebytes) C:\Users\Štěpuš\Desktop\adwcleaner_7.0.8.0 (1).exe
2018-04-08 19:21 - 2018-04-08 19:21 - 000000000 ____D C:\rsit
2018-04-08 19:21 - 2018-04-08 19:21 - 000000000 ____D C:\Program Files\trend micro
2018-04-08 19:19 - 2018-04-08 19:20 - 001222144 _____ C:\Users\Štěpuš\Downloads\RSITx64.exe
2018-04-08 18:40 - 2018-04-08 18:44 - 000000000 ____D C:\Users\Štěpuš\Desktop\Složka
2018-04-06 11:46 - 2018-04-06 11:46 - 000383947 _____ C:\Users\Štěpuš\Downloads\štěp.pdf
2018-03-30 20:24 - 2018-03-30 20:24 - 000040378 _____ C:\Users\Štěpuš\Downloads\Young.Sheldon.S01E06.HDTV.x264-SVA[eztv].mkv.torrent
2018-03-30 13:14 - 2018-03-30 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-28 16:31 - 2018-03-28 16:31 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-03-28 16:31 - 2018-03-28 16:31 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-03-28 16:31 - 2018-03-28 16:31 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-03-28 16:31 - 2018-03-28 16:31 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-03-24 11:28 - 2018-03-24 11:29 - 000120170 _____ C:\Users\Štěpuš\Downloads\Šrámková Štěpánka (1).PDF
2018-03-13 12:47 - 2018-03-13 12:47 - 000004628 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-13 12:46 - 2018-03-13 12:46 - 006210560 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-09 14:18 - 2016-08-28 09:14 - 000000000 ____D C:\FRST
2018-04-09 14:10 - 2017-12-23 02:08 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9521D376-DEBD-4673-A001-E3F716F5956F}
2018-04-09 13:56 - 2016-08-28 09:13 - 002403328 _____ (Farbar) C:\Users\Štěpuš\Desktop\FRST64.exe
2018-04-09 12:01 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-04-09 12:00 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-09 11:59 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-09 11:55 - 2017-12-23 01:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-08 23:20 - 2016-11-13 16:48 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-08 23:12 - 2017-12-23 02:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-08 23:12 - 2016-09-17 23:53 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-08 23:12 - 2016-09-17 23:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-04-08 23:12 - 2015-08-13 09:34 - 000000000 __SHD C:\Users\Štěpuš\IntelGraphicsProfiles
2018-04-08 23:11 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-04-08 22:59 - 2016-08-28 08:55 - 000000000 ____D C:\AdwCleaner
2018-04-08 22:51 - 2017-12-23 01:36 - 000000000 ____D C:\Users\Štěpuš
2018-04-08 22:42 - 2018-01-19 21:15 - 000000000 ____D C:\Users\Štěpuš\AppData\Local\Battle.net
2018-04-08 18:47 - 2016-06-05 12:52 - 000001106 _____ C:\Users\Štěpuš\Desktop\Hry.lnk
2018-04-08 11:02 - 2016-11-28 01:48 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-04-08 11:00 - 2017-10-18 14:03 - 000000000 ____D C:\Users\Štěpuš\AppData\LocalLow\Mozilla
2018-04-06 09:52 - 2015-08-30 20:29 - 000000000 ____D C:\Users\Štěpuš\AppData\Roaming\vlc
2018-03-30 20:26 - 2017-06-12 19:59 - 000000000 ____D C:\Users\Štěpuš\AppData\Roaming\uTorrent
2018-03-30 13:15 - 2017-03-02 10:36 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-03-30 12:59 - 2017-03-02 10:36 - 000000000 ____D C:\Users\Štěpuš\AppData\Local\Dropbox
2018-03-29 14:59 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-03-29 14:26 - 2017-12-23 01:35 - 002230408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-29 14:26 - 2017-09-30 16:31 - 000951416 _____ C:\WINDOWS\system32\perfh005.dat
2018-03-29 14:26 - 2017-09-30 16:31 - 000223882 _____ C:\WINDOWS\system32\perfc005.dat
2018-03-24 11:35 - 2018-01-19 21:23 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-03-23 01:25 - 2015-08-25 20:22 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-20 12:14 - 2017-12-23 03:31 - 000000000 ____D C:\Users\Štěpuš\AppData\Local\ConnectedDevicesPlatform
2018-03-19 14:17 - 2018-01-13 00:23 - 000000000 ____D C:\WINDOWS\Minidump
2018-03-17 23:15 - 2017-12-12 15:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-17 23:15 - 2015-08-23 18:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-17 23:09 - 2015-08-23 18:33 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-17 23:04 - 2015-08-27 21:07 - 000000000 ____D C:\Users\Štěpuš\AppData\Roaming\Skype
2018-03-17 22:41 - 2015-09-07 16:03 - 000000000 ____D C:\Users\Štěpuš\AppData\Roaming\ESET
2018-03-14 12:56 - 2015-08-24 07:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 12:49 - 2017-12-16 22:30 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 12:49 - 2015-08-24 07:05 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-13 12:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-03-13 12:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories =======
