Dobrý den, poslední dobou se mi zdá, že vše tak nějak déle trvá.
Mohli byste se mi, prosím, podívat, zda je vše ok?
Děkuji
Logfile of random's system information tool 1.16 (written by random/random)
Run by Luiss at 2017-04-16 13:18:10
Microsoft Windows 10 Home
System drive C: has 206 GB (48%) free of 433 GB
Total RAM: 3848 MB (37% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:18:18, on 16. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0713)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE
C:\Program Files (x86)\SeaMonkey\seamonkey.exe
C:\Program Files\trend micro\Luiss_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IObit Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: IObit Ads Removal - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [EEDSpeedLauncher] rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
O4 - HKCU\..\Run: [Advanced SystemCare 10] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Luiss\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luiss\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [EEDSpeedLauncher] rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EEDSpeedLauncher] rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{ef42b151-2123-42fc-9c00-aa0450084f5e}: NameServer = 77.234.40.79
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 12601 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-160e4b68-9e5e-451c-a034-6794da05ca62 -SystemEventPortName:HostProcess-f4876b64-85de-41b1-993a-7c8cd61374ee -IoCancelEventPortName:HostProcess-279e0764-f7aa-4386-8ed9-9ec325f54cdd -NonStateChangingEventPortName:HostProcess-26b455af-cabe-4734-8b9c-b0a1a7bf09fd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e0807f7c-39f1-4450-b6ef-daae8b3f77ed -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\dashost.exe
C:\Program Files\AMD\amdkmpfd_un\atieclxx.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\WINDOWS\system32\rundll32.exe" -localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Users\Luiss\AppData\Local\Apps\2.0\RCHQG5O2.QH9\MKCGCPO5.4GO\lsb...tion_91a10ba61c75c82d_0001.0006_e3bbae03e10aca14\LSB.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
C:\WINDOWS\system32\fontdrvhost.exe
"C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE" /n "C:\Users\Luiss\Desktop\Škola\VŠ\ekonomika\Makroekonomie\Zpracované otázky MAKRO.docx" /o ""
C:\WINDOWS\system32\SppExtComObj.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\splwow64.exe 8192
C:\Windows\System32\LockAppHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
"C:\Program Files (x86)\SeaMonkey\seamonkey.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe329_ Global\UsGthrCtrlFltPipeMssGthrPipe329 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 600 604 612 8192 608
"C:\Users\Luiss\Desktop\RSITx64.exe"
====== Scheduled tasks folder ======
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\WINDOWS\system32\tasks\ASC10_PerformanceMonitor - C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task
C:\WINDOWS\system32\tasks\ASC10_SkipUac_Luiss - "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac
C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\avastBCLRestartS-1-5-21-190114010-3383128918-2368132129-1001 - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\Dolby Selector - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe -autostart
C:\WINDOWS\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe /scheduler
C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (Luiss) - C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe /skipuac
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\IObitSelfCheckTask - C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe /dotip
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1458803996 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\SmartDefrag_AutoAnalyze - C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe /AUTOANALYZE
C:\WINDOWS\system32\tasks\SmartDefrag_Startup - C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe /STARTUP
C:\WINDOWS\system32\tasks\SmartDefrag_Update - C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe /autorun
C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_Luiss - "C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe" /UninstallExplorer
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{43C2F194-9770-45D7-ACF8-A45207A61505} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{5486593B-7AC5-4558-9773-BBF2D631E7E7} - C:\WINDOWS\system32\pcalua.exe -a J:\autorun.exe -d J:\
C:\WINDOWS\system32\tasks\{67AFB1E1-2E58-4DE5-8A1E-8BFAAA5549AA} - "c:\program files (x86)\seamonkey\seamonkey.exe" http://www.skype.com/go/downloading?sou ... rror=12002
C:\WINDOWS\system32\tasks\{DA42E298-E633-4B46-AA98-6DCD7AC0BC80} - C:\windows\system32\pcalua.exe -a "C:\Users\Luiss\Desktop\evolveo-strongphone-accu\USB Driver\InstallDriver.exe" -d "C:\Users\Luiss\Desktop\evolveo-strongphone-accu\USB Driver"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-190114010-3383128918-2368132129-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - C:\WINDOWS\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe ForcedRebootRetry
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\SpaceMan.exe /Repair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\PLA\LSC Memory - C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\StorageSense - %windir%\system32\rundll32.exe %windir%\system32\StorageUsage.dll,GetStorageUsageInfo
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office Automatic Updates - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
C:\WINDOWS\system32\tasks\Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe scan upload
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program - "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Customer Feedback Program 64 35 - "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Solution Center Launcher - %programfiles%\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe UpdateStatus
C:\WINDOWS\system32\tasks\Lenovo\LSC\Lenovo Solution Center Notifications - %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScan - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\LSCHardwareScanPostpone - "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan
C:\WINDOWS\system32\tasks\Lenovo\LSC\RebootCountTask - "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe" Actions RebootCount
C:\WINDOWS\system32\tasks\Lenovo\LSC\Time72Task - "C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe" Actions CanUpdate
C:\WINDOWS\system32\tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-190114010-3383128918-2368132129-1001 - "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Luiss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF48
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF48
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708\addons.json
C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708\extensions.json
Avast Online Security - webextension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF48
Avast SafePrice - webextension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Site Deployment Checker - extension - deployment-checker@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Disable Prefetch - extension - disable-prefetch@mozilla.org - C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708\features\{d91c30d2-4c14-401a-9da1-39c4e51ebcf3}\disable-prefetch@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708\features\{d91c30d2-4c14-401a-9da1-39c4e51ebcf3}\e10srollout@mozilla.org.xpi
C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708\pluginreg.dat
Plugin - Shockwave Flash - 17.0.0.134 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
Plugin - Shockwave Flash - 25.0.0.127 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
=========Google Chrome=========
C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb Obchod 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 0 Seznam Lištička - Email 1.3.14
Extension blmojkbhnkkphngknkmgccmlenfaelkd 0 Seznam Lištička - Slovník 1.2.14
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 2 avast! Online Security 9.0.2018.95
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.31
Extension mfehgcgbbipciphmccgaenjidiccnmng Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.2.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam Lištička - Rychlá volba 1.7.10
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Homepage: http://www.google.com/
default_search_provider.search_url:
C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\daanglpcpkjjlkhcbladppjphglbigam]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E0BBCFA5-E978-4FE8-90FC-8266D9894952}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{E0BBCFA5-E978-4FE8-90FC-8266D9894952}]
"URL"=http://www.bing.com/search?q={searchTer ... &pc=MALNJS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
IObit Surfing Protection - C:\PROGRA~2\IObit\ADVANC~1\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2016-08-03 1203112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
IObit Ads Removal - C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23 734632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2016-12-09 3805928]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-02-01 36352]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2013-08-16 15792112]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2013-08-16 101360]
"StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-09-16 8027016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-03-30 213824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EEDSpeedLauncher"=C:\WINDOWS\system32\eed_ec.dll [2014-10-30 3141120]
"Advanced SystemCare 10"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2016-12-16 2913568]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-12-21 9292504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Luiss\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-12 155488]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-11-01 6006560]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-04-02 09:11:29 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-02 07:50:48 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-03-30 21:21:16 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2017-03-30 21:21:15 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-03-30 21:21:00 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-03-18 10:37:33 ----A---- C:\WINDOWS\system32\IObitSmartDefragExtension.dll
====== List of files/folders modified in the last 1 month ======
2017-04-16 13:18:13 ----D---- C:\Program Files\trend micro
2017-04-16 13:18:06 ----D---- C:\WINDOWS\Temp
2017-04-16 12:41:01 ----D---- C:\WINDOWS\system32\sru
2017-04-16 11:35:47 ----D---- C:\WINDOWS\Prefetch
2017-04-16 07:17:51 ----D---- C:\ProgramData\ProductData
2017-04-15 21:20:13 ----D---- C:\WINDOWS\system32\Tasks
2017-04-15 21:14:21 ----D---- C:\WINDOWS\system32\config
2017-04-15 21:06:42 ----D---- C:\WINDOWS\Microsoft.NET
2017-04-15 18:15:06 ----D---- C:\WINDOWS\system32\drivers
