Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakování oken v prohlížeči

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
stargate17
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 04 črc 2018 21:11

Vyskakování oken v prohlížeči

#1 Příspěvek od stargate17 »

Zdar,
už nějakou dobu se mi samovolně otvírají nová okna v Chromu a prohlížeč je zpomalený. Když zkusím stáhnout AdwCleaner, prohlížeč spadne, když si ten instalační soubor přesunu z jiného zařízení, spustí se jenom na zlomek vteřiny...
Co s tím?
Díky moc

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Vyskakování oken v prohlížeči

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Vyskusaj to v nudzovom rezime. Ak ani to nepojde, tak posli logy z FRST:
:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

stargate17
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 04 črc 2018 21:11

Re: Vyskakování oken v prohlížeči

#3 Příspěvek od stargate17 »

Zdar,
omlouvám se za tu dlouhou pauzu, ale poslední dobou jsem vůbec nestíhal... Navíc až teď se mi podařilo obejít ten vir a získat konečně log...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uzivatel at 2018-07-23 21:38:35
Microsoft Windows 10 Home
System drive C: has 441 GB (47%) free of 936 GB
Total RAM: 3274 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:39:25, on 23. 7. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0098)
Boot mode: Normal

Running processes:
C:\Users\Uzivatel\AppData\Roaming\BwYLTEF.exe
C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
C:\Program Files\trend micro\Uzivatel.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - (no file)
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [BackgroundSwitcher] "C:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe"
O4 - HKCU\..\Run: [vidnotifier.exe] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
O4 - HKCU\..\Run: [Spotify] C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Uzivatel\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Unknown owner - C:\Program Files (x86)\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 13171 bytes

======Listing Processes======








C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p

C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x36c
dashost.exe {9fbd2211-0fc3-42de-877360f5422682f0}
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"

"C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"

"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService

"C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe" -r "C:\Users\Uzivatel\AppData\Local\AOP SDK\Acer Infra\acer\SyncAgent" -u S-1-5-21-911532830-945509587-2248563984-1001 -c 700 -s 538 -g "C:\ProgramData\acer\CCD"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.188_none_16c3dcde323064d9\TiWorker.exe -Embedding
"C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe" -userServiceMode
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe"
"C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QASvc.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Quick Access\QAEvent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Launch Manager\LMTray.exe"
"C:\Program Files\Acer\Acer Quick Access\QAMsg.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Users\Uzivatel\AppData\Roaming\BwYLTEF.exe /q /i http://luckystat.info/xuy00us7ivtt.lrp
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10228.20127.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 744 752 8192 748
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe"
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Users\Uzivatel\Desktop\RSITx64.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files\WindowsApps\AppleInc.iTunes_12080.150.37023.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0x220,0x224,0x228,0x21c,0x22c,0x6c7d0060,0x6c7d0070,0x6c7d007c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3284 --on-initialized-event-handle=716 --parent-handle=720 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1548,1727679897916974450,7998204734290957946,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=AF4EA9C1A44452CA6960AAF89693147F --mojo-platform-channel-handle=1568 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,1727679897916974450,7998204734290957946,131072 --service-pipe-token=43635D8D909B58900B64C8336686748F --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=43635D8D909B58900B64C8336686748F --renderer-client-id=8 --mojo-platform-channel-handle=2668 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,1727679897916974450,7998204734290957946,131072 --service-pipe-token=FDE5ACA15A6ADDEA4FF6B94665D2E014 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=FDE5ACA15A6ADDEA4FF6B94665D2E014 --renderer-client-id=9 --mojo-platform-channel-handle=3120 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,1727679897916974450,7998204734290957946,131072 --service-pipe-token=C850472DA51D6EECCCBCBCDC0D379345 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C850472DA51D6EECCCBCBCDC0D379345 --renderer-client-id=3 --mojo-platform-channel-handle=3144 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,1727679897916974450,7998204734290957946,131072 --service-pipe-token=76012BB0AF08234E8181FAEC5132E359 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=76012BB0AF08234E8181FAEC5132E359 --renderer-client-id=4 --mojo-platform-channel-handle=4256 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,1727679897916974450,7998204734290957946,131072 --service-pipe-token=267A97D27C011959A99AA6B8650D43DD --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=267A97D27C011959A99AA6B8650D43DD --renderer-client-id=5 --mojo-platform-channel-handle=4460 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1548,1727679897916974450,7998204734290957946,131072 --service-pipe-token=642E049547E6D53955B2CFD29857389F --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=642E049547E6D53955B2CFD29857389F --renderer-client-id=6 --mojo-platform-channel-handle=4588 /prefetch:1
C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.c661355dce64945b > \\.\pipe\chrome.nativeMessaging.out.c661355dce64945b
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1548,1727679897916974450,7998204734290957946,131072 --disable-gpu-sandbox --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=BB7E02EBE2D66FD5B0C4341A8A426DCC --mojo-platform-channel-handle=6184 /prefetch:2

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK

=========Mozilla firefox=========

ProfilePath - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qucah4sk.default

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.171.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.134 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2018-07-17 199648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-07 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83B80A9C-D91A-4F22-8DCF-EA7204039F79}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2018-07-17 167480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-07 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-21 13672304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-07-17 1630368]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"BackgroundSwitcher"=C:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe [2018-05-15 124760]
"vidnotifier.exe"=C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [2017-09-12 1192424]
"Spotify"=C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe [2018-05-27 22454160]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-14 4836032]
"Spotify Web Helper"=C:\Users\Uzivatel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-05-27 782736]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2018-07-11 8898480]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2014-06-11 707496]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2018-07-23 21:38:38 ----D---- C:\Program Files\trend micro
2018-07-23 21:38:35 ----D---- C:\rsit
2018-07-22 12:09:35 ----HD---- C:\OneDriveTemp
2018-07-12 20:01:34 ----D---- C:\Program Files\rempl
2018-07-07 18:12:38 ----A---- C:\WINDOWS\ntbtlog.txt
2018-07-04 22:01:09 ----D---- C:\AdwCleaner
2018-07-04 21:50:06 ----D---- C:\Users\Uzivatel\AppData\Roaming\Opera Software
2018-07-04 21:47:17 ----D---- C:\Program Files\Opera
2018-06-28 08:33:37 ----A---- C:\WINDOWS\system32\osrss.dll
2018-06-16 12:17:56 ----D---- C:\SUPERDelete
2018-06-16 12:14:41 ----D---- C:\Users\Uzivatel\AppData\Roaming\SUPERAntiSpyware.com
2018-06-16 11:58:50 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2018-06-16 11:58:50 ----D---- C:\Program Files\SUPERAntiSpyware
2018-06-11 21:17:53 ----D---- C:\Users\Uzivatel\AppData\Roaming\Fallout
2018-06-09 19:16:37 ----D---- C:\GOG Games
2018-06-07 21:31:22 ----D---- C:\ProgramData\Apple Computer
2018-06-01 21:05:09 ----D---- C:\ProgramData\Ubisoft
2018-06-01 20:28:35 ----A---- C:\WINDOWS\SYSWOW64\MafiaSetup.exe
2018-05-28 21:44:58 ----D---- C:\Program Files (x86)\Becherovka 2006
2018-05-28 21:43:26 ----D---- C:\Battleship88