2017-08-11 16:34 - 2017-08-11 16:34 - 000007995 _____ () C:\Users\Štěpuš\AppData\Local\recently-used.xbel
2018-01-11 11:08 - 2018-02-19 17:14 - 000211968 _____ () C:\Users\Štěpuš\AppData\Local\WebpageIcons.db
2016-05-16 07:57 - 2016-05-16 07:57 - 000000000 _____ () C:\Users\Štěpuš\AppData\Local\{773A262C-C332-4C3A-AD0A-B53DDBD7C18A}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-30 20:41
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Štěpuš (administrator) on STEPUS (09-04-2018 14:18:15)
Running from C:\Users\Štěpuš\Desktop
Loaded Profiles: Štěpuš (Available Profiles: UpdatusUser & Štěpuš & Tomas & Guest)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe.old
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsUI.exe
() C:\Program Files\Reason\Security\rsLggr.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\rsService.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe
(Reason Software Company Inc.) C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_bg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [324216 2017-10-26] (ESET)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3639616 2018-03-28] (Dropbox, Inc.)
HKU\S-1-5-21-2906165807-120342769-459277619-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3199776 2018-04-03] (Valve Corporation)
HKU\S-1-5-21-2906165807-120342769-459277619-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
Startup: C:\Users\Štěpuš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPP - CalcServer.lnk [2017-03-02]
ShortcutTarget: CPP - CalcServer.lnk -> C:\CPP\CppKalkulacky\CppCalcServer.exe (Pražská softwarová s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{115eccd8-72d8-4640-bb1c-e821bbc9b2d3}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-05] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-05] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
FireFox:
========
FF DefaultProfile: 93xpp70l.default
FF ProfilePath: C:\Users\Štěpuš\AppData\Roaming\Zotero\Zotero\Profiles\93xpp70l.default [2017-10-18]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero\extensions\zoteroOpenOfficeIntegration@zotero.org [2017-10-18] [Legacy] [not signed]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero\extensions\zoteroWinWordIntegration@zotero.org [2017-10-18] [Legacy] [not signed]
FF ProfilePath: C:\Users\Štěpuš\AppData\Roaming\Mozilla\Firefox\Profiles\5tyl9jkt.default-1454157336761 [2018-04-08]
FF Homepage: Mozilla\Firefox\Profiles\5tyl9jkt.default-1454157336761 -> hxxps://www.seznam.cz/?clid=22668
FF NewTab: Mozilla\Firefox\Profiles\5tyl9jkt.default-1454157336761 -> about:newtab
FF SearchPlugin: C:\Users\Štěpuš\AppData\Roaming\Mozilla\Firefox\Profiles\5tyl9jkt.default-1454157336761\searchplugins\seznam-avast.xml [2016-09-23]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]
FF HKU\S-1-5-21-2906165807-120342769-459277619-1002\...\Firefox\Extensions: [{E80ADC41-AFC8-63D1-CE9E-FFDFAC79BFD9}] - C:\Program Files (x86)\version71CheckMeUp\193.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2906165807-120342769-459277619-1002: @my.com/Games -> C:\Users\Štěpuš\AppData\Local\MyComGames\NPMyComDetector.dll [No File]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://movix.searchalgo.com/search/?category=web&s=vsds&q={searchTerms}
CHR DefaultSearchKeyword: Default -> goMusix
CHR DefaultSuggestURL: Default -> hxxp://sug.searchalgo.com/search/index_sg.php?q={searchTerms}
CHR Profile: C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default [2018-04-09]
CHR Extension: (Prezentace) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Dokumenty) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03]
CHR Extension: (YouTube) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-03]
CHR Extension: (Adblock Plus) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Tabulky) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-28]
CHR Extension: (softorama) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfdniemoeflbhlmcnammemhdahpcjni [2016-08-28]
CHR Extension: (Messages Saver for Facebook™) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\kflkdhmijdgjnlbdkfgdmolcjnflmlhf [2016-09-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Messages Saver for Facebook™) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaimmbbnnhmibhbocchkfcakiankbnlk [2017-11-26]
CHR Extension: (Gmail) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Štěpuš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-02] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-28] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2648184 2017-10-26] (ESET)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel Corporation)
R2 rscp; C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe [296728 2018-04-09] (Reason Software Company Inc.)