2017-04-15 15:45:00 ----D---- C:\WINDOWS\system32\NDF
2017-04-15 15:03:12 ----D---- C:\WINDOWS\AppReadiness
2017-04-14 17:28:40 ----HD---- C:\Program Files\WindowsApps
2017-04-13 17:37:35 ----HD---- C:\ProgramData
2017-04-13 04:36:09 ----SHD---- C:\WINDOWS\Installer
2017-04-13 04:36:09 ----SHD---- C:\Config.Msi
2017-04-13 04:31:09 ----RD---- C:\Program Files (x86)
2017-04-11 19:18:43 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-11 19:18:11 ----D---- C:\WINDOWS\SysWOW64
2017-04-11 17:53:18 ----D---- C:\WINDOWS\system32\Macromed
2017-04-11 17:53:15 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-04-10 17:35:14 ----SHD---- C:\System Volume Information
2017-04-02 20:16:25 ----D---- C:\WINDOWS\System32
2017-04-02 20:16:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-02 20:16:24 ----D---- C:\WINDOWS\INF
2017-04-02 14:14:28 ----RSD---- C:\WINDOWS\assembly
2017-04-02 09:10:16 ----D---- C:\WINDOWS\system32\CatRoot
2017-04-02 09:10:15 ----D---- C:\WINDOWS\system32\DriverStore
2017-04-02 09:04:10 ----D---- C:\WINDOWS\SoftwareDistribution
2017-04-02 09:03:28 ----D---- C:\WINDOWS\debug
2017-04-02 09:02:55 ----D---- C:\WINDOWS
2017-04-02 09:02:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-02 09:02:55 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-04-02 07:50:51 ----D---- C:\WINDOWS\CbsTemp
2017-04-02 07:50:49 ----D---- C:\WINDOWS\WinSxS
2017-04-02 07:50:44 ----D---- C:\WINDOWS\system32\catroot2
2017-03-24 05:50:58 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-03-24 05:50:03 ----AD---- C:\Program Files\Microsoft Office 15
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 amdkmpfd;@oem0.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2016-10-26 97184]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-03-28 189768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-03-28 334088]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-03-28 48528]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-03-30 75704]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-03-30 339696]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-06-18 1469952]
R0 LHDmgr;LHDmgr; C:\WINDOWS\System32\DRIVERS\LhdX64.sys [2013-08-16 39008]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-03-28 307736]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-03-30 32600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-03-30 101152]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-03-30 1005048]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-03-30 556784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-05-26 27552]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-03-30 127112]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-03-30 164064]
R2 NEWDRIVER;NEWDRIVER; \??\C:\WINDOWS\SysWow64\WinVDEdrv6.sys [2016-04-11 197648]
R3 ACPIVPC;@oem33.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2013-08-16 35600]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-10-26 26568856]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-10-26 536592]
R3 aswTap;@oem156.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2014-07-14 44640]
R3 athr;@oem170.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw10x.sys [2016-12-09 4317112]
R3 BTATH_BUS;@oem48.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-01-25 34384]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-12-09 605624]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-03 84992]
R3 CnxtHdAudService;@oem76.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-09-03 1561728]
R3 dtlitescsibus;@oem32.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-04-23 30264]
R3 dtliteusbbus;@oem36.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-04-23 47672]
R3 ETD;@oem165.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2016-12-09 594008]
R3 iwdbus;@oem79.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 L1C;@oem119.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2016-05-27 161864]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-03-30 38296]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-03 112640]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-03-29 245760]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-08-03 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-08-03 954368]
S3 clwvd7;@oem45.inf,%clwvd.DeviceDesc% Service;CyberLink WebCam Virtual Driver 7.0 Service; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [2015-03-24 42968]
S3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2016-05-27 30808]
S3 ewusbnet;@oem15.inf,%qcwwan.Service.DispName%;HUAWEI USB-NDIS miniport; C:\WINDOWS\System32\drivers\ewusbnet.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S4 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2016-09-16 155016]
R2 AdvancedSystemCareService10;Advanced SystemCare Service 10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-12-12 462624]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-10-26 305168]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-03-30 261712]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2017-01-17 3042032]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2016-12-09 134888]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-02-01 15344]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-10-21 1600800]
R2 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2016-10-28 360736]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-02-16 169432]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-07-29 3046688]
R2 OneSyncSvc_46331;Hostitel synchronizace_46331; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-03-30 7398336]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 PimIndexMaintenanceSvc_46331;Data kontaktů_46331; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
S2 MessagingService_112334;Služba zasílání zpráv_112334; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_13ab370d;Služba zasílání zpráv_13ab370d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_16bdaa;Služba zasílání zpráv_16bdaa; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_16d78df;Služba zasílání zpráv_16d78df; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_2408242;Služba zasílání zpráv_2408242; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_2881e;Služba zasílání zpráv_2881e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_302f4;Služba zasílání zpráv_302f4; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_386a3;Služba zasílání zpráv_386a3; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_39492;Služba zasílání zpráv_39492; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_3a841;Služba zasílání zpráv_3a841; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_3b372;Služba zasílání zpráv_3b372; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_3bb0d;Služba zasílání zpráv_3bb0d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_3ca94;Služba zasílání zpráv_3ca94; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_3cee2;Služba zasílání zpráv_3cee2; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_3d65c;Služba zasílání zpráv_3d65c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_3e125;Služba zasílání zpráv_3e125; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_3f19e;Služba zasílání zpráv_3f19e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_46331;Služba zasílání zpráv_46331; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_4edb9;Služba zasílání zpráv_4edb9; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_579f6;Služba zasílání zpráv_579f6; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_5bb85;Služba zasílání zpráv_5bb85; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_5d672;Služba zasílání zpráv_5d672; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_5efc1;Služba zasílání zpráv_5efc1; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_63d40;Služba zasílání zpráv_63d40; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_65872;Služba zasílání zpráv_65872; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_6971e;Služba zasílání zpráv_6971e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_6bc12;Služba zasílání zpráv_6bc12; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_6c235;Služba zasílání zpráv_6c235; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_6fc58;Služba zasílání zpráv_6fc58; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_72cb9;Služba zasílání zpráv_72cb9; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_78309;Služba zasílání zpráv_78309; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_7d13fd;Služba zasílání zpráv_7d13fd; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_8e266;Služba zasílání zpráv_8e266; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_99d21f;Služba zasílání zpráv_99d21f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_9aaaa;Služba zasílání zpráv_9aaaa; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_acabf;Služba zasílání zpráv_acabf; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 MessagingService_b1a1d;Služba zasílání zpráv_b1a1d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_112334;Hostitel synchronizace_112334; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_13ab370d;Hostitel synchronizace_13ab370d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_16bdaa;Hostitel synchronizace_16bdaa; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_16d78df;Hostitel synchronizace_16d78df; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_2408242;Hostitel synchronizace_2408242; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_2881e;Hostitel synchronizace_2881e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_302f4;Hostitel synchronizace_302f4; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_386a3;Hostitel synchronizace_386a3; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_39492;Hostitel synchronizace_39492; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_3a841;Hostitel synchronizace_3a841; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_3b372;Hostitel synchronizace_3b372; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_3bb0d;Hostitel synchronizace_3bb0d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_3ca94;Hostitel synchronizace_3ca94; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_3cee2;Hostitel synchronizace_3cee2; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_3d65c;Hostitel synchronizace_3d65c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_3e125;Hostitel synchronizace_3e125; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_3f19e;Hostitel synchronizace_3f19e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_4edb9;Hostitel synchronizace_4edb9; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_579f6;Hostitel synchronizace_579f6; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_5bb85;Hostitel synchronizace_5bb85; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_5d672;Hostitel synchronizace_5d672; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_5efc1;Hostitel synchronizace_5efc1; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_63d40;Hostitel synchronizace_63d40; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_65872;Hostitel synchronizace_65872; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_6971e;Hostitel synchronizace_6971e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_6bc12;Hostitel synchronizace_6bc12; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_6c235;Hostitel synchronizace_6c235; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_6fc58;Hostitel synchronizace_6fc58; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_72cb9;Hostitel synchronizace_72cb9; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_78309;Hostitel synchronizace_78309; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_7d13fd;Hostitel synchronizace_7d13fd; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_8e266;Hostitel synchronizace_8e266; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_99d21f;Hostitel synchronizace_99d21f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_9aaaa;Hostitel synchronizace_9aaaa; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_acabf;Hostitel synchronizace_acabf; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 OneSyncSvc_b1a1d;Hostitel synchronizace_b1a1d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-04-04 1443520]