======List of files/folders modified in the last 2 months======

2018-07-23 21:38:52 ----D---- C:\WINDOWS\Prefetch
2018-07-23 21:38:38 ----RD---- C:\Program Files
2018-07-23 21:37:56 ----D---- C:\WINDOWS\Temp
2018-07-23 21:37:35 ----D---- C:\WINDOWS\system32\sru
2018-07-23 21:37:25 ----D---- C:\WINDOWS\system32\SleepStudy
2018-07-23 21:27:29 ----SHD---- C:\WINDOWS\Installer
2018-07-23 21:27:29 ----D---- C:\Config.Msi
2018-07-23 21:12:38 ----D---- C:\WINDOWS\SysWOW64
2018-07-23 20:42:56 ----D---- C:\WINDOWS\AppReadiness
2018-07-23 20:42:40 ----HD---- C:\Program Files\WindowsApps
2018-07-23 20:42:20 ----D---- C:\WINDOWS\DeliveryOptimization
2018-07-23 20:05:41 ----D---- C:\Users\Uzivatel\AppData\Roaming\vlc
2018-07-23 12:11:00 ----SHD---- C:\System Volume Information
2018-07-23 12:10:35 ----D---- C:\WINDOWS\Logs
2018-07-23 12:00:02 ----D---- C:\WINDOWS\system32\LogFiles
2018-07-23 11:55:25 ----D---- C:\Windows
2018-07-23 11:54:57 ----D---- C:\WINDOWS\system32\config
2018-07-23 11:05:34 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-07-23 11:05:33 ----D---- C:\WINDOWS\INF
2018-07-23 10:53:25 ----RD---- C:\WINDOWS\Microsoft.NET
2018-07-23 10:19:51 ----D---- C:\WINDOWS\LiveKernelReports
2018-07-23 10:07:02 ----D---- C:\WINDOWS\Minidump
2018-07-22 08:31:13 ----D---- C:\WINDOWS\CbsTemp
2018-07-19 21:04:54 ----D---- C:\Program Files (x86)\McAfee
2018-07-17 16:13:59 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2018-07-17 09:00:05 ----D---- C:\WINDOWS\system32\Tasks
2018-07-16 17:30:57 ----D---- C:\WINDOWS\system32\catroot2
2018-07-12 20:32:58 ----D---- C:\WINDOWS\WinSxS
2018-07-12 20:32:43 ----D---- C:\WINDOWS\system32\MRT
2018-07-12 20:27:38 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-07-11 18:09:11 ----D---- C:\WINDOWS\system32\Macromed
2018-07-11 18:09:04 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-07-09 18:14:32 ----RD---- C:\Users
2018-07-09 18:11:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-09 18:11:12 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-07-09 10:39:36 ----SHD---- C:\$Recycle.Bin
2018-07-07 18:16:56 ----HD---- C:\ProgramData
2018-07-07 18:16:53 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2018-07-07 18:16:34 ----RD---- C:\Program Files (x86)
2018-07-07 18:12:53 ----D---- C:\WINDOWS\Tasks
2018-06-29 02:46:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-06-28 08:33:38 ----D---- C:\WINDOWS\System32
2018-06-26 20:02:44 ----D---- C:\WINDOWS\system32\drivers\wd
2018-06-20 20:51:48 ----D---- C:\WINDOWS\system32\NDF
2018-06-13 10:55:02 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-12 16:59:57 ----D---- C:\WINDOWS\system32\drivers\etc
2018-06-12 08:54:23 ----D---- C:\Users\Uzivatel\AppData\Roaming\uTorrent
2018-06-11 21:27:19 ----D---- C:\Program Files (x86)\Common Files
2018-06-08 18:21:08 ----AD---- C:\Program Files (x86)\TagScanner
2018-06-07 21:33:50 ----D---- C:\WINDOWS\system32\DriverStore
2018-06-07 21:33:46 ----D---- C:\Program Files\Common Files\Apple
2018-06-01 21:03:53 ----RSD---- C:\WINDOWS\assembly
2018-06-01 20:50:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2018-06-01 20:50:45 ----D---- C:\Program Files (x86)\Ubisoft
2018-05-28 21:47:33 ----D---- C:\PPK
2018-05-28 21:43:03 ----D---- C:\Games
2018-05-27 21:07:27 ----D---- C:\Users\Uzivatel\AppData\Roaming\Spotify

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem3.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2017-10-13 106416]
R0 BTATH_BUS;@oem24.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2017-12-08 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R1 MpKsld9432453;MpKsld9432453; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C78714BA-9ECC-4610-A79B-A6BA11B79173}\MpKsld9432453.sys [2018-07-23 58120]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 APXACC;@oem13.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2015-04-03 229056]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2017-05-24 310728]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-09-29 384000]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2017-05-24 42696]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319312.inf_amd64_1bd7dae294b3987b\atikmdag.sys [2017-10-24 36566432]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319312.inf_amd64_1bd7dae294b3987b\atikmpag.sys [2017-10-24 537504]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2017-09-29 4233728]
R3 AtiHDAudioService;@oem41.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 dtlitescsibus;@oem25.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-03-27 30264]
R3 dtliteusbbus;@oem32.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-03-27 47672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-04-08 3917272]
R3 LMDriver;@oem62.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-07-18 21360]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2017-02-14 111608]
R3 RadioShim;@oem62.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-07-18 14680]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-29 604160]
R3 RTSPER;@oem17.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-05-14 751632]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 acsock;acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [2014-06-11 112496]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2017-09-29 105472]
S3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-12-02 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\SysWOW64\FsUsbExDisk.SYS [2013-12-30 37344]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 jakstaVA;@oem71.inf,%DeviceName%;Digital Video Recorder; C:\WINDOWS\system32\DRIVERS\jaksta_va.sys [2017-02-23 103816]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2017-01-31 173472]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-10-24 560536]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2017-09-26 2278688]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_5aec5;Uživatelská služba platformy připojených zařízení_5aec5; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 LMSvc;Launch Manager Service; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [2014-06-10 466664]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2018-07-17 604824]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2017-03-28 76888]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2016-09-21 4088608]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-11-26 519152]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2291904]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2014-06-12 2573032]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2014-06-26 458984]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe []
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc_5aec5;Hostitel synchronizace_5aec5; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2016-11-24 235984]
S2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2018-06-28 135816]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11 335872]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_5aec5;Tok zařízení_5aec5; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-12-02 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2018-03-16 262504]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-09 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_5aec5;Služba zasílání zpráv_5aec5; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-07-07 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc_5aec5;Data kontaktů_5aec5; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_5aec5;PrintWorkflow_5aec5; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-12-02 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Vyskakování oken v prohlížeči

#4 Příspěvek od Conder »

:arrow: Na Win10 je RSIT nepouzitelny, je nutne pouzit novsi skener FRST ako som pisal, ale nevadi.

:arrow: AdwCleaner funguje?
:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

stargate17
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 04 črc 2018 21:11

Re: Vyskakování oken v prohlížeči

#5 Příspěvek od stargate17 »

adw jsem zkoušel, ale žádná změna... ale klidně zkusím znovu přesně podle návodu :) díky :)

stargate17
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 04 črc 2018 21:11

Re: Vyskakování oken v prohlížeči

#6 Příspěvek od stargate17 »

hmm, jsme tam, kde jsem byli, adw se mi zase nepodaří spustit... já už to teď nestíhám, ale zkusím si k tomu za pár dnů sednout, spustit ho přes nouzový režim, a navíc udělat ten správný log.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Vyskakování oken v prohlížeči

#7 Příspěvek od Conder »

:arrow: OK, potom stiahni AdwCleaner znovu z toho odkazu, kedze medzitym vysla nova verzia. Nasledne vyskusaj AdwCleaner najprv v normalnom rezime, ak nepojde, tak v nudzovom rezime. Ak nepojde ani tam, posli logy z FRST (idealne z normalneho rezimu).
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

stargate17
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 04 črc 2018 21:11

Re: Vyskakování oken v prohlížeči

#8 Příspěvek od stargate17 »

Adw jsem zkusil podle návodu, že po restartu do normálního režimu se znovu nespustilo... A tady je ten log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Ran by Uzivatel (administrator) on ACER (24-07-2018 20:33:54)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-911532830-945509587-2248563984-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-911532830-945509587-2248563984-1001\...\Run: [BackgroundSwitcher] => C:\Program Files (x86)\johnsadventures.com\John's Background Switcher\BackgroundSwitcher.exe [124760 2018-05-15] (johnsadventures.com)
HKU\S-1-5-21-911532830-945509587-2248563984-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1192424 2017-09-12] (Digital Wave Ltd)
HKU\S-1-5-21-911532830-945509587-2248563984-1001\...\Run: [Spotify] => C:\Users\Uzivatel\AppData\Roaming\Spotify\Spotify.exe [22454160 2018-05-27] (Spotify Ltd)
HKU\S-1-5-21-911532830-945509587-2248563984-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-911532830-945509587-2248563984-1001\...\Run: [Spotify Web Helper] => C:\Users\Uzivatel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-05-27] (Spotify Ltd)
HKU\S-1-5-21-911532830-945509587-2248563984-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8898480 2018-07-11] (SUPERAntiSpyware)
HKU\S-1-5-21-911532830-945509587-2248563984-1001\...\MountPoints2: {094925c1-d2ab-11e4-825b-806e6f6e6963} - "D:\ppk.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9fa9f187-33b5-4f82-a7ea-0c0a249d8058}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e1484b92-0eb8-4a54-805b-255ad90e8881}: [DhcpNameServer] 192.168.11.1

Internet Explorer:
==================
HKU\S-1-5-21-911532830-945509587-2248563984-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-911532830-945509587-2248563984-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-911532830-945509587-2248563984-1001 -> DefaultScope {437E7AAC-B72B-44FD-946B-B7D7144AB0A5} URL =
SearchScopes: HKU\S-1-5-21-911532830-945509587-2248563984-1001 -> {2170EF41-780B-4AB1-A306-3E89DA26675A} URL =
SearchScopes: HKU\S-1-5-21-911532830-945509587-2248563984-1001 -> {685F1C46-062E-4F7E-B0D4-850EA5F70029} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-07] (Oracle Corporation)
BHO-x32: No Name -> {83B80A9C-D91A-4F22-8DCF-EA7204039F79} -> No File
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-07] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-07-17] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-07-17] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: qucah4sk.default
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qucah4sk.default [2018-07-24]
FF Extension: (Adblock Plus) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qucah4sk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-07-18]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\qucah4sk.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-10-25]
FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-07] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-05-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-07] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2018-03-16] ()
FF Plugin HKU\S-1-5-21-911532830-945509587-2248563984-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]