R2 rsService; C:\Program Files\Reason\Security\rsService.exe [253720 2017-11-19] (Reason Software Company Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-06-01] (Synaptics Incorporated)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-01] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-01] (Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe [252816 2015-04-30] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-09-05] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-10-26] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107344 2017-05-04] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15392 2017-10-26] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2017-10-26] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [102160 2017-10-26] (ESET)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-03-01] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288296 2018-03-01] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-01] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-09 14:15 - 2018-04-09 14:15 - 000031621 _____ C:\Users\Štěpuš\Desktop\FRST3.txt
2018-04-09 14:11 - 2018-04-09 14:17 - 000082184 _____ C:\Users\Štěpuš\Desktop\Addition.txt
2018-04-09 13:59 - 2018-04-09 14:19 - 000019579 _____ C:\Users\Štěpuš\Desktop\FRST.txt
2018-04-09 13:56 - 2018-04-09 13:56 - 000000000 ____D C:\Users\Štěpuš\Desktop\FRST-OlderVersion
2018-04-09 13:51 - 2018-04-09 13:51 - 000099688 _____ C:\Users\Štěpuš\Downloads\Nepotvrzeno 878800.crdownload
2018-04-09 13:49 - 2018-04-09 13:49 - 000111354 _____ C:\Users\Štěpuš\Downloads\Nepotvrzeno 315135.crdownload
2018-04-09 13:47 - 2018-04-09 13:47 - 000000000 ____D C:\ProgramData\Reason
2018-04-09 13:46 - 2018-04-09 13:46 - 000003640 _____ C:\WINDOWS\System32\Tasks\Reason Core Security Scheduled Scan
2018-04-09 13:46 - 2018-04-09 13:46 - 000003470 _____ C:\WINDOWS\System32\Tasks\Reason Core Security
2018-04-09 13:46 - 2018-04-09 13:46 - 000001182 _____ C:\Users\Štěpuš\Desktop\Reason Core Security.lnk
2018-04-09 13:46 - 2018-04-09 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security
2018-04-09 13:46 - 2018-04-09 13:46 - 000000000 ____D C:\Program Files\Reason
2018-04-09 13:44 - 2018-04-09 13:45 - 011420384 _____ (Reason Software Company Inc.) C:\Users\Štěpuš\Downloads\reason-core-security-setup.exe
2018-04-08 22:47 - 2018-04-08 22:47 - 008222496 _____ (Malwarebytes) C:\Users\Štěpuš\Desktop\adwcleaner_7.0.8.0 (1).exe
2018-04-08 19:21 - 2018-04-08 19:21 - 000000000 ____D C:\rsit
2018-04-08 19:21 - 2018-04-08 19:21 - 000000000 ____D C:\Program Files\trend micro
2018-04-08 19:19 - 2018-04-08 19:20 - 001222144 _____ C:\Users\Štěpuš\Downloads\RSITx64.exe
2018-04-08 18:40 - 2018-04-08 18:44 - 000000000 ____D C:\Users\Štěpuš\Desktop\Složka
2018-04-06 11:46 - 2018-04-06 11:46 - 000383947 _____ C:\Users\Štěpuš\Downloads\štěp.pdf
2018-03-30 20:24 - 2018-03-30 20:24 - 000040378 _____ C:\Users\Štěpuš\Downloads\Young.Sheldon.S01E06.HDTV.x264-SVA[eztv].mkv.torrent
2018-03-30 13:14 - 2018-03-30 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-28 16:31 - 2018-03-28 16:31 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-03-28 16:31 - 2018-03-28 16:31 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-03-28 16:31 - 2018-03-28 16:31 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-03-28 16:31 - 2018-03-28 16:31 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-03-24 11:28 - 2018-03-24 11:29 - 000120170 _____ C:\Users\Štěpuš\Downloads\Šrámková Štěpánka (1).PDF
2018-03-13 12:47 - 2018-03-13 12:47 - 000004628 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-13 12:46 - 2018-03-13 12:46 - 006210560 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-09 14:18 - 2016-08-28 09:14 - 000000000 ____D C:\FRST
2018-04-09 14:10 - 2017-12-23 02:08 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9521D376-DEBD-4673-A001-E3F716F5956F}
2018-04-09 13:56 - 2016-08-28 09:13 - 002403328 _____ (Farbar) C:\Users\Štěpuš\Desktop\FRST64.exe