S3 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2015-01-14 123904]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-08-16 1484080]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-04-01 172488]
S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-06-02 150600]
S3 PimIndexMaintenanceSvc_112334;Data kontaktů_112334; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_13ab370d;Data kontaktů_13ab370d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_16bdaa;Data kontaktů_16bdaa; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_16d78df;Data kontaktů_16d78df; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_2408242;Data kontaktů_2408242; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_2881e;Data kontaktů_2881e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_302f4;Data kontaktů_302f4; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_386a3;Data kontaktů_386a3; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_39492;Data kontaktů_39492; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_3a841;Data kontaktů_3a841; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_3b372;Data kontaktů_3b372; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_3bb0d;Data kontaktů_3bb0d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_3ca94;Data kontaktů_3ca94; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_3cee2;Data kontaktů_3cee2; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_3d65c;Data kontaktů_3d65c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_3e125;Data kontaktů_3e125; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_3f19e;Data kontaktů_3f19e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_4edb9;Data kontaktů_4edb9; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_579f6;Data kontaktů_579f6; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_5bb85;Data kontaktů_5bb85; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_5d672;Data kontaktů_5d672; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_5efc1;Data kontaktů_5efc1; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_63d40;Data kontaktů_63d40; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_65872;Data kontaktů_65872; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_6971e;Data kontaktů_6971e; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_6bc12;Data kontaktů_6bc12; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_6c235;Data kontaktů_6c235; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_6fc58;Data kontaktů_6fc58; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_72cb9;Data kontaktů_72cb9; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_78309;Data kontaktů_78309; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_7d13fd;Data kontaktů_7d13fd; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_8e266;Data kontaktů_8e266; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_99d21f;Data kontaktů_99d21f; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_9aaaa;Data kontaktů_9aaaa; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_acabf;Data kontaktů_acabf; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 PimIndexMaintenanceSvc_b1a1d;Data kontaktů_b1a1d; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola ntb- pomalé
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola ntb- pomalé
Zdravim 
Odinstalujte vse od IObit. Muze to pekne naborit system 
Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Odinstalujte vse od IObit. Muze to pekne naborit system Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola ntb- pomalé
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 10586] (x64)
Date : 2017/04/18 15:54:10
-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series Chipset Family SATA AHCI Controller [ATA]
- ST500LM000-1EJ162
- PLDS DVD-RW DS8A9SH
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST500LM000-1EJ162 : 500,1 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST500LM000-1EJ162
----------------------------------------------------------------------------
Model : ST500LM000-1EJ162
Firmware : LVD1
Serial Number : W3707RG3
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 6097 hod.
Power On Count : 4864 krát
Temperature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _99 __6 00000AF91AC8 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 00000000134D Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _68 _54 _30 001508DF248F Počet chybných hledání
09 _94 _94 __0 0000000017D1 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 000000001300 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000001 Časový limit příkazu
BD __1 __1 __0 0000000000DB Vysoká rychlost zápisu
BE _62 _41 _45 00D6260F0026 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000107 Počet vypnutí disku
C1 _87 _87 __0 0000000065DF Počet cyklů načítání/vymazání
C2 _38 _59 __0 800000000026 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5733 3730 3752 4733
020: 0000 0000 0004 4C56 4431 2020 2020 5354 3530 304C
030: 4D30 3030 2D31 454A 3136 3220 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8F0E 0006 004C 004C
080: 03F0 001F 346B 7D09 6163 3469 BC09 6163 407F 0031
090: 0031 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 C500
110: 69D3 760E 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0001 0000 0000 7200 8806
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1081 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 29A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 76 63 C8 1A F9 0A 00 00 00 03 03
010: 00 63 63 00 00 00 00 00 00 00 04 32 00 60 60 4D
020: 13 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 44 36 8F 24 DF 08 15 00 00 09 32
040: 00 5E 5E D1 17 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 60 60 00 13 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 01
080: 00 00 00 00 00 00 BD 3A 00 01 01 DB 00 00 00 00
090: 00 00 BE 22 00 3E 29 26 00 0F 26 D6 00 00 BF 32
0A0: 00 64 64 00 00 00 00 00 00 00 C0 32 00 64 64 07
0B0: 01 00 00 00 00 00 C1 32 00 57 57 DF 65 00 00 00
0C0: 00 00 C2 22 00 26 3B 26 00 00 00 00 80 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 FE 32 00 64 64 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 8B 00 00 73
170: 03 00 01 00 01 65 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 31 10 00 00 02 01 01 01 01 01 01 02
190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 B7 95 19 EC F6 13 00 00
1B0: 00 00 00 00 01 00 39 1F 83 0F B9 4F 04 00 00 00
1C0: 88 13 7F 7E 05 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 4D 17 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 61
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 FE 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89
ještě ted druhý....
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 10586] (x64)
Date : 2017/04/18 15:54:10
-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series Chipset Family SATA AHCI Controller [ATA]
- ST500LM000-1EJ162
- PLDS DVD-RW DS8A9SH
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST500LM000-1EJ162 : 500,1 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST500LM000-1EJ162
----------------------------------------------------------------------------
Model : ST500LM000-1EJ162
Firmware : LVD1
Serial Number : W3707RG3
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 6097 hod.
Power On Count : 4864 krát
Temperature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _99 __6 00000AF91AC8 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 00000000134D Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _68 _54 _30 001508DF248F Počet chybných hledání
09 _94 _94 __0 0000000017D1 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 000000001300 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000001 Časový limit příkazu
BD __1 __1 __0 0000000000DB Vysoká rychlost zápisu
BE _62 _41 _45 00D6260F0026 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000107 Počet vypnutí disku
C1 _87 _87 __0 0000000065DF Počet cyklů načítání/vymazání
C2 _38 _59 __0 800000000026 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5733 3730 3752 4733
020: 0000 0000 0004 4C56 4431 2020 2020 5354 3530 304C
030: 4D30 3030 2D31 454A 3136 3220 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8F0E 0006 004C 004C
080: 03F0 001F 346B 7D09 6163 3469 BC09 6163 407F 0031
090: 0031 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 C500
110: 69D3 760E 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0001 0000 0000 7200 8806
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1081 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 29A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 76 63 C8 1A F9 0A 00 00 00 03 03
010: 00 63 63 00 00 00 00 00 00 00 04 32 00 60 60 4D
020: 13 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 44 36 8F 24 DF 08 15 00 00 09 32
040: 00 5E 5E D1 17 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 60 60 00 13 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 01
080: 00 00 00 00 00 00 BD 3A 00 01 01 DB 00 00 00 00
090: 00 00 BE 22 00 3E 29 26 00 0F 26 D6 00 00 BF 32
0A0: 00 64 64 00 00 00 00 00 00 00 C0 32 00 64 64 07
0B0: 01 00 00 00 00 00 C1 32 00 57 57 DF 65 00 00 00
0C0: 00 00 C2 22 00 26 3B 26 00 00 00 00 80 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 FE 32 00 64 64 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 8B 00 00 73
170: 03 00 01 00 01 65 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 31 10 00 00 02 01 01 01 01 01 01 02
190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 B7 95 19 EC F6 13 00 00
1B0: 00 00 00 00 01 00 39 1F 83 0F B9 4F 04 00 00 00
1C0: 88 13 7F 7E 05 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 4D 17 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 61
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 FE 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89
ještě ted druhý....