Chrome:
=======
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default [2018-07-24]
CHR Extension: (Prezentace) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-09]
CHR Extension: (YouTube) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-09]
CHR Extension: (Tabulky) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-07-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-09]
CHR Extension: (AdBlock) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-19]
CHR Extension: (ScriptMonkey) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-04]
CHR Extension: (Gmail) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604824 2018-07-17] (McAfee, Inc.)
S2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
S2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2017-03-28] ()
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S2 sedsvc; C:\Program Files\rempl\sedsvc.exe [295976 2018-07-16] (Microsoft Corporation)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)
S2 Bonjour Service; "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319312.inf_amd64_1bd7dae294b3987b\atikmdag.sys [36566432 2017-10-24] (Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319312.inf_amd64_1bd7dae294b3987b\atikmpag.sys [537504 2017-10-24] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [106416 2017-10-13] (Advanced Micro Devices, Inc.)
S2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [310728 2017-05-24] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-27] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-27] (Disc Soft Ltd)
S3 FsUsbExDisk; C:\WINDOWS\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [File not signed]
S3 jakstaVA; C:\WINDOWS\system32\DRIVERS\jaksta_va.sys [103816 2017-02-23] (e2eSoft)
S2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [42696 2017-05-24] ()
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-24 20:33 - 2018-07-24 20:34 - 000018788 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2018-07-24 20:33 - 2018-07-24 20:33 - 000000000 ____D C:\FRST
2018-07-24 20:31 - 2018-07-24 20:31 - 002412544 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2018-07-24 20:25 - 2018-07-24 20:25 - 000328192 _____ C:\WINDOWS\SysWOW64\SelfFolder.idc
2018-07-24 19:58 - 2018-07-24 19:59 - 007417040 _____ (Malwarebytes) C:\Users\Uzivatel\Desktop\adwcleaner_7.2.2.exe
2018-07-24 19:56 - 2018-07-24 19:56 - 007395536 _____ (Malwarebytes) C:\Users\Uzivatel\Desktop\AdwCleaner.exe
2018-07-24 18:05 - 2018-07-24 18:47 - 368914432 _____ C:\Users\Uzivatel\Desktop\Babylon 5 - s01e05.avi
2018-07-24 18:05 - 2018-07-24 18:47 - 182720512 _____ C:\Users\Uzivatel\Desktop\Joey-01x06-Joey-a-bohyne-pomsty.avi
2018-07-23 21:40 - 2018-07-24 20:25 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\web server extensions
2018-07-23 21:38 - 2018-07-23 21:39 - 000000000 ____D C:\rsit
2018-07-23 21:38 - 2018-07-23 21:39 - 000000000 ____D C:\Program Files\trend micro
2018-07-23 18:48 - 2018-07-23 19:09 - 368971776 _____ C:\Users\Uzivatel\Desktop\Babylon 5 - s01e04.avi
2018-07-23 18:47 - 2018-07-23 18:58 - 182808576 _____ C:\Users\Uzivatel\Desktop\Joey-01x05-Joey-a-dokonala-boure.avi
2018-07-22 19:16 - 2018-07-23 21:12 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\NET.Framework SDK
2018-07-22 18:11 - 2018-07-22 18:40 - 510297475 _____ C:\Users\Uzivatel\Desktop\Babylon 5 S01E03 Vznešený pôvod.mkv
2018-07-21 18:36 - 2018-07-21 18:46 - 183119872 _____ C:\Users\Uzivatel\Desktop\Joey-01x04-Joey-a-klub-ctenaru.avi
2018-07-21 18:35 - 2018-07-21 19:05 - 512391110 _____ C:\Users\Uzivatel\Desktop\Babylon 5 S01E02 Lovec duší.mkv
2018-07-20 19:53 - 2018-07-20 20:18 - 366372864 _____ C:\Users\Uzivatel\Desktop\Babylon 5 01x01 - Půlnoc na palebné linii.avi
2018-07-20 19:51 - 2018-07-20 20:05 - 182972416 _____ C:\Users\Uzivatel\Desktop\Joey-01x03-Joey-a-vecirek.avi
2018-07-19 18:55 - 2018-07-19 19:08 - 244082688 _____ C:\Users\Uzivatel\Desktop\Joey-01x02-Joey-a-student.avi
2018-07-18 18:15 - 2018-07-18 18:29 - 244379648 _____ C:\Users\Uzivatel\Desktop\Joey-01x01-Joey.avi
2018-07-18 18:11 - 2016-09-17 11:36 - 320852894 _____ C:\Users\Uzivatel\Desktop\Eureka.S05E13.720p.BluRay.x264.mkv
2018-07-18 18:11 - 2016-09-17 11:36 - 320703538 _____ C:\Users\Uzivatel\Desktop\Eureka.S05E12.720p.BluRay.x264.mkv
2018-07-17 19:02 - 2018-07-17 19:40 - 571678720 _____ C:\Users\Uzivatel\Desktop\Dva-a-pul-chlapa-12x15-jasne-ze-je-mrtvy-web-dlrip-cz-avi.avi
2018-07-17 09:30 - 2018-07-17 10:52 - 1471270912 _____ C:\Users\Uzivatel\Desktop\BABYLON-5-Velký-Summit---1993---The-Gathering.CZ,EN.avi
2018-07-17 08:59 - 2018-07-20 21:21 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\Peer.Net
2018-07-16 20:02 - 2018-07-16 20:26 - 194293351 _____ C:\Users\Uzivatel\Desktop\Divergence 3.3gp
2018-07-16 18:20 - 2018-07-16 18:58 - 191745113 _____ C:\Users\Uzivatel\Desktop\Divergence 2.3gp
2018-07-16 08:31 - 2018-07-16 17:35 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\Windows AntiMalware Updates
2018-07-15 20:20 - 2018-07-15 20:21 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\Local Extension Settings
2018-07-14 21:11 - 2018-07-14 21:29 - 225232598 _____ C:\Users\Uzivatel\Desktop\Divergence 1.3gp
2018-07-13 21:30 - 2018-07-13 22:00 - 163824696 _____ C:\Users\Uzivatel\Desktop\Requiem Za Sen-2000 CZ MKV-cukraran.3gp
2018-07-12 21:27 - 2018-07-12 21:50 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\Chrome Cleanup Tools
2018-07-12 20:01 - 2018-07-24 19:30 - 000000000 ____D C:\Program Files\rempl
2018-07-11 19:21 - 2018-07-11 19:32 - 046080983 _____ C:\Users\Uzivatel\Desktop\Červený-trpaslík-07x01-Pekelně-ostrý-výlet-(Tikka-To-Ride).3gp
2018-07-10 18:45 - 2018-07-10 19:00 - 046206909 _____ C:\Users\Uzivatel\Desktop\Červený-trpaslík-06x06-Mimo-realitu-(Out-Of-Time).3gp
2018-07-10 17:47 - 2018-07-11 18:11 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\Windows.Config.Msi
2018-07-09 20:51 - 2018-07-09 21:05 - 045377206 _____ C:\Users\Uzivatel\Desktop\Červený-trpaslík-06x05-Rimmerosvět-(Rimmerworld)-.3gp
2018-07-08 20:16 - 2018-07-08 20:26 - 045953608 _____ C:\Users\Uzivatel\Desktop\Červený-trpaslík-06x04-Polymorf-II---Emocuc-(Emohawk---Polymorph-II)-.3gp
2018-07-08 18:29 - 2018-07-10 10:15 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\Windows Workflow Foundation
2018-07-07 19:58 - 2018-07-07 20:11 - 046881647 _____ C:\Users\Uzivatel\Desktop\Červený-trpaslík-06x03-Pistolníci-z-Apokalypsy-(Gunmen-of-the-Apocalypse)-.3gp
2018-07-07 18:12 - 2018-07-24 20:31 - 000588004 _____ C:\WINDOWS\ntbtlog.txt
2018-07-07 18:12 - 2018-07-24 20:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-07-07 10:09 - 2018-07-08 08:48 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2
2018-07-04 22:08 - 2018-07-04 22:08 - 001222144 _____ C:\Users\Uzivatel\Desktop\RSITx64.exe
2018-07-04 22:01 - 2018-07-07 18:16 - 000000000 ____D C:\AdwCleaner
2018-07-04 21:50 - 2018-07-05 12:46 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Opera Software
2018-07-04 21:50 - 2018-07-05 12:46 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Opera Software
2018-07-04 21:47 - 2018-07-05 12:46 - 000000000 ____D C:\Program Files\Opera
2018-07-04 20:25 - 2018-07-04 20:33 - 045846618 _____ C:\Users\Uzivatel\Desktop\Červený-trpaslík-06x02-Legie-(Legion)-.3gp
2018-07-04 19:18 - 2018-07-06 23:26 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\$NtUninstallWIC$
2018-07-03 18:02 - 2018-07-04 10:01 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\Windows Media Player 11
2018-07-02 21:24 - 2018-07-02 22:02 - 000000000 ____D C:\Users\Uzivatel\Desktop\Rome - Total War Anthology
2018-07-02 20:21 - 2018-07-02 20:47 - 205285611 _____ C:\Users\Uzivatel\Desktop\16 Povolení zabíjet - James Bond.3gp
2018-06-30 21:08 - 2018-07-01 11:46 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\KernelReports
2018-06-30 18:53 - 2018-06-30 19:42 - 202383723 _____ C:\Users\Uzivatel\Desktop\James Bond-1987-Dech zivota-Akcni-CZ-adriatic.3gp
2018-06-28 08:33 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-06-27 21:04 - 2018-06-27 21:33 - 202969751 _____ C:\Users\Uzivatel\Desktop\14 Vyhlídka na vraždu - James Bond.3gp
2018-06-26 20:59 - 2018-06-26 21:38 - 202053904 _____ C:\Users\Uzivatel\Desktop\13 - James Bond - Chobotnička -(1983) CZ.3gp
2018-06-26 08:20 - 2018-06-29 10:27 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\Miniport WDM Driver
2018-06-25 21:17 - 2018-06-25 21:43 - 197735511 _____ C:\Users\Uzivatel\Desktop\12 - James Bond - Jen pro tvé oči - (1981) CZ.3gp
2018-06-24 22:20 - 2018-06-24 22:39 - 191188942 _____ C:\Users\Uzivatel\Desktop\11 Moonraker - James Bond.3gp
2018-06-24 16:15 - 2018-06-25 18:37 - 000000000 ___HD C:\Users\Uzivatel\AppData\Local\C.Framework