2018-04-09 12:01 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-04-09 12:00 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-09 11:59 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-09 11:55 - 2017-12-23 01:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-08 23:20 - 2016-11-13 16:48 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-08 23:12 - 2017-12-23 02:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-08 23:12 - 2016-09-17 23:53 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-08 23:12 - 2016-09-17 23:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-04-08 23:12 - 2015-08-13 09:34 - 000000000 __SHD C:\Users\Štěpuš\IntelGraphicsProfiles
2018-04-08 23:11 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-04-08 22:59 - 2016-08-28 08:55 - 000000000 ____D C:\AdwCleaner
2018-04-08 22:51 - 2017-12-23 01:36 - 000000000 ____D C:\Users\Štěpuš
2018-04-08 22:42 - 2018-01-19 21:15 - 000000000 ____D C:\Users\Štěpuš\AppData\Local\Battle.net
2018-04-08 18:47 - 2016-06-05 12:52 - 000001106 _____ C:\Users\Štěpuš\Desktop\Hry.lnk
2018-04-08 11:02 - 2016-11-28 01:48 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-04-08 11:00 - 2017-10-18 14:03 - 000000000 ____D C:\Users\Štěpuš\AppData\LocalLow\Mozilla
2018-04-06 09:52 - 2015-08-30 20:29 - 000000000 ____D C:\Users\Štěpuš\AppData\Roaming\vlc
2018-03-30 20:26 - 2017-06-12 19:59 - 000000000 ____D C:\Users\Štěpuš\AppData\Roaming\uTorrent
2018-03-30 13:15 - 2017-03-02 10:36 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-03-30 12:59 - 2017-03-02 10:36 - 000000000 ____D C:\Users\Štěpuš\AppData\Local\Dropbox
2018-03-29 14:59 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-03-29 14:26 - 2017-12-23 01:35 - 002230408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-29 14:26 - 2017-09-30 16:31 - 000951416 _____ C:\WINDOWS\system32\perfh005.dat
2018-03-29 14:26 - 2017-09-30 16:31 - 000223882 _____ C:\WINDOWS\system32\perfc005.dat
2018-03-24 11:35 - 2018-01-19 21:23 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-03-23 01:25 - 2015-08-25 20:22 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-20 12:14 - 2017-12-23 03:31 - 000000000 ____D C:\Users\Štěpuš\AppData\Local\ConnectedDevicesPlatform
2018-03-19 14:17 - 2018-01-13 00:23 - 000000000 ____D C:\WINDOWS\Minidump
2018-03-17 23:15 - 2017-12-12 15:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-17 23:15 - 2015-08-23 18:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-17 23:09 - 2015-08-23 18:33 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-17 23:04 - 2015-08-27 21:07 - 000000000 ____D C:\Users\Štěpuš\AppData\Roaming\Skype
2018-03-17 22:41 - 2015-09-07 16:03 - 000000000 ____D C:\Users\Štěpuš\AppData\Roaming\ESET
2018-03-14 12:56 - 2015-08-24 07:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 12:49 - 2017-12-16 22:30 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 12:49 - 2015-08-24 07:05 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-13 12:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-03-13 12:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories =======
2017-08-11 16:34 - 2017-08-11 16:34 - 000007995 _____ () C:\Users\Štěpuš\AppData\Local\recently-used.xbel
2018-01-11 11:08 - 2018-02-19 17:14 - 000211968 _____ () C:\Users\Štěpuš\AppData\Local\WebpageIcons.db
2016-05-16 07:57 - 2016-05-16 07:57 - 000000000 _____ () C:\Users\Štěpuš\AppData\Local\{773A262C-C332-4C3A-AD0A-B53DDBD7C18A}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-30 20:41
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Předpokládám problém se svchost.exe
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Štěpuš\AppData\Local\{773A262C-C332-4C3A-AD0A-B53DDBD7C18A}
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Předpokládám problém se svchost.exe
Udělala jsem vše podle vašeho návodu, ale jen na mě vyskočila tabulka, že fixlog se vytvořil a že je nutný restart. Po odkliknutí se notebook ihned restartoval a fixlog nikde. 
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Předpokládám problém se svchost.exe
Soubor fixlog.txt by měl být na ploše. Otevřte ho a obsah sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Předpokládám problém se svchost.exe
Já jsem pochopila, jak to bylo myšleno. Ale žádný takový soubor se mi na ploše ani jinde nevytvořil. Pokusila jsem se postup i zopakovat, pokaždé se stejným výsledkem.
Edit: po úpravě v "antivirové ochraně" už se vytvořil..
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Štěpuš (10-04-2018 10:53:53) Run:5
Running from C:\Users\Štěpuš\Desktop
Loaded Profiles: Štěpuš (Available Profiles: UpdatusUser & Štěpuš & Tomas & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\�t�pu�\AppData\Local\{773A262C-C332-4C3A-AD0A-B53DDBD7C18A}
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\Users\�t�pu�\AppData\Local\{773A262C-C332-4C3A-AD0A-B53DDBD7C18A}" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9529826 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 45179 B
Edge => 0 B
Chrome => 376508047 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 4760 B
UpdatusUser => 0 B
Štěpuš => 10253020 B
Tomas => 0 B
Guest => 0 B
RecycleBin => 0 B
EmptyTemp: => 385.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:54:12 ====
Edit: po úpravě v "antivirové ochraně" už se vytvořil..
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Štěpuš (10-04-2018 10:53:53) Run:5
Running from C:\Users\Štěpuš\Desktop
Loaded Profiles: Štěpuš (Available Profiles: UpdatusUser & Štěpuš & Tomas & Guest)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\�t�pu�\AppData\Local\{773A262C-C332-4C3A-AD0A-B53DDBD7C18A}
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\Users\�t�pu�\AppData\Local\{773A262C-C332-4C3A-AD0A-B53DDBD7C18A}" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9529826 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 45179 B
Edge => 0 B
Chrome => 376508047 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 4760 B
UpdatusUser => 0 B
Štěpuš => 10253020 B
Tomas => 0 B
Guest => 0 B
RecycleBin => 0 B
EmptyTemp: => 385.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 10:54:12 ====
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Předpokládám problém se svchost.exe
OK, smazáno. Nastala nějaká změna. Ten soubor se obvykle otevírá automaticky. Pokud ne, dávám instrukci, že je ve stejném adresáři, jako FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Předpokládám problém se svchost.exe
Dobře, děkuji.. Ale ten svchost.exe tam pořád je, je to problém? těch procesů je tam hrozně moc a ukončovat je jeden po druhém nikdy nijak nedopadlo.
K tomu vytvoření souboru, myslím, že antivir měl problém s FRST aplikací, i když se předchozí soubory objevily, jakmile jsem jej přidala mezi ty, které mohou zapisovat a vytvářet soubory, tak se vytvořil.
K tomu vytvoření souboru, myslím, že antivir měl problém s FRST aplikací, i když se předchozí soubory objevily, jakmile jsem jej přidala mezi ty, které mohou zapisovat a vytvářet soubory, tak se vytvořil.
-
Rudy
- Site Admin
- Příspěvky: 118240
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Předpokládám problém se svchost.exe
Podstatné je, nakolik zatěžují systém. Svchost může být spuštěn vícekrát, je to proces, který řídí spouštění z knihoven *.dll. Při vysokém zatížení je předpoklad, že něco nefuguje správně.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?