Re: Kontrola ntb- pomalé
# AdwCleaner v6.045 - Log vytvořen 18/04/2017 v 16:02:05
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-17.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Luiss - LUISS
# Spuštěno z : C:\Users\Luiss\Desktop\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Luiss\AppData\LocalLow\IObit\Advanced SystemCare
[-] Složka smazána: C:\Users\Luiss\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\ProgramData\IObit\ASCDownloader
[-] Složka smazána: C:\ProgramData\IObit\Advanced SystemCare
[#] Složka smazána po restartu: C:\Program Files (x86)\IObit\Advanced SystemCare
[-] Složka smazána: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[-] Složka smazána: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\IOBIT\ASC
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4190 Bajty] - [08/08/2016 19:06:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2138 Bajty] - [18/04/2017 16:02:05]
C:\AdwCleaner\AdwCleaner[R0].txt - [867 Bajty] - [11/06/2014 16:18:44]
C:\AdwCleaner\AdwCleaner[R1].txt - [926 Bajty] - [11/06/2014 16:20:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [2732 Bajty] - [18/04/2017 16:00:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [5266 Bajty] - [08/08/2016 19:02:23]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2501 Bajty] ##########
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-17.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Luiss - LUISS
# Spuštěno z : C:\Users\Luiss\Desktop\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Luiss\AppData\LocalLow\IObit\Advanced SystemCare
[-] Složka smazána: C:\Users\Luiss\AppData\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: C:\ProgramData\IObit\ASCDownloader
[-] Složka smazána: C:\ProgramData\IObit\Advanced SystemCare
[#] Složka smazána po restartu: C:\Program Files (x86)\IObit\Advanced SystemCare
[-] Složka smazána: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[-] Složka smazána: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\IOBIT\ASC
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4190 Bajty] - [08/08/2016 19:06:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2138 Bajty] - [18/04/2017 16:02:05]
C:\AdwCleaner\AdwCleaner[R0].txt - [867 Bajty] - [11/06/2014 16:18:44]
C:\AdwCleaner\AdwCleaner[R1].txt - [926 Bajty] - [11/06/2014 16:20:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [2732 Bajty] - [18/04/2017 16:00:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [5266 Bajty] - [08/08/2016 19:02:23]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2501 Bajty] ##########
Re: Kontrola ntb- pomalé
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola ntb- pomalé
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 20.04.17
Čas skenování: 18:01
Logovací soubor: scan.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.1769
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: LUISS\Luiss
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 403871
Uplynulý čas: 2 hod, 24 min, 9 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 9
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\CLASSES\INTERFACE\{BA935377-E17C-4475-B1BF-DE3110613A99}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BA935377-E17C-4475-B1BF-DE3110613A99}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BA935377-E17C-4475-B1BF-DE3110613A99}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\CLASSES\TYPELIB\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\WOW6432NODE\IOBIT\Advanced SystemCare, Žádná uživatelská akce, [1459], [380349],1.0.1769
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Reverse Page, Žádná uživatelská akce, [51], [254026],1.0.1769
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util Reverse Page, Žádná uživatelská akce, [51], [254026],1.0.1769
Hodnota v registru: 1
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-190114010-3383128918-2368132129-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|2, Žádná uživatelská akce, [1459], [380354],1.0.1769
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 2
PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\IObit\Advanced SystemCare\KB3210721.cab_Temp, Žádná uživatelská akce, [1458], [380334],1.0.1769
PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\IObit\Advanced SystemCare, Žádná uživatelská akce, [1458], [380334],1.0.1769
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 20.04.17
Čas skenování: 18:01
Logovací soubor: scan.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.1769
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: LUISS\Luiss
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 403871
Uplynulý čas: 2 hod, 24 min, 9 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 9
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\CLASSES\INTERFACE\{BA935377-E17C-4475-B1BF-DE3110613A99}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BA935377-E17C-4475-B1BF-DE3110613A99}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BA935377-E17C-4475-B1BF-DE3110613A99}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\CLASSES\TYPELIB\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}, Žádná uživatelská akce, [1459], [380348],1.0.1769
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\WOW6432NODE\IOBIT\Advanced SystemCare, Žádná uživatelská akce, [1459], [380349],1.0.1769
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Reverse Page, Žádná uživatelská akce, [51], [254026],1.0.1769
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util Reverse Page, Žádná uživatelská akce, [51], [254026],1.0.1769
Hodnota v registru: 1
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-190114010-3383128918-2368132129-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UFH\SHC|2, Žádná uživatelská akce, [1459], [380354],1.0.1769
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 2
PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\IObit\Advanced SystemCare\KB3210721.cab_Temp, Žádná uživatelská akce, [1458], [380334],1.0.1769
PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\IObit\Advanced SystemCare, Žádná uživatelská akce, [1458], [380334],1.0.1769
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Kontrola ntb- pomalé
Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (staci uz jen Sken hrozeb), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola ntb- pomalé
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 21.04.17
Čas skenování: 21:18
Logovací soubor: scan.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.1777
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: LUISS\Luiss
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 391576
Uplynulý čas: 5 min, 18 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 21.04.17
Čas skenování: 21:18
Logovací soubor: scan.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.1777
Licence: Zkušební
-Systémová informace-
OS: Windows 10
CPU: x64
Systém souborů: NTFS
Uživatel: LUISS\Luiss
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 391576
Uplynulý čas: 5 min, 18 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Kontrola ntb- pomalé
MBAM odinstalujte. Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach (Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola ntb- pomalé
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2017 01
Ran by Luiss (administrator) on LUISS (23-04-2017 15:51:19)
Running from C:\Users\Luiss\Desktop
Loaded Profiles: Luiss (Available Profiles: Luiss)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\SeaMonkey\seamonkey.exe" -requestPending -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Program Files\AMD\amdkmpfd_un\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
() C:\WINDOWS\System32\igfxTray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo) C:\Users\Luiss\AppData\Local\Apps\2.0\RCHQG5O2.QH9\MKCGCPO5.4GO\lsb...tion_91a10ba61c75c82d_0001.0006_e3bbae03e10aca14\LSB.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(mozilla.org) C:\Program Files (x86)\SeaMonkey\seamonkey.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\WINDOWS\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(mozilla.org) C:\Program Files (x86)\SeaMonkey\seamonkey.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3805928 2016-12-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-01] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-08-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-08-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-03-30] (AVAST Software)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\RunOnce: [Uninstall C:\Users\Luiss\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luiss\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\MountPoints2: {d8103402-cd9a-11e6-bf5d-208984f5257c} - "K:\Autorun.exe"
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\MountPoints2: {d810343e-cd9a-11e6-bf5d-208984f5257c} - "K:\Autorun.exe"
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\MountPoints2: {d810348d-cd9a-11e6-bf5d-208984f5257c} - "K:\Autorun.exe"
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\MountPoints2: {d8103550-cd9a-11e6-bf5d-208984f5257c} - "K:\Autorun.exe"
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-30] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 217.196.209.2
Tcpip\..\Interfaces\{a3275980-c7b5-4e3d-9e7c-98908e13b8cd}: [DhcpNameServer] 8.8.8.8 217.196.209.2
Tcpip\..\Interfaces\{a5be7b5d-0902-4da0-aaf3-11f5c862ddf0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ef42b151-2123-42fc-9c00-aa0450084f5e}: [NameServer] 77.234.40.79
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {06B40535-5F38-4C52-9DA7-FDBE79FE9C2B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {14AA0021-30FF-4F49-B990-676A72F98033} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {1F24EA1E-C564-488D-8428-AEDBDA1A9C07} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {20DBEB51-122E-4641-9E1C-84A4D7C34EFE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {2A17049A-C29A-454E-939B-FB30ECA9E3FD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {5907291C-745C-4135-B553-FC05DB008A68} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {CAE31E5E-97AF-41E3-BCA1-A4CDB41E09F6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {FB9C6F57-26A1-4017-9D3A-B4E64133C6AE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Luiss\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5cq6gkh9.default [2017-04-23]
FF Homepage: Mozilla\SeaMonkey\Profiles\5cq6gkh9.default -> hxxp://seznam.cz
FF Session Restore: Mozilla\SeaMonkey\Profiles\5cq6gkh9.default -> is enabled.