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-24 20:29 - 2017-09-29 10:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-07-24 20:29 - 2017-07-16 09:21 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-07-24 20:28 - 2017-12-03 11:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-24 20:24 - 2016-04-22 10:08 - 000000000 __RDL C:\Users\Uzivatel\OneDrive
2018-07-24 19:44 - 2017-12-03 10:37 - 000000000 ____D C:\Users\Uzivatel
2018-07-24 19:35 - 2017-12-03 10:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-24 19:28 - 2016-11-19 15:38 - 000000000 ____D C:\Users\Uzivatel\AppData\LocalLow\Mozilla
2018-07-24 19:24 - 2016-08-02 18:13 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\vlc
2018-07-24 19:06 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-07-24 18:06 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-23 20:42 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-23 11:55 - 2018-01-14 19:21 - 000000000 ____D C:\WINDOWS\Minidump
2018-07-23 11:05 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-07-23 10:23 - 2017-02-03 11:08 - 000000000 ____D C:\Users\Uzivatel\Desktop\trailery
2018-07-23 10:19 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-22 08:31 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-20 08:36 - 2018-06-16 11:58 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-07-19 21:04 - 2016-09-22 20:23 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-07-19 14:45 - 2018-06-09 19:16 - 000000000 ____D C:\GOG Games
2018-07-17 16:13 - 2016-05-05 16:25 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-17 09:00 - 2017-12-03 11:06 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-911532830-945509587-2248563984-1001
2018-07-17 09:00 - 2016-04-22 10:08 - 000002434 _____ C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-14 18:24 - 2017-01-30 23:26 - 000000000 ____D C:\Users\Uzivatel\Desktop\filmy
2018-07-12 20:32 - 2016-04-04 19:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-12 20:27 - 2016-04-04 19:46 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-11 18:09 - 2017-12-03 11:06 - 000004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-07-11 18:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-11 18:09 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-11 18:08 - 2018-03-14 11:05 - 000004638 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-09 18:11 - 2017-05-30 10:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-09 18:11 - 2017-03-28 19:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-07 19:21 - 2017-05-30 10:36 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-07 18:16 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-07-02 12:55 - 2018-05-31 21:39 - 000000000 ____D C:\Users\Uzivatel\Desktop\Nová složka
2018-07-02 10:48 - 2016-08-02 16:06 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\Adobe
2018-06-29 02:46 - 2017-12-14 10:00 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-29 02:46 - 2017-12-14 10:00 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-26 20:02 - 2018-03-01 19:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-26 18:26 - 2016-05-09 09:46 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 18:26 - 2016-05-09 09:46 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2017-09-29 15:42 - 2017-09-29 15:42 - 000174592 ____N (Microsoft Corporation) C:\Users\Uzivatel\Ieuunekrioy.exe
2017-09-29 15:42 - 2017-09-29 15:42 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\LaaSxsu.exe
2017-09-29 15:42 - 2017-09-29 15:42 - 000059904 ____N (Microsoft Corporation) C:\Users\Uzivatel\AppData\Roaming\BwYLTEF.exe
2018-05-16 13:00 - 2018-05-16 14:12 - 000000128 _____ () C:\Users\Uzivatel\AppData\Roaming\Camdata.ini
2018-05-16 13:00 - 2018-05-16 14:12 - 000000408 _____ () C:\Users\Uzivatel\AppData\Roaming\CamLayout.ini
2018-05-16 13:00 - 2018-05-16 14:12 - 000000408 _____ () C:\Users\Uzivatel\AppData\Roaming\CamShapes.ini
2018-05-16 13:00 - 2018-05-16 14:12 - 000004536 _____ () C:\Users\Uzivatel\AppData\Roaming\CamStudio.cfg
2018-05-16 10:36 - 2018-05-16 13:02 - 000000096 _____ () C:\Users\Uzivatel\AppData\Roaming\version2.xml
2018-06-11 21:27 - 2018-06-11 21:27 - 000000002 _____ () C:\Users\Uzivatel\AppData\Local\WMI.ini

Some files in TEMP:
====================
2018-07-23 10:25 - 2018-07-23 10:26 - 001906040 _____ (Oracle Corporation) C:\Users\Uzivatel\AppData\Local\Temp\jre-8u181-windows-au.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-17 09:36

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Vyskakování oken v prohlížeči

#9 Příspěvek od Conder »

:arrow: FRST v normalnom rezime tiez nefunguje?

:arrow: Urob v MBAM uplny sken
  • Stiahni a nainstaluj Malwarebytes (MBAM): https://www.malwarebytes.com/mwb-download/thankyou/
  • Ignoruj skusobnu trial verziu
  • Otvor MBAM a vlavo klikni na "Skenovat"
  • Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
  • Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
  • Klikni na Skenovat teraz a pockaj na dokoncenie
  • Po dokonceni klikni na Exportovat zhrnutie -> Textovy subor, zadaj nejaky nazov suboru a uloz na plochu
  • Obsah tohto suboru sem skopiruj
  • Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

stargate17
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 04 črc 2018 21:11

Re: Vyskakování oken v prohlížeči

#10 Příspěvek od stargate17 »

v normálním režimu nejde nic :(
tady je obsah toho textového souboru :)

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 25.07.18
Čas skenování: 12:40
Logovací soubor: 2edc501a-8ff7-11e8-9927-f0761c83be29.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.391
Aktualizovat verzi balíku komponent: 1.0.6059
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 16299.125)
CPU: x64
Systém souborů: NTFS
Uživatel: ACER\Uzivatel