FF Extension: (DOM Inspector) - C:\Users\Luiss\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5cq6gkh9.default\Extensions\inspector@mozilla.org [2016-04-27]
FF Extension: (ChatZilla) - C:\Users\Luiss\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5cq6gkh9.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-11-10]
FF Extension: (JavaScript Debugger) - C:\Users\Luiss\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5cq6gkh9.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-04-27]
FF ProfilePath: C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708 [2017-04-21]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708 -> Google
FF Homepage: Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708 -> hxxps://www.seznam.cz/
FF Extension: (Disable Prefetch) - C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708\features\{d91c30d2-4c14-401a-9da1-39c4e51ebcf3}\disable-prefetch@mozilla.org.xpi [2017-04-08]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-01] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-30]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-190114010-3383128918-2368132129-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Luiss\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-190114010-3383128918-2368132129-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default [2017-03-19]
CHR Extension: (Prezentace Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-20]
CHR Extension: (Dokumenty Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-13]
CHR Extension: (Disk Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-02]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-04-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-04-20]
CHR Extension: (YouTube) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-02]
CHR Extension: (Tabulky Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-26]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-04-20]
CHR Extension: (Gmail) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-13]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-03-30] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-03-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2015-01-14] (Dassault Systèmes) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2016-12-09] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-01] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373160 2015-12-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-02-16] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-12-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-12-28] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [97184 2016-10-26] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [307736 2017-03-28] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-28] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334088 2017-03-28] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-28] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-30] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-03-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [127112 2017-03-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-03-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1005048 2017-03-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [556784 2017-03-30] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [164064 2017-03-30] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-07-14] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-03-30] (AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4317112 2016-12-09] (Qualcomm Atheros Communications, Inc.)
S3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-23] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-23] (Disc Soft Ltd)
S3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2016-05-27] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-05-26] (REALiX(tm))
S3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [442368 2013-04-23] (Intel(R) Corporation) [File not signed]
R2 NEWDRIVER; C:\WINDOWS\SysWow64\WinVDEdrv6.sys [197648 2016-04-11] ()
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-12-09] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3127552 2016-12-09] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-27] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 ewusbnet; \SystemRoot\System32\drivers\ewusbnet.sys [X]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-23 15:51 - 2017-04-23 15:52 - 00027114 _____ C:\Users\Luiss\Desktop\FRST.txt
2017-04-23 15:50 - 2017-04-23 15:50 - 02426368 _____ (Farbar) C:\Users\Luiss\Desktop\FRST64.exe
2017-04-23 15:50 - 2017-04-23 15:50 - 00000000 ____D C:\Users\Luiss\Desktop\FRST-OlderVersion
2017-04-21 21:24 - 2017-04-21 21:24 - 00001472 _____ C:\Users\Luiss\Desktop\scan.txt
2017-04-21 21:24 - 2017-04-21 21:24 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-21 21:15 - 2017-04-21 21:15 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-20 17:57 - 2017-04-20 17:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-20 17:56 - 2017-04-20 17:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-18 15:53 - 2017-04-18 15:53 - 00001288 _____ C:\Users\Luiss\Desktop\CrystalDiskInfo.lnk
2017-04-18 15:53 - 2017-04-18 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-04-18 15:53 - 2017-04-18 15:53 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-04-15 21:20 - 2017-04-15 21:20 - 00003018 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Luiss)
2017-04-11 19:19 - 2017-04-11 19:19 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-11 19:18 - 2017-04-11 19:18 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-02 20:14 - 2017-04-02 20:16 - 00000000 ____D C:\Users\Luiss\Desktop\Office 2007 cz
2017-04-02 07:50 - 2017-04-02 07:50 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-02 07:50 - 2017-04-02 07:50 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-01 13:45 - 2017-04-01 13:45 - 00004002 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458803996
2017-04-01 13:45 - 2017-04-01 13:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-30 21:21 - 2017-03-30 21:21 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-30 21:21 - 2017-03-30 21:20 - 01005048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00556784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00399944 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-30 21:21 - 2017-03-30 21:20 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00164064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00127112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-30 21:21 - 2017-03-28 20:56 - 00334088 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-30 21:21 - 2017-03-28 20:56 - 00307736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-30 21:21 - 2017-03-28 20:56 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-30 21:21 - 2017-03-28 20:56 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-27 19:24 - 2017-03-27 20:13 - 00033476 _____ C:\Users\Luiss\Desktop\Sešit2.xlsx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-23 15:51 - 2016-08-08 21:36 - 00000000 ____D C:\FRST
2017-04-23 13:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-23 13:09 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-23 12:30 - 2014-12-24 12:45 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{43C2F194-9770-45D7-ACF8-A45207A61505}
2017-04-22 19:39 - 2015-09-16 20:04 - 00000000 ____D C:\Users\Luiss\AppData\Local\ElevatedDiagnostics
2017-04-22 11:55 - 2015-01-11 09:51 - 00000000 ____D C:\Users\Luiss\Desktop\zuzuky
2017-04-21 21:15 - 2014-08-18 11:46 - 00000000 __SHD C:\Users\Luiss\IntelGraphicsProfiles
2017-04-21 21:14 - 2016-01-14 20:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-21 21:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-04-21 21:13 - 2016-08-12 16:49 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-04-21 21:13 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2017-04-21 21:07 - 2016-05-26 18:11 - 00000000 ____D C:\Program Files (x86)\IObit
2017-04-18 16:10 - 2016-01-14 19:30 - 00794420 _____ C:\WINDOWS\system32\perfh019.dat
2017-04-18 16:10 - 2016-01-14 19:30 - 00157692 _____ C:\WINDOWS\system32\perfc019.dat
2017-04-18 16:10 - 2015-10-30 20:31 - 00752310 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-18 16:10 - 2015-10-30 20:31 - 00151396 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-18 16:10 - 2015-08-01 09:53 - 02727380 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-18 16:02 - 2014-06-11 16:18 - 00000000 ____D C:\AdwCleaner
2017-04-18 16:01 - 2016-05-26 18:11 - 00000000 ____D C:\Users\Luiss\AppData\Roaming\IObit
2017-04-18 16:01 - 2016-05-26 18:11 - 00000000 ____D C:\Users\Luiss\AppData\LocalLow\IObit
2017-04-18 16:01 - 2016-05-26 18:11 - 00000000 ____D C:\ProgramData\IObit
2017-04-18 10:45 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-18 10:44 - 2014-06-03 17:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-04-18 10:33 - 2016-05-26 18:12 - 00000000 ____D C:\ProgramData\ProductData
2017-04-16 13:18 - 2014-06-10 20:38 - 00000000 ____D C:\Program Files\trend micro
2017-04-15 15:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-13 17:12 - 2016-01-01 14:01 - 00000000 ____D C:\Users\Luiss\Desktop\luiss