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 832967
Zjištěné hrozby: 149
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 23 hod, 18 min, 35 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 85
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B39DC897-007D-4C25-9C83-839507B40B08}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{272129F3-871C-46A5-81E5-995922719B08}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{81036FCB-3210-420A-9AF6-79773DAF0902}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{989B36A3-ED4D-4491-9294-8207E07CA143}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FE303028-64A4-4914-95D4-EB50A618C640}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{07AE4A82-857E-411E-9E3E-6F8157C8A5FC}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1103006C-F483-4875-A420-DB19A002F38F}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B7C95CCA-142D-4BDE-BE82-B01B3A8661C0}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F45A5E45-CBF1-48BB-89D1-D612843D6910}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D2191077-AACC-4B77-9059-FD93E9C5CA83}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E7722529-9A4C-4CF3-B70E-98095E3DCFEA}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DCE5C2B7-9937-4DD0-BC1F-B5304FAFCE78}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E6E10729-292E-4ECA-8667-CBC32BE12D0C}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F978955D-EA0C-4890-9041-B68F3520BFBF}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5AA784BF-619A-499D-B949-067DED8D9B66}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3D17E9CE-7DF1-4C1A-B9D6-1BDD6E9B1E20}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{9A526946-506C-4530-A903-1E605D8677AA}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E1D23649-40FC-49A1-B6E3-65A6C76C2764}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1302872D-C46A-4B9E-B7A5-29504FD48CD0}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{19AAE05E-1E54-491D-BE35-2DA341E5AA67}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5EB60CF9-ACFE-4CDC-996F-4D37EEBFD88B}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B8C0E83D-37F0-40AC-B1B7-AA37BED27DAD}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D8C3FAC6-7A64-4C7C-ABA7-E96808333169}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{05CFF1C6-0578-42E2-8044-752D3C627633}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5B386947-8224-4684-8E9D-0A42EF8758C4}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D2758966-AB18-4A02-8F61-642883CD136C}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8C82FB40-41BA-4BA7-80F6-6F43BCC54624}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D1B1AF00-CF4E-46CC-988C-4C59EEB72EE8}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E194915C-5E6E-4BA7-930B-2258773C60E1}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{16EA5B0D-4304-4C92-B55D-5D79EB57132A}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F1E1FBB6-56F2-4B20-8980-3F9F997961A5}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{18F336B0-3F99-4DE8-A882-31F7ED13F82A}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{88059ED8-2EC9-4334-8ECD-8DAC8C3136A5}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{24DBA152-E794-4871-91FC-783F19AEA4A5}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E0046BAF-FA02-402B-A1AE-7A7CEDE27509}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{65B49B9F-22A0-4148-8A4C-FE46BD23AE44}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{BE51AE88-C51E-4E57-BBB0-0C728468C086}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{30817713-723E-4C6D-8C2A-AA51D5977206}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1B64D89E-8A23-4902-941B-91B2B14FA3D6}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8D324C1B-8C2B-4F8A-AF38-50BEF13E6EE9}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{58597B73-BAD5-4B6F-A4C2-28561A5EAFA4}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{66B4A6B4-425F-4C48-85B5-D46C40D42EFC}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ED6B0A84-0DD3-4CC8-A9CC-7F907D127791}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{533A22C0-3C8C-4C82-8C67-84F77DC02179}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{4A4A8F24-05CA-44F0-A53A-6295435DEC2D}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F2E003EA-14FC-45D1-8EFD-C8D78354BE78}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3CB745A4-B8DC-4C9E-8B00-5868C3F57D33}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D675436D-85C5-487F-B627-ED5E0FE8EAFA}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{53D5ECDE-2CB8-4D24-A24D-E7F44A02CE98}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E79D44E3-B0BD-4064-8782-809FE3427F9D}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{07622E6D-E5DC-477A-BAEC-5AF5D289918A}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E536D8EE-40DA-4A62-A9D1-D1399C59CF4A}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{237C0AB3-D66C-4804-96E7-8D60D50EE60E}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A9C5942B-2F2B-46F9-A66E-A8FAB84A764E}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{122A5588-8B6D-47ED-91C0-DE4157A33764}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C3130561-AD94-4A1E-BAC2-7FA7F4B9A691}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A5C3F58C-B278-4BD5-8AED-7DCDBE3748BB}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B1F8E2E5-F30C-4113-9E28-CC36C19EBAEE}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DCFC5C21-AD28-47E1-8480-D3BA7FFE2798}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ABC76A24-6406-4C20-9F4E-8FE3AA63ACFE}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{99283A88-3CEE-4A5E-B925-3131CA5C01A3}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{78B5E80B-C64C-413E-9B67-C221CF76BB36}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DE6ABD50-56BE-4A49-B8A0-F2810B922190}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5BED5BE0-B1B4-4A9A-A937-DC0DCB163464}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8F00308A-88D4-4547-B64A-BC4EDEEE3F5C}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{466595E8-4B47-4019-BCD7-068A117A16C6}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7EEB23C7-3451-4545-BC9D-E89A7EF84D10}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{42686DC4-0110-4B35-9C09-0705E7FBF166}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1258FB3F-798E-44A9-B8BE-3182591FE5E9}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A49D32B5-AC31-4109-BAD3-197B20D0BAC6}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C05ACE7C-7005-458A-8399-C1C0E3CF9482}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ED8153F5-2EB9-448B-9D76-FB9994BE2810}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FCB36F36-631F-4349-9BCE-0CB39E18C366}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{02964C69-541A-4492-BE42-FAFA9E31970F}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{19E75A1B-5AB2-47CD-8018-AC207AA7B0C9}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F1485A8D-DD8E-4218-954F-7D43E5AFC90C}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{81914B85-2AAB-457D-8A80-D11348F80D14}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{67AA1D21-E98E-42E8-9E78-765EAEABAC03}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{969D20CE-A698-416E-B557-26EF9ED65666}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{40C764A1-839F-4A70-9D5B-B24836D8D268}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{AEC09311-0425-455E-B1A7-A4628C5DA36B}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E7474FF4-766E-48E4-8344-8516B78E08D0}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7B36E4F1-F304-47B9-AC8A-7709A3897B6D}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1DCA0665-96E8-4882-A187-E493FB2CF1C1}, Žádná uživatelská akce, [3769], [539893],1.0.6059
Trojan.BitCoinMiner.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8AE4494B-0806-4155-B9DC-BD783E68C739}, Žádná uživatelská akce, [3769], [539893],1.0.6059

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 1
Trojan.BitCoinMiner.Generic, C:\USERS\UZIVATEL\APPDATA\LOCAL\1A8C3A8E-BF19-4EF3-ADAE-40E9F007B1B2, Žádná uživatelská akce, [3769], [544199],1.0.6059

Soubor: 63
RiskWare.GameHack, C:\PROGRAM FILES (X86)\FAR CRY 4\CRACK\BIN\STEAM_API.DLL, Žádná uživatelská akce, [7900], [305544],1.0.6059
RiskWare.GameHack, C:\PROGRAM FILES (X86)\FAR CRY 4\CRACK\BIN\STEAM_API64.DLL, Žádná uživatelská akce, [7900], [305544],1.0.6059
CrackTool.Agent, C:\PROGRAM FILES (X86)\FAR CRY 4\CRACK\BIN\UPLAY_R164.DLL, Žádná uživatelská akce, [6217], [324694],1.0.6059
CrackTool.Agent, C:\PROGRAM FILES (X86)\FAR CRY 4\CRACK\BIN\UPLAY_R1_LOADER64.DLL, Žádná uživatelská akce, [6217], [324694],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\$NTUNINSTALLWIC$\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\$NTUNINSTALLWIC$\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
Trojan.BitCoinMiner.Generic, C:\USERS\UZIVATEL\APPDATA\LOCAL\1A8C3A8E-BF19-4EF3-ADAE-40E9F007B1B2\CONFIG.TXT, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\000001R.zip, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1530951083_log.txt, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1530981755_log.txt, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1531032520_log.txt, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1a1.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1b1.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1c1.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1d1.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1e1.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1g1.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1h1.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1i1.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data2.bin, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\epools.txt, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\license.txt, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msiexec64.exe, Žádná uživatelská akce, [3769], [544199],1.0.6059
Trojan.BitCoinMiner.Generic, C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msvcr110.dll, Žádná uživatelská akce, [3769], [544199],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\C.FRAMEWORK\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\C.FRAMEWORK\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\CAMSTUDIO 2.8.0\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\CAMSTUDIO 2.8.0\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\CCLEANER V9.18\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\CCLEANER V9.18\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\CHROME CLEANUP TOOLS\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\CHROME CLEANUP TOOLS\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\KERNELREPORTS\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\KERNELREPORTS\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\LOCAL EXTENSION SETTINGS\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\LOCAL EXTENSION SETTINGS\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\MICROSOFT WEBSITES\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\MICROSOFT WEBSITES\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\MINIPORT WDM DRIVER\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\MINIPORT WDM DRIVER\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\NET.FRAMEWORK SDK\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\NET.FRAMEWORK SDK\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\OPERA-12.8\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\OPERA-12.8\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\PEER.NET\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\PEER.NET\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\PLUGINS\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\PLUGINS\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WEB SERVER EXTENSIONS\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WEB SERVER EXTENSIONS\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS ANTIMALWARE UPDATES\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS ANTIMALWARE UPDATES\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER 11\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER 11\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS WORKFLOW FOUNDATION\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS WORKFLOW FOUNDATION\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS.CONFIG.MSI\000001R.ZIP, Žádná uživatelská akce, [8483], [543799],1.0.6059
RiskWare.BitCoinMiner.BatBitRst, C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS.CONFIG.MSI\MSIEXEC64.EXE, Žádná uživatelská akce, [8483], [543799],1.0.6059

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Vyskakování oken v prohlížeči

#11 Příspěvek od Conder »

:arrow: Vsetky nalezy zmaz. Malo by to ponuknut novy log, alebo bude v casti Spravy, tam klikni na posledny log -> Zobrazit spravu -> Exportovat -> Skopirovat do schranky a vloz ho sem.

:arrow: Vyskusaj vytvorit nove logy z FRST v normalnom rezime.