2017-04-13 04:31 - 2014-06-02 19:31 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-13 04:31 - 2014-06-02 19:31 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-12 22:10 - 2016-11-26 18:26 - 00000000 ____D C:\Users\Luiss\AppData\LocalLow\Mozilla
2017-04-11 17:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-11 17:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-11 17:53 - 2014-06-03 17:42 - 00004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-10 19:09 - 2014-06-02 19:14 - 00000000 ____D C:\Users\Luiss\AppData\Local\Packages
2017-04-06 21:55 - 2014-11-08 10:51 - 00000000 ___RD C:\Users\Luiss\Desktop\filmy
2017-04-06 17:16 - 2014-06-02 19:33 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-02 09:02 - 2016-11-20 20:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-02 09:02 - 2014-06-02 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-02 07:50 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
==================== Files in the root of some directories =======
2014-06-09 15:41 - 2015-01-11 09:30 - 0099384 _____ () C:\Users\Luiss\AppData\Roaming\inst.exe
2014-06-09 15:41 - 2015-01-11 09:30 - 0007859 _____ () C:\Users\Luiss\AppData\Roaming\pcouffin.cat
2014-06-09 15:41 - 2015-01-11 09:30 - 0001167 _____ () C:\Users\Luiss\AppData\Roaming\pcouffin.inf
2014-06-09 15:41 - 2015-01-11 09:30 - 0000055 _____ () C:\Users\Luiss\AppData\Roaming\pcouffin.log
2014-06-09 15:41 - 2015-01-11 09:30 - 0082816 _____ (VSO Software) C:\Users\Luiss\AppData\Roaming\pcouffin.sys
2015-05-24 16:12 - 2016-06-25 08:58 - 0007597 _____ () C:\Users\Luiss\AppData\Local\Resmon.ResmonCfg
2014-06-10 19:12 - 2014-06-10 19:12 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-03-17 19:34 - 2017-03-17 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2017-04-02 09:07 - 2017-04-02 09:07 - 0003072 _____ () C:\Users\Luiss\AppData\Local\Temp\kxcaimc5.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-04-15 21:06
==================== End of FRST.txt ============================
Ran by Luiss (administrator) on LUISS (23-04-2017 15:51:19)
Running from C:\Users\Luiss\Desktop
Loaded Profiles: Luiss (Available Profiles: Luiss)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\SeaMonkey\seamonkey.exe" -requestPending -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Program Files\AMD\amdkmpfd_un\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
() C:\WINDOWS\System32\igfxTray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo) C:\Users\Luiss\AppData\Local\Apps\2.0\RCHQG5O2.QH9\MKCGCPO5.4GO\lsb...tion_91a10ba61c75c82d_0001.0006_e3bbae03e10aca14\LSB.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(mozilla.org) C:\Program Files (x86)\SeaMonkey\seamonkey.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\WINDOWS\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(mozilla.org) C:\Program Files (x86)\SeaMonkey\seamonkey.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3805928 2016-12-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-01] (Intel Corporation)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2013-08-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2013-08-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-03-30] (AVAST Software)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\RunOnce: [Uninstall C:\Users\Luiss\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luiss\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\MountPoints2: {d8103402-cd9a-11e6-bf5d-208984f5257c} - "K:\Autorun.exe"
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\MountPoints2: {d810343e-cd9a-11e6-bf5d-208984f5257c} - "K:\Autorun.exe"
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\MountPoints2: {d810348d-cd9a-11e6-bf5d-208984f5257c} - "K:\Autorun.exe"
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\...\MountPoints2: {d8103550-cd9a-11e6-bf5d-208984f5257c} - "K:\Autorun.exe"
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-30] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Luiss\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 217.196.209.2
Tcpip\..\Interfaces\{a3275980-c7b5-4e3d-9e7c-98908e13b8cd}: [DhcpNameServer] 8.8.8.8 217.196.209.2
Tcpip\..\Interfaces\{a5be7b5d-0902-4da0-aaf3-11f5c862ddf0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ef42b151-2123-42fc-9c00-aa0450084f5e}: [NameServer] 77.234.40.79
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-190114010-3383128918-2368132129-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {06B40535-5F38-4C52-9DA7-FDBE79FE9C2B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {14AA0021-30FF-4F49-B990-676A72F98033} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {1F24EA1E-C564-488D-8428-AEDBDA1A9C07} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {20DBEB51-122E-4641-9E1C-84A4D7C34EFE} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {2A17049A-C29A-454E-939B-FB30ECA9E3FD} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {5907291C-745C-4135-B553-FC05DB008A68} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {CAE31E5E-97AF-41E3-BCA1-A4CDB41E09F6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_27368
SearchScopes: HKU\S-1-5-21-190114010-3383128918-2368132129-1001 -> {FB9C6F57-26A1-4017-9D3A-B4E64133C6AE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_27368
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Luiss\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5cq6gkh9.default [2017-04-23]
FF Homepage: Mozilla\SeaMonkey\Profiles\5cq6gkh9.default -> hxxp://seznam.cz
FF Session Restore: Mozilla\SeaMonkey\Profiles\5cq6gkh9.default -> is enabled.
FF Extension: (DOM Inspector) - C:\Users\Luiss\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5cq6gkh9.default\Extensions\inspector@mozilla.org [2016-04-27]
FF Extension: (ChatZilla) - C:\Users\Luiss\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5cq6gkh9.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-11-10]
FF Extension: (JavaScript Debugger) - C:\Users\Luiss\AppData\Roaming\Mozilla\SeaMonkey\Profiles\5cq6gkh9.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-04-27]
FF ProfilePath: C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708 [2017-04-21]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708 -> Google
FF Homepage: Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708 -> hxxps://www.seznam.cz/
FF Extension: (Disable Prefetch) - C:\Users\Luiss\AppData\Roaming\Mozilla\Firefox\Profiles\fefo2whc.default-1489509572708\features\{d91c30d2-4c14-401a-9da1-39c4e51ebcf3}\disable-prefetch@mozilla.org.xpi [2017-04-08]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-01] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-30]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-190114010-3383128918-2368132129-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Luiss\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-190114010-3383128918-2368132129-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default [2017-03-19]
CHR Extension: (Prezentace Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-20]
CHR Extension: (Dokumenty Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-13]
CHR Extension: (Disk Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-02]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-04-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-04-20]
CHR Extension: (YouTube) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-02]
CHR Extension: (Tabulky Google) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-26]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-04-20]
CHR Extension: (Gmail) - C:\Users\Luiss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-13]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-03-30] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-03-30] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2015-01-14] (Dassault Systèmes) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2016-12-09] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-01] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373160 2015-12-24] (Intel Corporation)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-02-16] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-12-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-12-28] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-01-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [97184 2016-10-26] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [307736 2017-03-28] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-28] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334088 2017-03-28] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-28] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-30] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-03-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [127112 2017-03-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-03-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1005048 2017-03-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [556784 2017-03-30] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [164064 2017-03-30] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-07-14] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-03-30] (AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4317112 2016-12-09] (Qualcomm Atheros Communications, Inc.)
S3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-04-23] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-04-23] (Disc Soft Ltd)
S3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2016-05-27] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-05-26] (REALiX(tm))
S3 IntcDAud; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [442368 2013-04-23] (Intel(R) Corporation) [File not signed]
R2 NEWDRIVER; C:\WINDOWS\SysWow64\WinVDEdrv6.sys [197648 2016-04-11] ()
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-12-09] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3127552 2016-12-09] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-27] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 ewusbnet; \SystemRoot\System32\drivers\ewusbnet.sys [X]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-23 15:51 - 2017-04-23 15:52 - 00027114 _____ C:\Users\Luiss\Desktop\FRST.txt
2017-04-23 15:50 - 2017-04-23 15:50 - 02426368 _____ (Farbar) C:\Users\Luiss\Desktop\FRST64.exe
2017-04-23 15:50 - 2017-04-23 15:50 - 00000000 ____D C:\Users\Luiss\Desktop\FRST-OlderVersion
2017-04-21 21:24 - 2017-04-21 21:24 - 00001472 _____ C:\Users\Luiss\Desktop\scan.txt
2017-04-21 21:24 - 2017-04-21 21:24 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-21 21:15 - 2017-04-21 21:15 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-20 17:57 - 2017-04-20 17:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-20 17:56 - 2017-04-20 17:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-18 15:53 - 2017-04-18 15:53 - 00001288 _____ C:\Users\Luiss\Desktop\CrystalDiskInfo.lnk
2017-04-18 15:53 - 2017-04-18 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-04-18 15:53 - 2017-04-18 15:53 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-04-15 21:20 - 2017-04-15 21:20 - 00003018 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Luiss)
2017-04-11 19:19 - 2017-04-11 19:19 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-11 19:18 - 2017-04-11 19:18 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-02 20:14 - 2017-04-02 20:16 - 00000000 ____D C:\Users\Luiss\Desktop\Office 2007 cz
2017-04-02 07:50 - 2017-04-02 07:50 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-02 07:50 - 2017-04-02 07:50 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-01 13:45 - 2017-04-01 13:45 - 00004002 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458803996
2017-04-01 13:45 - 2017-04-01 13:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-30 21:21 - 2017-03-30 21:21 - 00003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-30 21:21 - 2017-03-30 21:20 - 01005048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00556784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00399944 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-30 21:21 - 2017-03-30 21:20 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00164064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00127112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-30 21:21 - 2017-03-30 21:20 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-30 21:21 - 2017-03-28 20:56 - 00334088 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-30 21:21 - 2017-03-28 20:56 - 00307736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-30 21:21 - 2017-03-28 20:56 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-30 21:21 - 2017-03-28 20:56 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-27 19:24 - 2017-03-27 20:13 - 00033476 _____ C:\Users\Luiss\Desktop\Sešit2.xlsx
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-04-23 15:51 - 2016-08-08 21:36 - 00000000 ____D C:\FRST
2017-04-23 13:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-23 13:09 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-23 12:30 - 2014-12-24 12:45 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{43C2F194-9770-45D7-ACF8-A45207A61505}
2017-04-22 19:39 - 2015-09-16 20:04 - 00000000 ____D C:\Users\Luiss\AppData\Local\ElevatedDiagnostics
2017-04-22 11:55 - 2015-01-11 09:51 - 00000000 ____D C:\Users\Luiss\Desktop\zuzuky
2017-04-21 21:15 - 2014-08-18 11:46 - 00000000 __SHD C:\Users\Luiss\IntelGraphicsProfiles
2017-04-21 21:14 - 2016-01-14 20:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-21 21:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-04-21 21:13 - 2016-08-12 16:49 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-04-21 21:13 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2017-04-21 21:07 - 2016-05-26 18:11 - 00000000 ____D C:\Program Files (x86)\IObit
2017-04-18 16:10 - 2016-01-14 19:30 - 00794420 _____ C:\WINDOWS\system32\perfh019.dat
2017-04-18 16:10 - 2016-01-14 19:30 - 00157692 _____ C:\WINDOWS\system32\perfc019.dat
2017-04-18 16:10 - 2015-10-30 20:31 - 00752310 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-18 16:10 - 2015-10-30 20:31 - 00151396 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-18 16:10 - 2015-08-01 09:53 - 02727380 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-18 16:02 - 2014-06-11 16:18 - 00000000 ____D C:\AdwCleaner
2017-04-18 16:01 - 2016-05-26 18:11 - 00000000 ____D C:\Users\Luiss\AppData\Roaming\IObit
2017-04-18 16:01 - 2016-05-26 18:11 - 00000000 ____D C:\Users\Luiss\AppData\LocalLow\IObit
2017-04-18 16:01 - 2016-05-26 18:11 - 00000000 ____D C:\ProgramData\IObit
2017-04-18 10:45 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-18 10:44 - 2014-06-03 17:27 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-04-18 10:33 - 2016-05-26 18:12 - 00000000 ____D C:\ProgramData\ProductData
2017-04-16 13:18 - 2014-06-10 20:38 - 00000000 ____D C:\Program Files\trend micro
2017-04-15 15:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-13 17:12 - 2016-01-01 14:01 - 00000000 ____D C:\Users\Luiss\Desktop\luiss
2017-04-13 04:31 - 2014-06-02 19:31 - 00003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-13 04:31 - 2014-06-02 19:31 - 00003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-12 22:10 - 2016-11-26 18:26 - 00000000 ____D C:\Users\Luiss\AppData\LocalLow\Mozilla
2017-04-11 17:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-11 17:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-11 17:53 - 2014-06-03 17:42 - 00004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-10 19:09 - 2014-06-02 19:14 - 00000000 ____D C:\Users\Luiss\AppData\Local\Packages
2017-04-06 21:55 - 2014-11-08 10:51 - 00000000 ___RD C:\Users\Luiss\Desktop\filmy
2017-04-06 17:16 - 2014-06-02 19:33 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-02 09:02 - 2016-11-20 20:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-02 09:02 - 2014-06-02 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-02 07:50 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
==================== Files in the root of some directories =======
2014-06-09 15:41 - 2015-01-11 09:30 - 0099384 _____ () C:\Users\Luiss\AppData\Roaming\inst.exe
2014-06-09 15:41 - 2015-01-11 09:30 - 0007859 _____ () C:\Users\Luiss\AppData\Roaming\pcouffin.cat
2014-06-09 15:41 - 2015-01-11 09:30 - 0001167 _____ () C:\Users\Luiss\AppData\Roaming\pcouffin.inf
2014-06-09 15:41 - 2015-01-11 09:30 - 0000055 _____ () C:\Users\Luiss\AppData\Roaming\pcouffin.log
2014-06-09 15:41 - 2015-01-11 09:30 - 0082816 _____ (VSO Software) C:\Users\Luiss\AppData\Roaming\pcouffin.sys
2015-05-24 16:12 - 2016-06-25 08:58 - 0007597 _____ () C:\Users\Luiss\AppData\Local\Resmon.ResmonCfg
2014-06-10 19:12 - 2014-06-10 19:12 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-03-17 19:34 - 2017-03-17 19:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
2017-04-02 09:07 - 2017-04-02 09:07 - 0003072 _____ () C:\Users\Luiss\AppData\Local\Temp\kxcaimc5.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-04-15 21:06
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (14.58 KiB) Staženo 92 x
Re: Kontrola ntb- pomalé
Napiste mi velikost adresare plochy (C:\Users\Luiss\Plocha) Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR NewTab: Default -> "active": false,
2017-04-20 17:57 - 2017-04-20 17:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-20 17:56 - 2017-04-20 17:56 - 00000000 ____D C:\Program Files\Malwarebytes
Task: {0906CB91-A703-4441-AA0C-8E599B8A3EAA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0B354281-75FD-40E2-9054-20C585636F10} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {144C9D76-9CB5-4D86-8CFB-8EA85548EF9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1F8A11B6-7A3E-43EB-A766-D91D479F7603} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4CF5C43B-5553-427A-8106-2B297707E173} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A4FD966C-4551-47EB-A118-F12173643498} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C7DAD470-E1CC-48E6-99C4-9CCC8B4E7209} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D1558BC4-DD27-4413-9901-80B3A585D287} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F77A902E-2E4F-4EDC-8B25-E6B6236D65CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F8A60E55-8DCB-4C21-B1F3-F8285C14A64E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FEDE9382-3A9A-4798-814B-AF5BAB8ADC6E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola ntb- pomalé
Zdravím, má to 52 Gb.
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-04-2017 01
Ran by Luiss (24-04-2017 16:43:56) Run:2
Running from C:\Users\Luiss\Desktop
Loaded Profiles: Luiss (Available Profiles: Luiss)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR NewTab: Default -> "active": false,
2017-04-20 17:57 - 2017-04-20 17:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-20 17:56 - 2017-04-20 17:56 - 00000000 ____D C:\Program Files\Malwarebytes
Task: {0906CB91-A703-4441-AA0C-8E599B8A3EAA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0B354281-75FD-40E2-9054-20C585636F10} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {144C9D76-9CB5-4D86-8CFB-8EA85548EF9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1F8A11B6-7A3E-43EB-A766-D91D479F7603} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4CF5C43B-5553-427A-8106-2B297707E173} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A4FD966C-4551-47EB-A118-F12173643498} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C7DAD470-E1CC-48E6-99C4-9CCC8B4E7209} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D1558BC4-DD27-4413-9901-80B3A585D287} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F77A902E-2E4F-4EDC-8B25-E6B6236D65CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F8A60E55-8DCB-4C21-B1F3-F8285C14A64E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FEDE9382-3A9A-4798-814B-AF5BAB8ADC6E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
Chrome NewTab => removed successfully
Could not move "C:\WINDOWS\system32\Drivers\MBAMChameleon.sys" => Scheduled to move on reboot.
C:\Program Files\Malwarebytes => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0906CB91-A703-4441-AA0C-8E599B8A3EAA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0906CB91-A703-4441-AA0C-8E599B8A3EAA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B354281-75FD-40E2-9054-20C585636F10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B354281-75FD-40E2-9054-20C585636F10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{144C9D76-9CB5-4D86-8CFB-8EA85548EF9A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{144C9D76-9CB5-4D86-8CFB-8EA85548EF9A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F8A11B6-7A3E-43EB-A766-D91D479F7603} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F8A11B6-7A3E-43EB-A766-D91D479F7603} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CF5C43B-5553-427A-8106-2B297707E173} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CF5C43B-5553-427A-8106-2B297707E173} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4FD966C-4551-47EB-A118-F12173643498} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4FD966C-4551-47EB-A118-F12173643498} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7DAD470-E1CC-48E6-99C4-9CCC8B4E7209} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7DAD470-E1CC-48E6-99C4-9CCC8B4E7209} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1558BC4-DD27-4413-9901-80B3A585D287} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1558BC4-DD27-4413-9901-80B3A585D287} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F77A902E-2E4F-4EDC-8B25-E6B6236D65CD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F77A902E-2E4F-4EDC-8B25-E6B6236D65CD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8A60E55-8DCB-4C21-B1F3-F8285C14A64E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8A60E55-8DCB-4C21-B1F3-F8285C14A64E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEDE9382-3A9A-4798-814B-AF5BAB8ADC6E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEDE9382-3A9A-4798-814B-AF5BAB8ADC6E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63699308 B
Java, Flash, Steam htmlcache => 30305 B
Windows/system/drivers => 3364749 B
Edge => 0 B
Chrome => 357376 B
Firefox => 23531775 B
Opera => 106496 B
Temp, IE cache, history, cookies, recent:
Default => 14772 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 124134 B
NetworkService => 2690 B
Luiss => 223769024 B
RecycleBin => 97876482 B
EmptyTemp: => 393.8 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-04-2017 16:48:57)
C:\WINDOWS\system32\Drivers\MBAMChameleon.sys => moved successfully
==== End of Fixlog 16:48:57 ====
Děkuji
Luiss
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-04-2017 01
Ran by Luiss (24-04-2017 16:43:56) Run:2
Running from C:\Users\Luiss\Desktop
Loaded Profiles: Luiss (Available Profiles: Luiss)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR NewTab: Default -> "active": false,
2017-04-20 17:57 - 2017-04-20 17:57 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-20 17:56 - 2017-04-20 17:56 - 00000000 ____D C:\Program Files\Malwarebytes
Task: {0906CB91-A703-4441-AA0C-8E599B8A3EAA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0B354281-75FD-40E2-9054-20C585636F10} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {144C9D76-9CB5-4D86-8CFB-8EA85548EF9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1F8A11B6-7A3E-43EB-A766-D91D479F7603} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4CF5C43B-5553-427A-8106-2B297707E173} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A4FD966C-4551-47EB-A118-F12173643498} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C7DAD470-E1CC-48E6-99C4-9CCC8B4E7209} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D1558BC4-DD27-4413-9901-80B3A585D287} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F77A902E-2E4F-4EDC-8B25-E6B6236D65CD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F8A60E55-8DCB-4C21-B1F3-F8285C14A64E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FEDE9382-3A9A-4798-814B-AF5BAB8ADC6E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
Chrome NewTab => removed successfully
Could not move "C:\WINDOWS\system32\Drivers\MBAMChameleon.sys" => Scheduled to move on reboot.
C:\Program Files\Malwarebytes => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0906CB91-A703-4441-AA0C-8E599B8A3EAA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0906CB91-A703-4441-AA0C-8E599B8A3EAA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B354281-75FD-40E2-9054-20C585636F10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B354281-75FD-40E2-9054-20C585636F10} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{144C9D76-9CB5-4D86-8CFB-8EA85548EF9A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{144C9D76-9CB5-4D86-8CFB-8EA85548EF9A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F8A11B6-7A3E-43EB-A766-D91D479F7603} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F8A11B6-7A3E-43EB-A766-D91D479F7603} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CF5C43B-5553-427A-8106-2B297707E173} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CF5C43B-5553-427A-8106-2B297707E173} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4FD966C-4551-47EB-A118-F12173643498} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4FD966C-4551-47EB-A118-F12173643498} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7DAD470-E1CC-48E6-99C4-9CCC8B4E7209} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7DAD470-E1CC-48E6-99C4-9CCC8B4E7209} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1558BC4-DD27-4413-9901-80B3A585D287} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1558BC4-DD27-4413-9901-80B3A585D287} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F77A902E-2E4F-4EDC-8B25-E6B6236D65CD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F77A902E-2E4F-4EDC-8B25-E6B6236D65CD} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8A60E55-8DCB-4C21-B1F3-F8285C14A64E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8A60E55-8DCB-4C21-B1F3-F8285C14A64E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEDE9382-3A9A-4798-814B-AF5BAB8ADC6E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEDE9382-3A9A-4798-814B-AF5BAB8ADC6E} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63699308 B
Java, Flash, Steam htmlcache => 30305 B
Windows/system/drivers => 3364749 B
Edge => 0 B
Chrome => 357376 B
Firefox => 23531775 B
Opera => 106496 B
Temp, IE cache, history, cookies, recent:
Default => 14772 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 124134 B
NetworkService => 2690 B
Luiss => 223769024 B
RecycleBin => 97876482 B
EmptyTemp: => 393.8 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-04-2017 16:48:57)
C:\WINDOWS\system32\Drivers\MBAMChameleon.sys => moved successfully
==== End of Fixlog 16:48:57 ====
Děkuji
Luiss
Re: Kontrola ntb- pomalé
Luiss píše:Zdravím, má to 52 Gb.
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku 
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Kontrola ntb- pomalé
Zdravím, defragmentováno........
S pc to vypadá lépe, děkuji.
L.
S pc to vypadá lépe, děkuji.
L.
Re: Kontrola ntb- pomalé
Nemate zac!
A je to uz v norme? Nebo je to sice lepsi, ale do normalu to ma jeste daleko?
A je to uz v norme? Nebo je to sice lepsi, ale do normalu to ma jeste daleko?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?