:arrow: Napis ci nastala nejaka zmena.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

stargate17
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 04 črc 2018 21:11

Re: Vyskakování oken v prohlížeči

#12 Příspěvek od stargate17 »

bohužel žádná změna, okna vyskakují furt a frst v normálním režimu nespustím :(

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Vyskakování oken v prohlížeči

#13 Příspěvek od Conder »

:arrow: Posielam este raz, v predchadzajucom bola drobna chyba:

:arrow: OK, skus v nudzovom rezime tento fixlist:

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B39DC897-007D-4C25-9C83-839507B40B08}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{272129F3-871C-46A5-81E5-995922719B08}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{81036FCB-3210-420A-9AF6-79773DAF0902}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{989B36A3-ED4D-4491-9294-8207E07CA143}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FE303028-64A4-4914-95D4-EB50A618C640}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{07AE4A82-857E-411E-9E3E-6F8157C8A5FC}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1103006C-F483-4875-A420-DB19A002F38F}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B7C95CCA-142D-4BDE-BE82-B01B3A8661C0}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F45A5E45-CBF1-48BB-89D1-D612843D6910}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D2191077-AACC-4B77-9059-FD93E9C5CA83}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E7722529-9A4C-4CF3-B70E-98095E3DCFEA}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DCE5C2B7-9937-4DD0-BC1F-B5304FAFCE78}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E6E10729-292E-4ECA-8667-CBC32BE12D0C}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F978955D-EA0C-4890-9041-B68F3520BFBF}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5AA784BF-619A-499D-B949-067DED8D9B66}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3D17E9CE-7DF1-4C1A-B9D6-1BDD6E9B1E20}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{9A526946-506C-4530-A903-1E605D8677AA}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E1D23649-40FC-49A1-B6E3-65A6C76C2764}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1302872D-C46A-4B9E-B7A5-29504FD48CD0}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{19AAE05E-1E54-491D-BE35-2DA341E5AA67}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5EB60CF9-ACFE-4CDC-996F-4D37EEBFD88B}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B8C0E83D-37F0-40AC-B1B7-AA37BED27DAD}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D8C3FAC6-7A64-4C7C-ABA7-E96808333169}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{05CFF1C6-0578-42E2-8044-752D3C627633}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5B386947-8224-4684-8E9D-0A42EF8758C4}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D2758966-AB18-4A02-8F61-642883CD136C}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8C82FB40-41BA-4BA7-80F6-6F43BCC54624}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D1B1AF00-CF4E-46CC-988C-4C59EEB72EE8}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E194915C-5E6E-4BA7-930B-2258773C60E1}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{16EA5B0D-4304-4C92-B55D-5D79EB57132A}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F1E1FBB6-56F2-4B20-8980-3F9F997961A5}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{18F336B0-3F99-4DE8-A882-31F7ED13F82A}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{88059ED8-2EC9-4334-8ECD-8DAC8C3136A5}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{24DBA152-E794-4871-91FC-783F19AEA4A5}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E0046BAF-FA02-402B-A1AE-7A7CEDE27509}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{65B49B9F-22A0-4148-8A4C-FE46BD23AE44}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{BE51AE88-C51E-4E57-BBB0-0C728468C086}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{30817713-723E-4C6D-8C2A-AA51D5977206}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1B64D89E-8A23-4902-941B-91B2B14FA3D6}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8D324C1B-8C2B-4F8A-AF38-50BEF13E6EE9}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{58597B73-BAD5-4B6F-A4C2-28561A5EAFA4}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{66B4A6B4-425F-4C48-85B5-D46C40D42EFC}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ED6B0A84-0DD3-4CC8-A9CC-7F907D127791}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{533A22C0-3C8C-4C82-8C67-84F77DC02179}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{4A4A8F24-05CA-44F0-A53A-6295435DEC2D}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F2E003EA-14FC-45D1-8EFD-C8D78354BE78}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3CB745A4-B8DC-4C9E-8B00-5868C3F57D33}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D675436D-85C5-487F-B627-ED5E0FE8EAFA}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{53D5ECDE-2CB8-4D24-A24D-E7F44A02CE98}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E79D44E3-B0BD-4064-8782-809FE3427F9D}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{07622E6D-E5DC-477A-BAEC-5AF5D289918A}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E536D8EE-40DA-4A62-A9D1-D1399C59CF4A}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{237C0AB3-D66C-4804-96E7-8D60D50EE60E}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A9C5942B-2F2B-46F9-A66E-A8FAB84A764E}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{122A5588-8B6D-47ED-91C0-DE4157A33764}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C3130561-AD94-4A1E-BAC2-7FA7F4B9A691}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A5C3F58C-B278-4BD5-8AED-7DCDBE3748BB}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B1F8E2E5-F30C-4113-9E28-CC36C19EBAEE}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DCFC5C21-AD28-47E1-8480-D3BA7FFE2798}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ABC76A24-6406-4C20-9F4E-8FE3AA63ACFE}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{99283A88-3CEE-4A5E-B925-3131CA5C01A3}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{78B5E80B-C64C-413E-9B67-C221CF76BB36}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DE6ABD50-56BE-4A49-B8A0-F2810B922190}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5BED5BE0-B1B4-4A9A-A937-DC0DCB163464}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8F00308A-88D4-4547-B64A-BC4EDEEE3F5C}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{466595E8-4B47-4019-BCD7-068A117A16C6}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7EEB23C7-3451-4545-BC9D-E89A7EF84D10}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{42686DC4-0110-4B35-9C09-0705E7FBF166}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1258FB3F-798E-44A9-B8BE-3182591FE5E9}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A49D32B5-AC31-4109-BAD3-197B20D0BAC6}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C05ACE7C-7005-458A-8399-C1C0E3CF9482}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ED8153F5-2EB9-448B-9D76-FB9994BE2810}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FCB36F36-631F-4349-9BCE-0CB39E18C366}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{02964C69-541A-4492-BE42-FAFA9E31970F}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{19E75A1B-5AB2-47CD-8018-AC207AA7B0C9}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F1485A8D-DD8E-4218-954F-7D43E5AFC90C}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{81914B85-2AAB-457D-8A80-D11348F80D14}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{67AA1D21-E98E-42E8-9E78-765EAEABAC03}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{969D20CE-A698-416E-B557-26EF9ED65666}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{40C764A1-839F-4A70-9D5B-B24836D8D268}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{AEC09311-0425-455E-B1A7-A4628C5DA36B}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E7474FF4-766E-48E4-8344-8516B78E08D0}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7B36E4F1-F304-47B9-AC8A-7709A3897B6D}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1DCA0665-96E8-4882-A187-E493FB2CF1C1}
    DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8AE4494B-0806-4155-B9DC-BD783E68C739}
    
    C:\USERS\UZIVATEL\APPDATA\LOCAL\1A8C3A8E-BF19-4EF3-ADAE-40E9F007B1B2
    
    C:\USERS\UZIVATEL\APPDATA\LOCAL\$NTUNINSTALLWIC$\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\$NTUNINSTALLWIC$\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\1A8C3A8E-BF19-4EF3-ADAE-40E9F007B1B2\CONFIG.TXT
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\000001R.zip
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1530951083_log.txt
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1530981755_log.txt
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1531032520_log.txt
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1a1.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1b1.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1c1.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1d1.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1e1.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1g1.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1h1.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1i1.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data2.bin
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\epools.txt
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\license.txt
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msiexec64.exe
    C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msvcr110.dll
    C:\USERS\UZIVATEL\APPDATA\LOCAL\C.FRAMEWORK\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\C.FRAMEWORK\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\CAMSTUDIO 2.8.0\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\CAMSTUDIO 2.8.0\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\CCLEANER V9.18\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\CCLEANER V9.18\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\CHROME CLEANUP TOOLS\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\CHROME CLEANUP TOOLS\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\KERNELREPORTS\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\KERNELREPORTS\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\LOCAL EXTENSION SETTINGS\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\LOCAL EXTENSION SETTINGS\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\MICROSOFT WEBSITES\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\MICROSOFT WEBSITES\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\MINIPORT WDM DRIVER\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\MINIPORT WDM DRIVER\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\NET.FRAMEWORK SDK\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\NET.FRAMEWORK SDK\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\OPERA-12.8\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\OPERA-12.8\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\PEER.NET\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\PEER.NET\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\PLUGINS\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\PLUGINS\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WEB SERVER EXTENSIONS\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WEB SERVER EXTENSIONS\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS ANTIMALWARE UPDATES\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS ANTIMALWARE UPDATES\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER 11\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER 11\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS WORKFLOW FOUNDATION\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS WORKFLOW FOUNDATION\MSIEXEC64.EXE
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS.CONFIG.MSI\000001R.ZIP
    C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS.CONFIG.MSI\MSIEXEC64.EXE
    
    Hosts:
    EmptyTemp:
    End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

stargate17
Návštěvník
Návštěvník
Příspěvky: 35
Registrován: 04 črc 2018 21:11

Re: Vyskakování oken v prohlížeči

#14 Příspěvek od stargate17 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by Uzivatel (27-07-2018 20:15:02) Run:1
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B39DC897-007D-4C25-9C83-839507B40B08}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{272129F3-871C-46A5-81E5-995922719B08}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{81036FCB-3210-420A-9AF6-79773DAF0902}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{989B36A3-ED4D-4491-9294-8207E07CA143}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FE303028-64A4-4914-95D4-EB50A618C640}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{07AE4A82-857E-411E-9E3E-6F8157C8A5FC}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1103006C-F483-4875-A420-DB19A002F38F}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B7C95CCA-142D-4BDE-BE82-B01B3A8661C0}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F45A5E45-CBF1-48BB-89D1-D612843D6910}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D2191077-AACC-4B77-9059-FD93E9C5CA83}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E7722529-9A4C-4CF3-B70E-98095E3DCFEA}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DCE5C2B7-9937-4DD0-BC1F-B5304FAFCE78}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E6E10729-292E-4ECA-8667-CBC32BE12D0C}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F978955D-EA0C-4890-9041-B68F3520BFBF}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5AA784BF-619A-499D-B949-067DED8D9B66}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3D17E9CE-7DF1-4C1A-B9D6-1BDD6E9B1E20}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{9A526946-506C-4530-A903-1E605D8677AA}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E1D23649-40FC-49A1-B6E3-65A6C76C2764}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1302872D-C46A-4B9E-B7A5-29504FD48CD0}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{19AAE05E-1E54-491D-BE35-2DA341E5AA67}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5EB60CF9-ACFE-4CDC-996F-4D37EEBFD88B}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B8C0E83D-37F0-40AC-B1B7-AA37BED27DAD}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D8C3FAC6-7A64-4C7C-ABA7-E96808333169}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{05CFF1C6-0578-42E2-8044-752D3C627633}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5B386947-8224-4684-8E9D-0A42EF8758C4}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D2758966-AB18-4A02-8F61-642883CD136C}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8C82FB40-41BA-4BA7-80F6-6F43BCC54624}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D1B1AF00-CF4E-46CC-988C-4C59EEB72EE8}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E194915C-5E6E-4BA7-930B-2258773C60E1}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{16EA5B0D-4304-4C92-B55D-5D79EB57132A}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F1E1FBB6-56F2-4B20-8980-3F9F997961A5}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{18F336B0-3F99-4DE8-A882-31F7ED13F82A}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{88059ED8-2EC9-4334-8ECD-8DAC8C3136A5}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{24DBA152-E794-4871-91FC-783F19AEA4A5}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E0046BAF-FA02-402B-A1AE-7A7CEDE27509}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{65B49B9F-22A0-4148-8A4C-FE46BD23AE44}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{BE51AE88-C51E-4E57-BBB0-0C728468C086}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{30817713-723E-4C6D-8C2A-AA51D5977206}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1B64D89E-8A23-4902-941B-91B2B14FA3D6}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8D324C1B-8C2B-4F8A-AF38-50BEF13E6EE9}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{58597B73-BAD5-4B6F-A4C2-28561A5EAFA4}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{66B4A6B4-425F-4C48-85B5-D46C40D42EFC}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ED6B0A84-0DD3-4CC8-A9CC-7F907D127791}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{533A22C0-3C8C-4C82-8C67-84F77DC02179}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{4A4A8F24-05CA-44F0-A53A-6295435DEC2D}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F2E003EA-14FC-45D1-8EFD-C8D78354BE78}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{3CB745A4-B8DC-4C9E-8B00-5868C3F57D33}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{D675436D-85C5-487F-B627-ED5E0FE8EAFA}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{53D5ECDE-2CB8-4D24-A24D-E7F44A02CE98}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E79D44E3-B0BD-4064-8782-809FE3427F9D}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{07622E6D-E5DC-477A-BAEC-5AF5D289918A}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E536D8EE-40DA-4A62-A9D1-D1399C59CF4A}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{237C0AB3-D66C-4804-96E7-8D60D50EE60E}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A9C5942B-2F2B-46F9-A66E-A8FAB84A764E}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{122A5588-8B6D-47ED-91C0-DE4157A33764}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C3130561-AD94-4A1E-BAC2-7FA7F4B9A691}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A5C3F58C-B278-4BD5-8AED-7DCDBE3748BB}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{B1F8E2E5-F30C-4113-9E28-CC36C19EBAEE}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DCFC5C21-AD28-47E1-8480-D3BA7FFE2798}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ABC76A24-6406-4C20-9F4E-8FE3AA63ACFE}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{99283A88-3CEE-4A5E-B925-3131CA5C01A3}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{78B5E80B-C64C-413E-9B67-C221CF76BB36}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{DE6ABD50-56BE-4A49-B8A0-F2810B922190}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{5BED5BE0-B1B4-4A9A-A937-DC0DCB163464}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8F00308A-88D4-4547-B64A-BC4EDEEE3F5C}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{466595E8-4B47-4019-BCD7-068A117A16C6}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7EEB23C7-3451-4545-BC9D-E89A7EF84D10}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{42686DC4-0110-4B35-9C09-0705E7FBF166}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1258FB3F-798E-44A9-B8BE-3182591FE5E9}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{A49D32B5-AC31-4109-BAD3-197B20D0BAC6}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{C05ACE7C-7005-458A-8399-C1C0E3CF9482}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{ED8153F5-2EB9-448B-9D76-FB9994BE2810}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{FCB36F36-631F-4349-9BCE-0CB39E18C366}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{02964C69-541A-4492-BE42-FAFA9E31970F}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{19E75A1B-5AB2-47CD-8018-AC207AA7B0C9}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{F1485A8D-DD8E-4218-954F-7D43E5AFC90C}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{81914B85-2AAB-457D-8A80-D11348F80D14}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{67AA1D21-E98E-42E8-9E78-765EAEABAC03}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{969D20CE-A698-416E-B557-26EF9ED65666}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{40C764A1-839F-4A70-9D5B-B24836D8D268}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{AEC09311-0425-455E-B1A7-A4628C5DA36B}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{E7474FF4-766E-48E4-8344-8516B78E08D0}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{7B36E4F1-F304-47B9-AC8A-7709A3897B6D}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{1DCA0665-96E8-4882-A187-E493FB2CF1C1}
DeleteValue: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8AE4494B-0806-4155-B9DC-BD783E68C739}

C:\USERS\UZIVATEL\APPDATA\LOCAL\1A8C3A8E-BF19-4EF3-ADAE-40E9F007B1B2

C:\USERS\UZIVATEL\APPDATA\LOCAL\$NTUNINSTALLWIC$\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\$NTUNINSTALLWIC$\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\1A8C3A8E-BF19-4EF3-ADAE-40E9F007B1B2\CONFIG.TXT
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\000001R.zip
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1530951083_log.txt
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1530981755_log.txt
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1531032520_log.txt
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1a1.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1b1.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1c1.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1d1.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1e1.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1g1.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1h1.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1i1.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data2.bin
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\epools.txt
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\license.txt
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msiexec64.exe
C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msvcr110.dll
C:\USERS\UZIVATEL\APPDATA\LOCAL\C.FRAMEWORK\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\C.FRAMEWORK\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\CAMSTUDIO 2.8.0\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\CAMSTUDIO 2.8.0\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\CCLEANER V9.18\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\CCLEANER V9.18\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\CHROME CLEANUP TOOLS\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\CHROME CLEANUP TOOLS\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\KERNELREPORTS\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\KERNELREPORTS\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\LOCAL EXTENSION SETTINGS\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\LOCAL EXTENSION SETTINGS\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\MICROSOFT WEBSITES\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\MICROSOFT WEBSITES\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\MINIPORT WDM DRIVER\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\MINIPORT WDM DRIVER\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\NET.FRAMEWORK SDK\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\NET.FRAMEWORK SDK\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\OPERA-12.8\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\OPERA-12.8\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\PEER.NET\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\PEER.NET\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\PLUGINS\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\PLUGINS\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\WEB SERVER EXTENSIONS\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\WEB SERVER EXTENSIONS\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS ANTIMALWARE UPDATES\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS ANTIMALWARE UPDATES\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER 11\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER 11\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS WORKFLOW FOUNDATION\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS WORKFLOW FOUNDATION\MSIEXEC64.EXE
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS.CONFIG.MSI\000001R.ZIP
C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS.CONFIG.MSI\MSIEXEC64.EXE

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Error: Restore point can only be created in normal mode.
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{B39DC897-007D-4C25-9C83-839507B40B08}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{272129F3-871C-46A5-81E5-995922719B08}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{81036FCB-3210-420A-9AF6-79773DAF0902}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{989B36A3-ED4D-4491-9294-8207E07CA143}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{FE303028-64A4-4914-95D4-EB50A618C640}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{07AE4A82-857E-411E-9E3E-6F8157C8A5FC}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{1103006C-F483-4875-A420-DB19A002F38F}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{B7C95CCA-142D-4BDE-BE82-B01B3A8661C0}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{F45A5E45-CBF1-48BB-89D1-D612843D6910}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{D2191077-AACC-4B77-9059-FD93E9C5CA83}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{E7722529-9A4C-4CF3-B70E-98095E3DCFEA}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{DCE5C2B7-9937-4DD0-BC1F-B5304FAFCE78}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{E6E10729-292E-4ECA-8667-CBC32BE12D0C}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{F978955D-EA0C-4890-9041-B68F3520BFBF}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{5AA784BF-619A-499D-B949-067DED8D9B66}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{3D17E9CE-7DF1-4C1A-B9D6-1BDD6E9B1E20}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{9A526946-506C-4530-A903-1E605D8677AA}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{E1D23649-40FC-49A1-B6E3-65A6C76C2764}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{1302872D-C46A-4B9E-B7A5-29504FD48CD0}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{19AAE05E-1E54-491D-BE35-2DA341E5AA67}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{5EB60CF9-ACFE-4CDC-996F-4D37EEBFD88B}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{B8C0E83D-37F0-40AC-B1B7-AA37BED27DAD}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{D8C3FAC6-7A64-4C7C-ABA7-E96808333169}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{05CFF1C6-0578-42E2-8044-752D3C627633}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{5B386947-8224-4684-8E9D-0A42EF8758C4}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{D2758966-AB18-4A02-8F61-642883CD136C}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{8C82FB40-41BA-4BA7-80F6-6F43BCC54624}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{D1B1AF00-CF4E-46CC-988C-4C59EEB72EE8}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{E194915C-5E6E-4BA7-930B-2258773C60E1}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{16EA5B0D-4304-4C92-B55D-5D79EB57132A}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{F1E1FBB6-56F2-4B20-8980-3F9F997961A5}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{18F336B0-3F99-4DE8-A882-31F7ED13F82A}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{88059ED8-2EC9-4334-8ECD-8DAC8C3136A5}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{24DBA152-E794-4871-91FC-783F19AEA4A5}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{E0046BAF-FA02-402B-A1AE-7A7CEDE27509}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{65B49B9F-22A0-4148-8A4C-FE46BD23AE44}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{BE51AE88-C51E-4E57-BBB0-0C728468C086}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{30817713-723E-4C6D-8C2A-AA51D5977206}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{1B64D89E-8A23-4902-941B-91B2B14FA3D6}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{8D324C1B-8C2B-4F8A-AF38-50BEF13E6EE9}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{58597B73-BAD5-4B6F-A4C2-28561A5EAFA4}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{66B4A6B4-425F-4C48-85B5-D46C40D42EFC}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{ED6B0A84-0DD3-4CC8-A9CC-7F907D127791}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{533A22C0-3C8C-4C82-8C67-84F77DC02179}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{4A4A8F24-05CA-44F0-A53A-6295435DEC2D}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{F2E003EA-14FC-45D1-8EFD-C8D78354BE78}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{3CB745A4-B8DC-4C9E-8B00-5868C3F57D33}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{D675436D-85C5-487F-B627-ED5E0FE8EAFA}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{53D5ECDE-2CB8-4D24-A24D-E7F44A02CE98}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{E79D44E3-B0BD-4064-8782-809FE3427F9D}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{07622E6D-E5DC-477A-BAEC-5AF5D289918A}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{E536D8EE-40DA-4A62-A9D1-D1399C59CF4A}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{237C0AB3-D66C-4804-96E7-8D60D50EE60E}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{A9C5942B-2F2B-46F9-A66E-A8FAB84A764E}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{122A5588-8B6D-47ED-91C0-DE4157A33764}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{C3130561-AD94-4A1E-BAC2-7FA7F4B9A691}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{A5C3F58C-B278-4BD5-8AED-7DCDBE3748BB}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{B1F8E2E5-F30C-4113-9E28-CC36C19EBAEE}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{DCFC5C21-AD28-47E1-8480-D3BA7FFE2798}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{ABC76A24-6406-4C20-9F4E-8FE3AA63ACFE}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{99283A88-3CEE-4A5E-B925-3131CA5C01A3}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{78B5E80B-C64C-413E-9B67-C221CF76BB36}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{DE6ABD50-56BE-4A49-B8A0-F2810B922190}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{5BED5BE0-B1B4-4A9A-A937-DC0DCB163464}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{8F00308A-88D4-4547-B64A-BC4EDEEE3F5C}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{466595E8-4B47-4019-BCD7-068A117A16C6}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{7EEB23C7-3451-4545-BC9D-E89A7EF84D10}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{42686DC4-0110-4B35-9C09-0705E7FBF166}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{1258FB3F-798E-44A9-B8BE-3182591FE5E9}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{A49D32B5-AC31-4109-BAD3-197B20D0BAC6}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{C05ACE7C-7005-458A-8399-C1C0E3CF9482}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{ED8153F5-2EB9-448B-9D76-FB9994BE2810}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{FCB36F36-631F-4349-9BCE-0CB39E18C366}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{02964C69-541A-4492-BE42-FAFA9E31970F}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{19E75A1B-5AB2-47CD-8018-AC207AA7B0C9}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{F1485A8D-DD8E-4218-954F-7D43E5AFC90C}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{81914B85-2AAB-457D-8A80-D11348F80D14}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{67AA1D21-E98E-42E8-9E78-765EAEABAC03}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{969D20CE-A698-416E-B557-26EF9ED65666}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{40C764A1-839F-4A70-9D5B-B24836D8D268}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{AEC09311-0425-455E-B1A7-A4628C5DA36B}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{E7474FF4-766E-48E4-8344-8516B78E08D0}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{7B36E4F1-F304-47B9-AC8A-7709A3897B6D}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{1DCA0665-96E8-4882-A187-E493FB2CF1C1}" => not found
"HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\\{8AE4494B-0806-4155-B9DC-BD783E68C739}" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\1A8C3A8E-BF19-4EF3-ADAE-40E9F007B1B2" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\$NTUNINSTALLWIC$\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\$NTUNINSTALLWIC$\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\1A8C3A8E-BF19-4EF3-ADAE-40E9F007B1B2\CONFIG.TXT" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\000001R.zip" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1530951083_log.txt" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1530981755_log.txt" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\1531032520_log.txt" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1a1.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1b1.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1c1.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1d1.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1e1.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1g1.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1h1.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data1i1.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\Data2.bin" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\epools.txt" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\license.txt" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msiexec64.exe" => not found
"C:\Users\Uzivatel\AppData\Local\1a8c3a8e-bf19-4ef3-adae-40e9f007b1b2\msvcr110.dll" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\C.FRAMEWORK\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\C.FRAMEWORK\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\CAMSTUDIO 2.8.0\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\CAMSTUDIO 2.8.0\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\CCLEANER V9.18\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\CCLEANER V9.18\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\CHROME CLEANUP TOOLS\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\CHROME CLEANUP TOOLS\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\KERNELREPORTS\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\KERNELREPORTS\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\LOCAL EXTENSION SETTINGS\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\LOCAL EXTENSION SETTINGS\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\MICROSOFT WEBSITES\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\MICROSOFT WEBSITES\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\MINIPORT WDM DRIVER\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\MINIPORT WDM DRIVER\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\NET.FRAMEWORK SDK\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\NET.FRAMEWORK SDK\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\OPERA-12.8\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\OPERA-12.8\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\PEER.NET\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\PEER.NET\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\PLUGINS\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\PLUGINS\MSIEXEC64.EXE" => not found
Could not move "C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\000001R.ZIP" => Scheduled to move on reboot.
"C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WEB SERVER EXTENSIONS\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WEB SERVER EXTENSIONS\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS ANTIMALWARE UPDATES\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS ANTIMALWARE UPDATES\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER 11\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS MEDIA PLAYER 11\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS WORKFLOW FOUNDATION\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS WORKFLOW FOUNDATION\MSIEXEC64.EXE" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS.CONFIG.MSI\000001R.ZIP" => not found
"C:\USERS\UZIVATEL\APPDATA\LOCAL\WINDOWS.CONFIG.MSI\MSIEXEC64.EXE" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61370178 B
Java, Flash, Steam htmlcache => 21029 B
Windows/system/drivers => 18880322 B
Edge => 15784441 B
Chrome => 451196007 B
Firefox => 393381977 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 13744 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1604 B
NetworkService => 1318032 B
Uzivatel => 124121350 B

RecycleBin => 46726245960 B
EmptyTemp: => 44.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-07-2018 20:52:34)

C:\USERS\UZIVATEL\APPDATA\LOCAL\REMOTE NET.ASSISTANCE\000001R.ZIP => Is moved successfully

==== End of Fixlog 20:52:34 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Vyskakování oken v prohlížeči

#15 Příspěvek od Conder »

:arrow: Nastala nejaka zmena?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno