Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2018-02-24 11:35:52
Microsoft Windows 10 Home
System drive C: has 19 GB (25%) free of 75 GB
Total RAM: 3071 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:35:54, on 24.2.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.138:10517
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - (no file)
F2 - REG:system.ini: UserInit=
O2 - BHO: The Amazon Assistant for Internet Explorer - {0ddcea2a-7b00-4349-8acb-af7ba6da251f} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 10055 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Windows\system32\FBAgent.exe"
C:\WINDOWS\System32\spoolsv.exe
dashost.exe {8f390762-71c0-4feb-be99c5c556b5b736}
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Elantech\ETDService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
C:\WINDOWS\system32\AUDIODG.EXE 0x3d4
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"ctfmon.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
ATKOSD.exe
KBFiltr.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
WDC.exe
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.245_none_16ec1d963212a637\TiWorker.exe -Embedding
wmiadap.exe /F /T /R
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Martin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\OptimizerPro1UpdaterTask{83EAD7D1-96DB-4929-B39C-276E4F680DD4}.job - C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe /schedule /profilepath "C:\ProgramData\Premium\OptimizerPro1\profile.ini"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-24 573504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-24 236608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-02-02 1554080]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-09-16 3054136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2009-08-20 170624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2009-10-27 6998656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boingo Wi-Fi]
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser companion helper]
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DRPU PC Management - Basic]
C:\Program Files (x86)\DRPU PC Management - Basic\Basic Manage.exe hd []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2016-11-14 6789056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-11-06 16696840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-06 27832264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\INSTAL~1\{F0DF4~1\_A1DDD~1.EXE [2010-09-16 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk]
C:\Windows\INSTAL~1\{147DF~1\NEWSHO~2.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\INSTAL~1\{E5CF6~1\NEWSHO~4.EXE [2010-09-16 156952]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"EnableSecureUIAPaths"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-02-24 11:31:47 ----D---- C:\WINDOWS\system32\drivers\wd
2018-02-24 11:08:58 ----A---- C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-24 11:08:57 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2018-02-24 11:08:57 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2018-02-24 11:08:18 ----A---- C:\WINDOWS\NvContainerRecovery.bat
2018-02-24 11:08:17 ----A---- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-24 11:07:51 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2018-02-24 11:07:50 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2018-02-24 11:07:32 ----A---- C:\WINDOWS\system32\drivers\nvvhci.sys
2018-02-24 11:07:31 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
2018-02-24 11:04:34 ----D---- C:\Program Files\trend micro
2018-02-24 11:00:12 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-64.dll
2018-02-24 10:44:54 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2018-02-24 10:44:10 ----D---- C:\Program Files\Java
2018-02-13 19:39:44 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-13 19:39:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2018-02-13 19:39:43 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-02-13 19:39:42 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-02-13 19:39:42 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2018-02-13 19:39:41 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2018-02-13 19:39:41 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-02-13 19:39:39 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2018-02-13 19:39:39 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-02-13 19:39:38 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-02-13 19:39:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-02-13 19:39:38 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2018-02-13 19:39:38 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-13 19:39:38 ----A---- C:\WINDOWS\system32\ieproxy.dll
2018-02-13 19:39:38 ----A---- C:\WINDOWS\system32\audiosrv.dll
2018-02-13 19:39:37 ----A---- C:\WINDOWS\system32\ntdll.dll
2018-02-13 19:39:37 ----A---- C:\WINDOWS\system32\hal.dll
2018-02-13 19:39:37 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-02-13 19:39:37 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2018-02-13 19:39:37 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2018-02-13 19:39:36 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2018-02-13 19:39:36 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-02-13 19:39:36 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2018-02-13 19:39:36 ----A---- C:\WINDOWS\system32\evr.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2018-02-13 19:39:35 ----A---- C:\WINDOWS\system32\d3d11.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-13 19:39:35 ----A---- C:\WINDOWS\system32\audiodg.exe
2018-02-13 19:39:34 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-02-13 19:39:34 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-13 19:39:34 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-02-13 19:39:33 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-02-13 19:39:33 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-02-13 19:39:33 ----A---- C:\WINDOWS\system32\AcGenral.dll
2018-02-13 19:39:32 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-02-13 19:39:32 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-02-13 19:39:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2018-02-13 19:39:31 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-02-13 19:39:30 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2018-02-13 19:39:30 ----A---- C:\WINDOWS\system32\mfsvr.dll
2018-02-13 19:39:30 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-02-13 19:39:30 ----A---- C:\WINDOWS\system32\dnsapi.dll
2018-02-13 19:39:29 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-02-13 19:39:29 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-02-13 19:39:29 ----A---- C:\WINDOWS\system32\bisrv.dll
2018-02-13 19:39:29 ----A---- C:\WINDOWS\system32\AudioSes.dll
2018-02-13 19:39:28 ----A---- C:\WINDOWS\system32\dwmcore.dll
2018-02-13 19:39:28 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2018-02-13 19:39:27 ----A---- C:\WINDOWS\system32\wininet.dll
2018-02-13 19:39:27 ----A---- C:\WINDOWS\system32\msIso.dll
2018-02-13 19:39:27 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2018-02-13 19:39:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-02-13 19:39:24 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-02-13 19:39:23 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2018-02-13 19:39:23 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-02-13 19:39:22 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-13 19:39:22 ----A---- C:\WINDOWS\system32\mfcore.dll
2018-02-13 19:39:22 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-02-13 19:39:21 ----A---- C:\WINDOWS\system32\ISM.dll
2018-02-13 19:39:21 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-13 19:39:20 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2018-02-13 19:39:20 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2018-02-13 19:39:20 ----A---- C:\WINDOWS\system32\wuauclt.exe
2018-02-13 19:39:20 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-13 19:39:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2018-02-13 19:39:19 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2018-02-13 19:39:19 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2018-02-13 19:39:19 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2018-02-13 19:39:19 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-13 19:39:19 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2018-02-13 19:39:18 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-02-13 19:39:18 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-13 19:39:18 ----A---- C:\WINDOWS\system32\comdlg32.dll
2018-02-13 19:39:17 ----A---- C:\WINDOWS\system32\twinui.dll
2018-02-13 19:39:17 ----A---- C:\WINDOWS\system32\sppsvc.exe
2018-02-13 19:39:16 ----A---- C:\WINDOWS\system32\wow64.dll
2018-02-13 19:39:16 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-13 19:39:16 ----A---- C:\WINDOWS\system32\LogonController.dll
2018-02-13 19:39:16 ----A---- C:\WINDOWS\explorer.exe
2018-02-13 19:39:15 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-02-13 19:39:15 ----A---- C:\WINDOWS\system32\shell32.dll
2018-02-13 19:39:14 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-02-13 19:39:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-13 19:39:12 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-13 19:39:06 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-02-13 19:39:06 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-02-13 19:39:05 ----A---- C:\WINDOWS\system32\usocore.dll
2018-02-13 19:39:01 ----A---- C:\WINDOWS\system32\vac.exe
2018-02-13 19:39:00 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-02-13 19:38:59 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2018-02-13 19:38:59 ----A---- C:\WINDOWS\system32\TileDataRepository.dll
2018-02-13 19:38:59 ----A---- C:\WINDOWS\system32\SRH.dll
2018-02-13 19:38:59 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-13 19:38:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-13 19:38:59 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-13 19:38:58 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-02-13 19:38:58 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-02-13 19:38:57 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-13 19:38:57 ----A---- C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-13 19:38:55 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-02-13 19:38:55 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2018-02-13 19:38:55 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2018-02-13 19:38:55 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-02-13 19:38:55 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2018-02-13 19:38:55 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-13 19:38:55 ----A---- C:\WINDOWS\system32\AudioEng.dll
2018-02-13 19:38:54 ----A---- C:\WINDOWS\system32\devinv.dll
2018-02-13 19:38:54 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-13 19:38:54 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-02-13 19:38:54 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-02-13 19:38:53 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-02-13 19:38:51 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-13 19:38:49 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2018-02-13 19:38:49 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2018-02-13 19:38:49 ----A---- C:\WINDOWS\system32\sppobjs.dll
2018-02-13 19:38:49 ----A---- C:\WINDOWS\system32\InstallService.dll
2018-02-13 19:38:48 ----A---- C:\WINDOWS\system32\wimserv.exe
2018-02-13 19:38:48 ----A---- C:\WINDOWS\system32\wimgapi.dll
2018-02-13 19:38:48 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-02-13 19:38:47 ----A---- C:\WINDOWS\system32\ci.dll
2018-02-13 19:38:46 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2018-02-13 19:38:46 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-02-13 19:38:46 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2018-02-13 19:38:46 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-13 19:38:46 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-02-13 19:38:45 ----A---- C:\WINDOWS\system32\usercpl.dll
2018-02-13 19:38:45 ----A---- C:\WINDOWS\system32\rtmpltfm.dll
2018-02-13 19:38:44 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2018-02-13 19:38:44 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-02-13 19:38:44 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-13 19:38:44 ----A---- C:\WINDOWS\system32\mssrch.dll
2018-02-13 19:38:44 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2018-02-13 19:38:43 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2018-02-13 19:38:43 ----A---- C:\WINDOWS\system32\winload.exe
2018-02-13 19:38:43 ----A---- C:\WINDOWS\system32\tquery.dll
2018-02-13 19:38:43 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-13 19:38:43 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-02-13 19:38:43 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-13 19:38:43 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-02-13 19:38:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-02-13 19:38:42 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2018-02-13 19:38:42 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-13 19:38:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-13 19:38:41 ----A---- C:\WINDOWS\SYSWOW64\rtmpltfm.dll
2018-02-13 19:38:41 ----A---- C:\WINDOWS\system32\xpsrchvw.exe
2018-02-13 19:38:41 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-02-13 19:38:40 ----A---- C:\WINDOWS\SYSWOW64\TileDataRepository.dll
2018-02-13 19:38:40 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2018-02-13 19:38:40 ----A---- C:\WINDOWS\system32\sppwinob.dll
2018-02-13 19:38:39 ----A---- C:\WINDOWS\system32\Wpc.dll
2018-02-13 19:38:39 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-13 19:38:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2018-02-13 19:38:38 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2018-02-13 19:38:38 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2018-02-13 19:38:38 ----A---- C:\WINDOWS\system32\FSClient.dll
2018-02-13 19:38:37 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2018-02-13 19:38:37 ----A---- C:\WINDOWS\system32\mf.dll
2018-02-13 19:38:37 ----A---- C:\WINDOWS\system32\InputService.dll
2018-02-13 19:38:37 ----A---- C:\WINDOWS\system32\D3D12.dll
2018-02-13 19:38:37 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2018-02-13 19:38:37 ----A---- C:\WINDOWS\system32\browserbroker.dll
2018-02-13 19:38:36 ----A---- C:\WINDOWS\system32\wpncore.dll
2018-02-13 19:38:36 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-13 19:38:36 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2018-02-13 19:38:36 ----A---- C:\WINDOWS\system32\mmc.exe
2018-02-13 19:38:36 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-02-13 19:38:36 ----A---- C:\WINDOWS\system32\aepic.dll
2018-02-13 19:38:35 ----A---- C:\WINDOWS\SYSWOW64\MSVP9DEC.dll
2018-02-13 19:38:35 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-02-13 19:38:35 ----A---- C:\WINDOWS\system32\VSSVC.exe
2018-02-13 19:38:35 ----A---- C:\WINDOWS\system32\rtmpal.dll
2018-02-13 19:38:35 ----A---- C:\WINDOWS\system32\rasapi32.dll
2018-02-13 19:38:35 ----A---- C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-13 19:38:35 ----A---- C:\WINDOWS\system32\invagent.dll
2018-02-13 19:38:34 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2018-02-13 19:38:34 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2018-02-13 19:38:34 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-02-13 19:38:34 ----A---- C:\WINDOWS\system32\WpcMon.exe
2018-02-13 19:38:34 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-13 19:38:34 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2018-02-13 19:38:33 ----A---- C:\WINDOWS\SYSWOW64\xpsrchvw.exe
2018-02-13 19:38:33 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-02-13 19:38:33 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-13 19:38:33 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-13 19:38:33 ----A---- C:\WINDOWS\system32\FntCache.dll
2018-02-13 19:38:32 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2018-02-13 19:38:32 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2018-02-13 19:38:32 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2018-02-13 19:38:32 ----A---- C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-13 19:38:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-02-13 19:38:31 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2018-02-13 19:38:31 ----A---- C:\WINDOWS\SYSWOW64\mmcndmgr.dll
2018-02-13 19:38:31 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-02-13 19:38:31 ----A---- C:\WINDOWS\system32\authui.dll
2018-02-13 19:38:31 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-02-13 19:38:30 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2018-02-13 19:38:30 ----A---- C:\WINDOWS\SYSWOW64\mmc.exe
2018-02-13 19:38:30 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2018-02-13 19:38:30 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-13 19:38:30 ----A---- C:\WINDOWS\system32\shutdownux.dll
2018-02-13 19:38:30 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2018-02-13 19:38:30 ----A---- C:\WINDOWS\system32\rtmcodecs.dll
2018-02-13 19:38:30 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-13 19:38:30 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2018-02-13 19:38:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-13 19:38:29 ----A---- C:\WINDOWS\SYSWOW64\rtmpal.dll
2018-02-13 19:38:29 ----A---- C:\WINDOWS\system32\winresume.exe
2018-02-13 19:38:28 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2018-02-13 19:38:28 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-02-13 19:38:28 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-13 19:38:28 ----A---- C:\WINDOWS\system32\Windows.Payments.dll
2018-02-13 19:38:28 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2018-02-13 19:38:28 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-02-13 19:38:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2018-02-13 19:38:27 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2018-02-13 19:38:27 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2018-02-13 19:38:27 ----A---- C:\WINDOWS\system32\setupapi.dll
2018-02-13 19:38:27 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-13 19:38:27 ----A---- C:\WINDOWS\system32\efswrt.dll
2018-02-13 19:38:27 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-02-13 19:38:27 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\uDWM.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\policymanager.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\mssvp.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\localspl.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\efscore.dll
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\drivers\http.sys
2018-02-13 19:38:26 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2018-02-13 19:38:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\SYSWOW64\rtmcodecs.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeManagerObj.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\system32\rasdlg.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\system32\ncsi.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\system32\lsm.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-13 19:38:25 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2018-02-13 19:38:25 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-13 19:38:24 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2018-02-13 19:38:24 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2018-02-13 19:38:24 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2018-02-13 19:38:24 ----A---- C:\WINDOWS\system32\mspaint.exe
2018-02-13 19:38:24 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-02-13 19:38:24 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2018-02-13 19:38:23 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\winbrand.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\webio.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\vssapi.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\SettingSync.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\Magnify.exe
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\FrameServer.dll
2018-02-13 19:38:23 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-02-13 19:38:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\SYSWOW64\UserLanguagesCpl.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\system32\securekernel.exe
2018-02-13 19:38:22 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-13 19:38:22 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2018-02-13 19:38:22 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2018-02-13 19:38:22 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\SYSWOW64\efswrt.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\srcore.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\rastls.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\rasmans.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\mfps.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\gameux.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\FsIso.exe
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-02-13 19:38:21 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-02-13 19:38:20 ----A---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2018-02-13 19:38:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\SYSWOW64\sppcomapi.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\wldp.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\rasgcw.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\nlasvc.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2018-02-13 19:38:20 ----A---- C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\webio.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\rtmmvrortc.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\ortcengine.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\DeviceReactivation.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2018-02-13 19:38:19 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\wow64cpu.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\rascustom.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\ortcengine.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\edputil.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\dxtrans.dll
2018-02-13 19:38:19 ----A---- C:\WINDOWS\system32\aclui.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\SYSWOW64\vssapi.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\SYSWOW64\edputil.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\twinapi.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\sud.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\nshhttp.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\netlogon.dll
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2018-02-13 19:38:18 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\SyncCenter.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\nshhttp.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\SYSWOW64\AppLockerCSP.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\WebClnt.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\wcimage.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\themecpl.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\srchadmin.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\shsetup.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\mmcbase.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\hgcpl.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\davclnt.dll
2018-02-13 19:38:17 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-02-13 19:38:16 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-02-13 19:38:16 ----A---- C:\WINDOWS\SYSWOW64\shsetup.dll
2018-02-13 19:38:16 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2018-02-13 19:38:16 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2018-02-13 19:38:16 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2018-02-13 19:38:16 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2018-02-13 19:38:16 ----A---- C:\WINDOWS\system32\ListSvc.dll
2018-02-13 19:38:16 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2018-02-13 19:38:16 ----A---- C:\WINDOWS\system32\browserexport.exe
2018-02-13 19:38:16 ----A---- C:\WINDOWS\system32\authz.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\SYSWOW64\setup16.exe
2018-02-13 19:38:15 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\system32\stobject.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\system32\nlaapi.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\system32\netplwiz.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\system32\mssprxy.dll
2018-02-13 19:38:15 ----A---- C:\WINDOWS\system32\FontProvider.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\system32\themeui.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\system32\ntshrui.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2018-02-13 19:38:14 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-13 19:38:14 ----A---- C:\WINDOWS\system32\bootux.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\twext.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\regsvr32.exe
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\rshx32.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\regsvr32.exe
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\mshtmled.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\fontext.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2018-02-13 19:38:13 ----A---- C:\WINDOWS\system32\convertvhd.exe
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\srchadmin.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\mspaint.exe
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\mmcbase.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\EnterpriseAppMgmtClient.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\EditionUpgradeHelper.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\wups2.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\winsrv.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\winsku.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\virtdisk.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\tzres.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\twext.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\SettingMonitor.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\rstrui.exe
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\LockScreenContent.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\dsreg.dll
2018-02-13 19:38:12 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2018-02-13 19:38:11 ----A---- C:\WINDOWS\SYSWOW64\user.exe
2018-02-10 11:36:39 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-02-08 21:42:40 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2018-02-08 21:42:39 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-02-08 21:42:37 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-02-08 21:42:37 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2018-02-08 21:42:36 ----A---- C:\WINDOWS\system32\drivers\bam.sys
2018-02-08 21:42:34 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2018-02-08 21:42:34 ----A---- C:\WINDOWS\SYSWOW64\FirewallAPI.dll
2018-02-08 21:42:34 ----A---- C:\WINDOWS\system32\actxprxy.dll
2018-02-08 21:42:33 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-02-08 21:42:33 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2018-02-08 21:42:32 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-02-08 21:42:32 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2018-02-08 21:42:32 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2018-02-08 21:42:31 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2018-02-08 21:42:29 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-02-08 21:42:28 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-02-08 21:42:28 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2018-02-08 21:42:27 ----A---- C:\WINDOWS\system32\winhttp.dll
2018-02-08 21:42:23 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-02-08 21:42:23 ----A---- C:\WINDOWS\system32\jscript.dll
2018-02-08 21:42:23 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-02-08 21:42:23 ----A---- C:\WINDOWS\system32\drivers\hvsocket.sys
2018-02-08 21:42:22 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-02-08 21:42:21 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-02-08 21:42:20 ----A---- C:\WINDOWS\system32\services.exe
2018-02-08 21:42:20 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2018-02-08 21:42:19 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2018-02-08 21:42:18 ----A---- C:\WINDOWS\system32\wwansvc.dll
2018-02-08 21:42:17 ----A---- C:\WINDOWS\system32\wlansec.dll
2018-02-08 21:42:14 ----A---- C:\WINDOWS\system32\wmp.dll
2018-02-08 21:42:06 ----A---- C:\WINDOWS\system32\diagtrack.dll
2018-02-08 21:42:05 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2018-02-08 21:42:04 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-02-08 21:42:03 ----A---- C:\WINDOWS\system32\StartTileData.dll
2018-02-08 21:42:02 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2018-02-08 21:42:01 ----A---- C:\WINDOWS\system32\sspicli.dll
2018-02-08 21:41:52 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-02-08 21:41:32 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2018-02-08 21:41:25 ----A---- C:\WINDOWS\system32\reseteng.dll
2018-02-08 21:41:23 ----A---- C:\WINDOWS\system32\runexehelper.exe
2018-02-08 21:41:20 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2018-02-08 21:41:19 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2018-02-08 21:41:19 ----A---- C:\WINDOWS\system32\schedsvc.dll
2018-02-08 21:41:19 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2018-02-08 21:41:19 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-02-08 21:41:18 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2018-02-08 21:41:18 ----A---- C:\WINDOWS\system32\provhandlers.dll
2018-02-08 21:41:17 ----A---- C:\WINDOWS\system32\provtool.exe
2018-02-08 21:41:17 ----A---- C:\WINDOWS\system32\provengine.dll
2018-02-08 21:41:12 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2018-02-08 21:41:12 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2018-02-08 21:41:10 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2018-02-08 21:41:10 ----A---- C:\WINDOWS\system32\mqqm.dll
2018-02-08 21:41:10 ----A---- C:\WINDOWS\system32\CPFilters.dll
2018-02-08 21:41:10 ----A---- C:\WINDOWS\system32\atmfd.dll
2018-02-08 21:41:09 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2018-02-08 21:41:09 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2018-02-08 21:41:08 ----A---- C:\WINDOWS\system32\UserDataService.dll
2018-02-08 21:41:08 ----A---- C:\WINDOWS\system32\ole32.dll
2018-02-08 21:41:08 ----A---- C:\WINDOWS\system32\EncDec.dll
2018-02-08 21:41:07 ----A---- C:\WINDOWS\system32\ieui.dll
2018-02-08 21:41:06 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-02-08 21:41:06 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-02-08 21:41:05 ----A---- C:\WINDOWS\system32\usermgr.dll
2018-02-08 21:41:04 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-02-08 21:41:03 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2018-02-08 21:41:03 ----A---- C:\WINDOWS\SYSWOW64\EncDec.dll
2018-02-08 21:41:03 ----A---- C:\WINDOWS\system32\winlogon.exe
2018-02-08 21:41:02 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2018-02-08 21:41:01 ----A---- C:\WINDOWS\system32\wifitask.exe
2018-02-08 21:40:57 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2018-02-08 21:40:57 ----A---- C:\WINDOWS\system32\systemreset.exe
2018-02-08 21:40:57 ----A---- C:\WINDOWS\system32\sysmain.dll
2018-02-08 21:40:57 ----A---- C:\WINDOWS\system32\rdpbase.dll
2018-02-08 21:40:56 ----A---- C:\WINDOWS\SYSWOW64\rdpbase.dll
2018-02-08 21:40:55 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-02-08 21:40:55 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2018-02-08 21:40:55 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2018-02-08 21:40:55 ----A---- C:\WINDOWS\system32\NaturalAuth.dll
2018-02-08 21:40:55 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-02-08 21:40:55 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2018-02-08 21:40:55 ----A---- C:\WINDOWS\system32\container.dll
2018-02-08 21:40:54 ----A---- C:\WINDOWS\system32\skci.dll
2018-02-08 21:40:54 ----A---- C:\WINDOWS\system32\drivers\fsdepends.sys
2018-02-08 21:40:54 ----A---- C:\WINDOWS\system32\advapi32.dll
2018-02-08 21:40:53 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-02-08 21:40:53 ----A---- C:\WINDOWS\system32\Unistore.dll
2018-02-08 21:40:53 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2018-02-08 21:40:53 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-02-08 21:40:52 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2018-02-08 21:40:52 ----A---- C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-02-08 21:40:51 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-02-08 21:40:50 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2018-02-08 21:40:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2018-02-08 21:40:50 ----A---- C:\WINDOWS\system32\wscapi.dll
2018-02-08 21:40:50 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-02-08 21:40:50 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2018-02-08 21:40:50 ----A---- C:\WINDOWS\system32\APHostService.dll
2018-02-08 21:40:49 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\SyncController.dll
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\p2psvc.dll
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\icfupgd.dll
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2018-02-08 21:40:49 ----A---- C:\WINDOWS\system32\drivers\Diskdump.sys
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\wlansvc.dll
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\wcncsvc.dll
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\WcnApi.dll
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\SensorService.dll
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\SCardDlg.dll
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\pnrpsvc.dll
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\P2P.dll
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2018-02-08 21:40:48 ----A---- C:\WINDOWS\system32\drivers\mqac.sys
2018-02-08 21:40:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2018-02-08 21:40:47 ----A---- C:\WINDOWS\system32\webcheck.dll
2018-02-08 21:40:47 ----A---- C:\WINDOWS\system32\PhoneService.dll
2018-02-08 21:40:45 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2018-02-08 21:40:45 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2018-02-08 21:40:43 ----A---- C:\WINDOWS\SYSWOW64\P2P.dll
2018-02-08 21:40:43 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2018-02-08 21:40:42 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2018-02-08 21:40:42 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2018-02-08 21:40:42 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2018-02-08 21:40:42 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2018-02-08 21:40:42 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-02-08 21:40:42 ----A---- C:\WINDOWS\system32\msoert2.dll
2018-02-08 21:40:42 ----A---- C:\WINDOWS\system32\fontsub.dll
2018-02-08 21:40:42 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2018-02-08 21:40:42 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2018-02-08 21:40:41 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2018-02-08 21:40:41 ----A---- C:\WINDOWS\system32\spoolsv.exe
2018-02-08 21:40:41 ----A---- C:\WINDOWS\system32\provdatastore.dll
2018-02-08 21:40:41 ----A---- C:\WINDOWS\system32\drivers\vmbkmclr.sys
2018-02-08 21:40:41 ----A---- C:\WINDOWS\system32\drivers\Dumpstorport.sys
2018-02-08 21:40:40 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2018-02-08 21:40:40 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2018-02-08 21:40:40 ----A---- C:\WINDOWS\SYSWOW64\msoert2.dll
2018-02-08 21:40:40 ----A---- C:\WINDOWS\system32\vmrdvcore.dll
2018-02-08 21:40:40 ----A---- C:\WINDOWS\system32\taskcomp.dll
2018-02-08 21:40:40 ----A---- C:\WINDOWS\system32\rasauto.dll
2018-02-08 21:40:40 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-02-08 21:40:40 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-02-08 21:40:40 ----A---- C:\WINDOWS\system32\appinfo.dll
2018-02-08 21:40:40 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-02-08 21:40:39 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2018-02-08 21:40:39 ----A---- C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-08 21:40:39 ----A---- C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-02-08 21:40:39 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2018-02-08 21:40:39 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-02-08 21:40:38 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2018-02-08 21:40:38 ----A---- C:\WINDOWS\system32\iepeers.dll
2018-02-08 21:40:38 ----A---- C:\WINDOWS\system32\atmlib.dll
2018-02-07 20:45:57 ----D---- C:\ProgramData\Microsoft OneDrive
2018-02-07 19:23:58 ----ASH---- C:\hiberfil.sys
2018-02-07 19:11:28 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2018-02-07 19:11:15 ----D---- C:\ProgramData\USOShared
2018-02-07 19:06:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-07 19:04:39 ----A---- C:\WINDOWS\SYSWOW64\nvStreaming.exe
2018-02-07 19:03:40 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2018-02-07 19:03:40 ----A---- C:\WINDOWS\system32\OpenCL.dll
2018-02-07 19:03:16 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2018-02-07 19:01:46 ----AS---- C:\WINDOWS\bootstat.dat
2018-02-07 19:00:09 ----D---- C:\WINDOWS\Prefetch
2018-02-07 18:59:44 ----D---- C:\WINDOWS\system32\SleepStudy
2018-02-07 18:59:38 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-07 18:59:35 ----ASH---- C:\swapfile.sys
2018-02-07 18:58:41 ----SHD---- C:\Recovery
2018-02-07 18:45:38 ----D---- C:\Program Files\Common Files\SpeechEngines
2018-02-07 18:42:14 ----D---- C:\WINDOWS\system32\Microsoft
2018-02-07 18:42:14 ----D---- C:\WINDOWS\ServiceProfiles
2018-02-07 18:39:14 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2018-02-07 18:39:14 ----D---- C:\WINDOWS\SYSWOW64\BestPractices
2018-02-07 18:39:14 ----D---- C:\WINDOWS\system32\msmq
2018-02-07 18:39:14 ----D---- C:\WINDOWS\system32\BestPractices
2018-02-07 18:39:13 ----D---- C:\Program Files\Reference Assemblies
2018-02-07 18:39:13 ----D---- C:\Program Files\MSBuild
2018-02-07 18:39:13 ----D---- C:\Program Files (x86)\Reference Assemblies
2018-02-07 18:39:13 ----D---- C:\Program Files (x86)\MSBuild
2018-02-07 18:39:13 ----D---- C:\inetpub
2018-02-07 18:37:37 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2018-02-07 18:37:37 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2018-02-07 18:37:36 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-02-07 18:37:25 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2018-02-07 18:37:25 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-02-07 18:37:25 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-02-07 18:36:11 ----A---- C:\WINDOWS\SYSWOW64\NlsLexicons0009.dll
2018-02-07 18:36:11 ----A---- C:\WINDOWS\SYSWOW64\NlsData0009.dll
2018-02-07 18:36:11 ----A---- C:\WINDOWS\system32\prm0009.dll
2018-02-07 18:36:10 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2018-02-07 18:36:10 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2018-02-07 17:39:24 ----ASH---- C:\pagefile.sys
2018-02-07 15:10:17 ----DC---- C:\WINDOWS\Panther
2018-02-03 17:44:17 ----A---- C:\WINDOWS\system32\osrss.dll
2018-01-27 19:54:12 ----D---- C:\Program Files\Elantech
2018-01-27 16:51:38 ----A---- C:\WINDOWS\ETDUninst.dll
2018-01-27 16:44:24 ----D---- C:\ProgramData\Trend Micro
2018-01-27 15:26:53 ----D---- C:\WINDOWS\SoftwareDistribution
2018-01-26 19:02:23 ----D---- C:\WINDOWS\UpdateAssistant
======List of files/folders modified in the last 1 month======
2018-02-24 11:35:31 ----D---- C:\ProgramData\NVIDIA
2018-02-24 11:34:10 ----D---- C:\WINDOWS\Temp
2018-02-24 11:33:59 ----D---- C:\WINDOWS\system32\sru
2018-02-24 11:32:42 ----A---- C:\WINDOWS\system32\ServiceFilter.ini
2018-02-24 11:31:47 ----D---- C:\WINDOWS\system32\drivers
2018-02-24 11:30:39 ----D---- C:\WINDOWS\system32\catroot2
2018-02-24 11:12:37 ----D---- C:\WINDOWS\System32
2018-02-24 11:10:46 ----D---- C:\WINDOWS\INF
2018-02-24 11:09:22 ----D---- C:\ProgramData\NVIDIA Corporation
2018-02-24 11:08:58 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2018-02-24 11:08:57 ----D---- C:\WINDOWS\SysWOW64
2018-02-24 11:08:57 ----D---- C:\WINDOWS\system32\Tasks
2018-02-24 11:08:57 ----D---- C:\Program Files\NVIDIA Corporation
2018-02-24 11:08:40 ----D---- C:\WINDOWS\system32\DriverStore
2018-02-24 11:08:18 ----D---- C:\Windows
2018-02-24 11:08:15 ----SHD---- C:\WINDOWS\Installer
2018-02-24 11:08:11 ----D---- C:\ProgramData\Package Cache
2018-02-24 11:04:34 ----RD---- C:\Program Files
2018-02-24 11:00:21 ----D---- C:\Program Files (x86)\Java
2018-02-24 10:52:22 ----D---- C:\WINDOWS\DeliveryOptimization
2018-02-24 10:33:39 ----D---- C:\WINDOWS\Logs
2018-02-24 10:33:14 ----RD---- C:\WINDOWS\Microsoft.NET
2018-02-24 10:09:44 ----D---- C:\WINDOWS\AppReadiness
2018-02-24 10:09:43 ----HD---- C:\Program Files\WindowsApps
2018-02-24 00:58:30 ----D---- C:\Users\Martin\AppData\Roaming\TS3Client
2018-02-23 18:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2018-02-22 12:54:39 ----D---- C:\WINDOWS\system32\config
2018-02-22 00:20:49 ----RD---- C:\Program Files (x86)
2018-02-16 20:25:13 ----D---- C:\WINDOWS\WinSxS
2018-02-16 20:18:32 ----D---- C:\WINDOWS\rescache
2018-02-14 15:01:00 ----SHD---- C:\Boot
2018-02-14 14:56:48 ----D---- C:\WINDOWS\TextInput
2018-02-14 14:56:48 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-02-14 14:56:47 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-02-14 14:56:35 ----D---- C:\WINDOWS\system32\wbem
2018-02-14 14:56:35 ----D---- C:\WINDOWS\system32\oobe
2018-02-14 14:56:34 ----D---- C:\WINDOWS\system32\migration
2018-02-14 14:56:34 ----D---- C:\WINDOWS\system32\Boot
2018-02-14 14:56:34 ----D---- C:\WINDOWS\system32\appraiser
2018-02-14 14:56:21 ----D---- C:\WINDOWS\ShellExperiences
2018-02-14 14:56:18 ----D---- C:\WINDOWS\bcastdvr
2018-02-14 14:56:18 ----D---- C:\WINDOWS\apppatch
2018-02-14 14:56:06 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-02-13 19:57:11 ----D---- C:\WINDOWS\system32\MRT
2018-02-13 19:53:09 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-13 19:52:58 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-02-13 19:48:25 ----D---- C:\WINDOWS\CbsTemp
2018-02-10 12:10:47 ----RD---- C:\WINDOWS\assembly
2018-02-10 11:40:15 ----D---- C:\WINDOWS\system32\WDI
2018-02-10 11:31:21 ----SD---- C:\WINDOWS\SYSWOW64\F12
2018-02-10 11:31:20 ----D---- C:\WINDOWS\SYSWOW64\Dism
2018-02-10 11:31:16 ----D---- C:\WINDOWS\system32\migwiz
2018-02-10 11:31:15 ----SD---- C:\WINDOWS\system32\F12
2018-02-10 11:31:15 ----D---- C:\WINDOWS\system32\Dism
2018-02-10 11:31:05 ----D---- C:\WINDOWS\Provisioning
2018-02-10 11:31:03 ----RSD---- C:\WINDOWS\Fonts
2018-02-10 11:31:02 ----D---- C:\Program Files\internet explorer
2018-02-10 11:31:02 ----D---- C:\Program Files (x86)\Internet Explorer
2018-02-08 10:06:11 ----D---- C:\WINDOWS\appcompat
2018-02-07 20:49:56 ----SD---- C:\ProgramData\Microsoft
2018-02-07 20:45:57 ----HD---- C:\ProgramData
2018-02-07 20:42:54 ----D---- C:\Windows10Upgrade
2018-02-07 19:38:02 ----HD---- C:\$GetCurrent
2018-02-07 19:35:57 ----D---- C:\Program Files\windows nt
2018-02-07 19:35:08 ----D---- C:\WINDOWS\system32\WinBioDatabase
2018-02-07 19:34:53 ----D---- C:\WINDOWS\debug
2018-02-07 19:34:46 ----D---- C:\WINDOWS\Tasks
2018-02-07 19:32:53 ----D---- C:\WINDOWS\Registration
2018-02-07 19:31:51 ----RSD---- C:\WINDOWS\media
2018-02-07 19:16:37 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-02-07 19:11:28 ----RD---- C:\Users
2018-02-07 19:11:15 ----D---- C:\ProgramData\USOPrivate
2018-02-07 19:10:02 ----D---- C:\WINDOWS\system32\CodeIntegrity
2018-02-07 19:05:59 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI
2018-02-07 19:05:31 ----D---- C:\WINDOWS\system32\Sysprep
2018-02-07 19:05:05 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2018-02-07 19:04:58 ----D---- C:\Temp
2018-02-07 18:56:44 ----D---- C:\WINDOWS\system32\Recovery
2018-02-07 18:53:06 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2018-02-07 18:53:05 ----SHD---- C:\WINDOWS\SYSWOW64\AI_RecycleBin
2018-02-07 18:53:05 ----SHD---- C:\WINDOWS\SYSWOW64\%APPDATA%
2018-02-07 18:53:05 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-02-07 18:53:05 ----D---- C:\WINDOWS\SYSWOW64\IME
2018-02-07 18:53:05 ----D---- C:\WINDOWS\SYSWOW64\drivers
2018-02-07 18:53:05 ----D---- C:\WINDOWS\SYSWOW64\%LocalAppData%
2018-02-07 18:53:05 ----D---- C:\WINDOWS\system32\drivers\etc
2018-02-07 18:52:59 ----D---- C:\WINDOWS\system32\SPReview
2018-02-07 18:52:59 ----D---- C:\WINDOWS\system32\spool
2018-02-07 18:52:58 ----SHD---- C:\WINDOWS\system32\%APPDATA%
2018-02-07 18:52:58 ----DC---- C:\WINDOWS\system32\DRVSTORE
2018-02-07 18:52:58 ----D---- C:\WINDOWS\system32\OEM
2018-02-07 18:52:58 ----D---- C:\WINDOWS\system32\NDF
2018-02-07 18:52:58 ----D---- C:\WINDOWS\system32\Macromed
2018-02-07 18:52:58 ----D---- C:\WINDOWS\system32\IME
2018-02-07 18:52:58 ----D---- C:\WINDOWS\system32\ias
2018-02-07 18:52:58 ----D---- C:\WINDOWS\system32\EventProviders
2018-02-07 18:52:58 ----D---- C:\WINDOWS\system32\catroot2.bak
2018-02-07 18:52:58 ----D---- C:\WINDOWS\System
2018-02-07 18:52:58 ----D---- C:\WINDOWS\ShellNew
2018-02-07 18:52:57 ----D---- C:\WINDOWS\schemas
2018-02-07 18:52:57 ----D---- C:\WINDOWS\Resources
2018-02-07 18:52:56 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2018-02-07 18:52:56 ----D---- C:\WINDOWS\Help
2018-02-07 18:52:55 ----SHD---- C:\Program Files\Windows Sidebar
2018-02-07 18:52:55 ----D---- C:\Program Files\Common Files\microsoft shared
2018-02-07 18:52:55 ----D---- C:\Program Files\Common Files
2018-02-07 18:52:55 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-02-07 18:52:55 ----D---- C:\Program Files (x86)\Common Files
2018-02-07 18:52:55 ----AD---- C:\Program Files\UNP
2018-02-07 18:52:22 ----D---- C:\WINDOWS\Setup
2018-02-07 18:46:23 ----D---- C:\WINDOWS\SYSWOW64\drivers\UMDF
2018-02-07 18:46:18 ----D---- C:\WINDOWS\system32\SRSLabs
2018-02-07 18:45:54 ----D---- C:\WINDOWS\ehome
2018-02-07 18:45:45 ----D---- C:\Program Files (x86)\Windows Mail
2018-02-07 18:45:40 ----D---- C:\Program Files\Windows Mail
2018-02-07 18:45:39 ----D---- C:\Program Files\Realtek
2018-02-07 18:45:39 ----D---- C:\Program Files\Microsoft Games
2018-02-07 18:39:14 ----D---- C:\WINDOWS\SYSWOW64\MUI
2018-02-07 18:39:14 ----D---- C:\WINDOWS\SYSWOW64\inetsrv
2018-02-07 18:39:14 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-02-07 18:39:14 ----D---- C:\WINDOWS\system32\MUI
2018-02-07 18:39:14 ----D---- C:\WINDOWS\system32\inetsrv
2018-02-07 18:39:14 ----D---- C:\WINDOWS\system32\cs-CZ
2018-02-07 18:39:04 ----A---- C:\WINDOWS\SYSWOW64\mqsnap.dll
2018-02-07 18:39:04 ----A---- C:\WINDOWS\SYSWOW64\mqcertui.dll
2018-02-07 18:39:03 ----A---- C:\WINDOWS\system32\wamregps.dll
2018-02-07 18:39:03 ----A---- C:\WINDOWS\system32\iisrstap.dll
2018-02-07 18:39:03 ----A---- C:\WINDOWS\system32\iisreset.exe
2018-02-07 18:39:03 ----A---- C:\WINDOWS\system32\admwprox.dll
2018-02-07 18:38:59 ----A---- C:\WINDOWS\SYSWOW64\wamregps.dll
2018-02-07 18:38:59 ----A---- C:\WINDOWS\SYSWOW64\iisrstap.dll
2018-02-07 18:38:59 ----A---- C:\WINDOWS\SYSWOW64\iisreset.exe
2018-02-07 18:38:59 ----A---- C:\WINDOWS\SYSWOW64\admwprox.dll
2018-02-07 18:38:58 ----A---- C:\WINDOWS\system32\mqrt.dll
2018-02-07 18:38:55 ----A---- C:\WINDOWS\SYSWOW64\mqoa.dll
2018-02-07 18:38:52 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2018-02-07 18:38:50 ----A---- C:\WINDOWS\system32\iisRtl.dll
2018-02-07 18:38:50 ----A---- C:\WINDOWS\system32\cngkeyhelper.dll
2018-02-07 18:38:50 ----A---- C:\WINDOWS\system32\ahadmin.dll
2018-02-07 18:38:49 ----A---- C:\WINDOWS\system32\mqutil.dll
2018-02-07 18:38:44 ----A---- C:\WINDOWS\SYSWOW64\iisRtl.dll
2018-02-07 18:38:44 ----A---- C:\WINDOWS\SYSWOW64\cngkeyhelper.dll
2018-02-07 18:38:44 ----A---- C:\WINDOWS\SYSWOW64\ahadmin.dll
2018-02-07 18:38:43 ----A---- C:\WINDOWS\system32\mqsnap.dll
2018-02-07 18:38:43 ----A---- C:\WINDOWS\system32\mqcertui.dll
2018-02-07 18:38:38 ----A---- C:\WINDOWS\system32\mqoa.dll
2018-02-07 18:38:37 ----A---- C:\WINDOWS\SYSWOW64\mqrt.dll
2018-02-07 18:38:28 ----A---- C:\WINDOWS\SYSWOW64\mqutil.dll
2018-02-07 18:38:26 ----A---- C:\WINDOWS\system32\mqsvc.exe
2018-02-07 18:38:26 ----A---- C:\WINDOWS\system32\mqbkup.exe
2018-02-07 18:36:13 ----D---- C:\WINDOWS\system32\en-US
2018-02-07 18:36:13 ----D---- C:\WINDOWS\OCR
2018-02-07 18:17:29 ----SD---- C:\WINDOWS\UpdateAssistantV2
2018-02-07 18:17:27 ----D---- C:\WINDOWS\system32\zh-HK
2018-02-07 17:34:23 ----RASH---- C:\BOOTSECT.BAK
2018-02-07 15:09:52 ----A---- C:\WINDOWS\progress.ini
2018-01-27 16:47:10 ----A---- C:\WINDOWS\system32\AutoRunFilter.ini
2018-01-26 19:02:28 ----AD---- C:\Program Files\rempl
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivni kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivni kontrola
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\WINDOWS\system32\drivers\AsDsm.sys [2011-06-15 35384]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 nvstor64;nvstor64; C:\WINDOWS\System32\drivers\nvstor64.sys [2010-04-27 244328]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R1 HssDRV6;@oem37.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [2012-08-01 41704]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-08-07 27552]
R1 MpKsl53209d4c;MpKsl53209d4c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF9333BA-3EFE-4925-9993-4990296988EA}\MpKsl53209d4c.sys [2018-02-24 58120]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2017-09-29 4233728]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 dtlitescsibus;@oem11.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-20 30264]
R3 ETD;@oem6.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-11-06 5322248]
R3 kbfiltr;@oem24.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2009-07-20 15416]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2018-01-01 176128]
R3 MTsensor;@oem35.inf,%ATKACPI.DisplayName%;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\drivers\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;@oem15.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-12-09 206776]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2009-06-28 28704]
R3 nvvad_WaveExtensible;@oem5.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-12-15 59240]
R3 nvvhci;@oem25.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-01-10 59752]
R3 rt640x64;@oem18.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-11-06 935168]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;@oem7.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 fssfltr;fssfltr; C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-01-10 32104]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 ssudmdm;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-11-10 96896]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_48be4;CDPUserSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2018-02-07 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10 521064]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-01-10 462696]
R2 OneSyncSvc_48be4;OneSyncSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 osrss;OS Remediation System Service; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-11-06 317960]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-02-10 519144]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-11-14 426040]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_48be4;DevicesFlowUserSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-09-28 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_48be4;MessagingService_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10 521064]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc_48be4;PimIndexMaintenanceSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_48be4;PrintWorkflowUserSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-09-29 52856]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
-----------------EOF-----------------
R0 AsDsm;AsDsm; C:\WINDOWS\system32\drivers\AsDsm.sys [2011-06-15 35384]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 nvstor64;nvstor64; C:\WINDOWS\System32\drivers\nvstor64.sys [2010-04-27 244328]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R1 HssDRV6;@oem37.inf,%HssDRV6_Desc%;Hotspot Shield Routing Driver 6; C:\WINDOWS\system32\DRIVERS\hssdrv6.sys [2012-08-01 41704]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-08-07 27552]
R1 MpKsl53209d4c;MpKsl53209d4c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF9333BA-3EFE-4925-9993-4990296988EA}\MpKsl53209d4c.sys [2018-02-24 58120]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2017-09-29 4233728]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 dtlitescsibus;@oem11.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-20 30264]
R3 ETD;@oem6.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-11-06 5322248]
R3 kbfiltr;@oem24.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2009-07-20 15416]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2018-01-01 176128]
R3 MTsensor;@oem35.inf,%ATKACPI.DisplayName%;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\drivers\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;@oem15.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-12-09 206776]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2009-06-28 28704]
R3 nvvad_WaveExtensible;@oem5.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-12-15 59240]
R3 nvvhci;@oem25.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2018-01-10 59752]
R3 rt640x64;@oem18.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-11-06 935168]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 dg_ssudbus;@oem7.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 fssfltr;fssfltr; C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-01-10 32104]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]
S3 ssudmdm;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-11-10 96896]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_48be4;CDPUserSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2018-02-07 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-09-29 136312]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10 521064]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-01-10 462696]
R2 OneSyncSvc_48be4;OneSyncSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 osrss;OS Remediation System Service; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-11-06 317960]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-02-10 519144]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-11-14 426040]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_48be4;DevicesFlowUserSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-09-28 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_48be4;MessagingService_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10 521064]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc_48be4;PimIndexMaintenanceSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_48be4;PrintWorkflowUserSvc_48be4; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-09-29 52856]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
-----------------EOF-----------------
Re: preventivni kontrola
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Scan (Skenovanie) a pockaj na dokoncenie
- Klikni na Clean (Cistenie) a potvrd kliknutim na OK
- AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
- Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: preventivni kontrola
ahoj
# AdwCleaner 7.0.8.0 - Logfile created on Sat Feb 24 16:03:41 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Users\Martin\AppData\Roaming\eType
Deleted: C:\Program Files (x86)\Gophoto.it
Deleted: C:\ProgramData\House Of Soft
Deleted: C:\Users\All Users\House Of Soft
Deleted: C:\ProgramData\SoftWarehouse
Deleted: C:\Users\All Users\SoftWarehouse
Deleted: C:\ProgramData\Ask
Deleted: C:\Users\All Users\Ask
Deleted: C:\ProgramData\AskPartnerNetwork
Deleted: C:\Users\All Users\AskPartnerNetwork
Deleted: C:\Users\Martin\AppData\LocalLow\SweetIM
Deleted: C:\Program Files (x86)\Conduit
Deleted: C:\Users\Martin\AppData\LocalLow\Conduit
Deleted: C:\Users\Martin\AppData\LocalLow\incredibar.com
Deleted: C:\Users\Martin\AppData\LocalLow\PriceGong
Deleted: C:\ProgramData\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\Martin\AppData\Local\OpenCandy
Deleted: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineHD.TV
Deleted: C:\ProgramData\Partner
Deleted: C:\Users\All Users\Partner
Deleted: C:\ProgramData\Premium
Deleted: C:\Users\All Users\Premium
***** [ Files ] *****
Deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\browsemngr.xml
Deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\bingp.xml
Deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\yahoo-zugo.xml
Deleted: C:\Windows\Reimage.ini
Deleted: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: YourFile Update
Deleted: OptimizerPro1UpdaterTask{83EAD7D1-96DB-4929-B39C-276E4F680DD4}
Deleted: OptimizerPro1UpdaterTask{83EAD7D1-96DB-4929-B39C-276E4F680DD4}
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search [http:\\search.icq.com\search\results.php?q={searchTerms}&ch_id=osd]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10RunOnceLastShown_TIMESTAMP [두帬ǮǏ:\\search.icq.com\search\results.php?q={searchTerms}&ch_id=osd]
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\YahooPartnerToolbar
Deleted: [Key] - HKCU\Software\YahooPartnerToolbar
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Blabbers
Deleted: [Key] - HKCU\Software\Blabbers
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4F524A2D-5350-4500-76A7-7A786E7484D7}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@pandonetworks.com\PandoWebPlugin
Deleted: [Key] - HKCU\SOFTWARE\Classes\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\Amazon1ButtonBrowserHelper.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|c:\Program Files (x86)\Amazon\Amazon1ButtonApp\
Deleted: [Key] - HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-18\Software\AskPartnerNetwork
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4F524A2D-5350-4500-76A7-7A786E7484D7}
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\AppDataLow\Software\ConduitSearchScopes
Deleted: [Key] - HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\BrowserCompanion
Deleted: [Key] - HKCU\Software\BrowserCompanion
Deleted: [Key] - HKLM\SOFTWARE\ICQ\ICQToolbar
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Iminent
Deleted: [Key] - HKCU\Software\Iminent
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\AppDataLow\Software\PriceGong
Deleted: [Key] - HKCU\Software\AppDataLow\Software\PriceGong
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\ByteFence\Uninstall.exe
Deleted: [Key] - HKLM\SOFTWARE\IB Updater
Deleted: [Key] - HKLM\SOFTWARE\DataMngr
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\DataMngr
Deleted: [Key] - HKCU\Software\DataMngr
Deleted: [Key] - HKLM\SOFTWARE\Datamngr
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Datamngr
Deleted: [Key] - HKCU\Software\Datamngr
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\iVIDI Plugin
Deleted: [Key] - HKCU\Software\iVIDI Plugin
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Norassie
Deleted: [Key] - HKCU\Software\Norassie
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\iLividSetupV1.exe
***** [ Firefox (and derivatives) ] *****
Plugin deleted: GoPhotoIt - GoPhoto.it
***** [ Chromium (and derivatives) ] *****
SearchProvider deleted: SweetIM Search - search.sweetim.com
SearchProvider deleted: Ask - ask.com
SearchProvider deleted: Ask Search - search.ask.com
SearchProvider deleted: Ask Search - search.ask.com
SearchProvider deleted: search.conduit.com - search.conduit.com
SearchProvider deleted: MyStart Search - mystart.incredibar.com/
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [21845 B] - [2018/2/24 16:1:58]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# AdwCleaner 7.0.8.0 - Logfile created on Sat Feb 24 16:03:41 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Users\Martin\AppData\Roaming\eType
Deleted: C:\Program Files (x86)\Gophoto.it
Deleted: C:\ProgramData\House Of Soft
Deleted: C:\Users\All Users\House Of Soft
Deleted: C:\ProgramData\SoftWarehouse
Deleted: C:\Users\All Users\SoftWarehouse
Deleted: C:\ProgramData\Ask
Deleted: C:\Users\All Users\Ask
Deleted: C:\ProgramData\AskPartnerNetwork
Deleted: C:\Users\All Users\AskPartnerNetwork
Deleted: C:\Users\Martin\AppData\LocalLow\SweetIM
Deleted: C:\Program Files (x86)\Conduit
Deleted: C:\Users\Martin\AppData\LocalLow\Conduit
Deleted: C:\Users\Martin\AppData\LocalLow\incredibar.com
Deleted: C:\Users\Martin\AppData\LocalLow\PriceGong
Deleted: C:\ProgramData\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\Martin\AppData\Local\OpenCandy
Deleted: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineHD.TV
Deleted: C:\ProgramData\Partner
Deleted: C:\Users\All Users\Partner
Deleted: C:\ProgramData\Premium
Deleted: C:\Users\All Users\Premium
***** [ Files ] *****
Deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\browsemngr.xml
Deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\bingp.xml
Deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\yahoo-zugo.xml
Deleted: C:\Windows\Reimage.ini
Deleted: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted: C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: YourFile Update
Deleted: OptimizerPro1UpdaterTask{83EAD7D1-96DB-4929-B39C-276E4F680DD4}
Deleted: OptimizerPro1UpdaterTask{83EAD7D1-96DB-4929-B39C-276E4F680DD4}
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search [http:\\search.icq.com\search\results.php?q={searchTerms}&ch_id=osd]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE10RunOnceLastShown_TIMESTAMP [두帬ǮǏ:\\search.icq.com\search\results.php?q={searchTerms}&ch_id=osd]
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\YahooPartnerToolbar
Deleted: [Key] - HKCU\Software\YahooPartnerToolbar
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Blabbers
Deleted: [Key] - HKCU\Software\Blabbers
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4F524A2D-5350-4500-76A7-7A786E7484D7}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@pandonetworks.com\PandoWebPlugin
Deleted: [Key] - HKCU\SOFTWARE\Classes\Software\AppDataLow\Software\Amazon\Amazon1ButtonApp
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\Amazon1ButtonBrowserHelper.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|c:\Program Files (x86)\Amazon\Amazon1ButtonApp\
Deleted: [Key] - HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-18\Software\AskPartnerNetwork
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4F524A2D-5350-4500-76A7-7A786E7484D7}
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\AppDataLow\Software\ConduitSearchScopes
Deleted: [Key] - HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\BrowserCompanion
Deleted: [Key] - HKCU\Software\BrowserCompanion
Deleted: [Key] - HKLM\SOFTWARE\ICQ\ICQToolbar
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Iminent
Deleted: [Key] - HKCU\Software\Iminent
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\AppDataLow\Software\PriceGong
Deleted: [Key] - HKCU\Software\AppDataLow\Software\PriceGong
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKU\.DEFAULT\Software\ByteFence
Deleted: [Key] - HKU\S-1-5-18\Software\ByteFence
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence
Deleted: [Value] - HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files\ByteFence\Uninstall.exe
Deleted: [Key] - HKLM\SOFTWARE\IB Updater
Deleted: [Key] - HKLM\SOFTWARE\DataMngr
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\DataMngr
Deleted: [Key] - HKCU\Software\DataMngr
Deleted: [Key] - HKLM\SOFTWARE\Datamngr
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Datamngr
Deleted: [Key] - HKCU\Software\Datamngr
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\iVIDI Plugin
Deleted: [Key] - HKCU\Software\iVIDI Plugin
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Norassie
Deleted: [Key] - HKCU\Software\Norassie
Deleted: [Key] - HKLM\SOFTWARE\Classes\Applications\iLividSetupV1.exe
***** [ Firefox (and derivatives) ] *****
Plugin deleted: GoPhotoIt - GoPhoto.it
***** [ Chromium (and derivatives) ] *****
SearchProvider deleted: SweetIM Search - search.sweetim.com
SearchProvider deleted: Ask - ask.com
SearchProvider deleted: Ask Search - search.ask.com
SearchProvider deleted: Ask Search - search.ask.com
SearchProvider deleted: search.conduit.com - search.conduit.com
SearchProvider deleted: MyStart Search - mystart.incredibar.com/
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [21845 B] - [2018/2/24 16:1:58]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Re: preventivni kontrola
Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707 V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST. Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: preventivni kontrola
logy zasilam v priloze, doufam ze jsem udelal vse spravne, dekuji za ochotu
- Přílohy
-
- logy.rar
- (38.37 KiB) Staženo 79 x
Re: preventivni kontrola
Odporucam nepouzivat ziadne programy od IObit (Driver Booster, Advanced SystemCare) - su to cinske smejdy, ktore mozu poskodit system. Zapni obnovu systemu
- Stlac Win+R, napis "sysdm.cpl" (bez uvodzoviek) a stlac enter
- Klikni na kartu Ochrana systemu a potom na Konfigurovat
- Vyber moznost Zapnut ochranu systemu a klikni na OK
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: Folder: C:\Users\Martin\AppData\Roaming\ChromePlus File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi CMD: type "C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js" HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131586959274119921&GUID=A3677896-7467-4AD0-8C98-FF19B6C5FADD HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com URLSearchHook: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> {408DBBA8-4D00-46DA-9D22-47E4F4D32382} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11412&pf=V7&p2=^BBK^OSJ000^YY^CZ&gct=&itbv=12.24.1.51&apn_uid=C704DD8D-300B-4CA9-BB06-8DFBF0FBA608&apn_ptnrs=BBK&apn_dtid=^OSJ000^YY^CZ&apn_dbr=cr_40.0.2214.115&doi=2015-03-03&trgb=IE&q={searchTerms}&psv=&pt=tb SearchScopes: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd BHO-x32: No Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> No File Toolbar: HKU\.DEFAULT -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File FF Extension: (GoPhotoIt) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi [2012-07-31] [Legacy] [not signed] FF Extension: (TheBflix) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info [2012-10-23] [Legacy] [not signed] FF Extension: (Online HD TV) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi [2012-10-21] [Legacy] [not signed] FF Extension: (Seznam lištička) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-12-04] [Legacy] FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\McSiteAdvisor.xml [2018-01-07] FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => not found FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => not found FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll [No File] FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [No File] FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [No File] CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006" CHR NewTab: Default -> Active:"chrome-extension://ikgjglmlehllifdekcggaapkaplbdpje/product.html" CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?q={searchTerms}?trackid=sp-006 CHR DefaultSearchKeyword: Default -> google CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms} CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [clbfjfbnelcflpgpklppgplejolacbej] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Martin\AppData\Local\Temp\crx1087.tmp <not found> CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx <not found> StartMenuInternet: ChromePlus - C:\Users\Martin\AppData\Roaming\ChromePlus\chrome.exe U3 idsvc; no ImagePath 2018-02-07 19:34 - 2018-02-07 19:35 - 000002326 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin) 2011-11-14 15:14 - 2011-11-14 15:14 - 000000000 _____ () C:\Users\Martin\AppData\Roaming\Application.set ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File Task: {0358106B-BE82-4380-A60C-35506A5606C9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {0388A018-222F-4791-83B2-6E324B944BDB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION Task: {347663C4-969A-4770-B7C3-A91A1B879D42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {4B0285C2-8B63-439B-BD75-037025741A8E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D} - \CCleanerSkipUAC -> No File <==== ATTENTION Task: {6945FBA0-A711-4106-BC0B-3F0048B55997} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {7A23875C-5969-4438-8E4C-3EE7826DB072} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {7DAACEA7-4393-4060-883F-8E6C881080BF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9} - System32\Tasks\Driver Booster SkipUAC (Martin) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {9213EEA4-E1CA-4005-962F-A3A40BFB39A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION Task: {A5F72B22-F30D-4570-99C3-6F7A909C16A1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {AC30822E-26B3-4149-8E69-3368B0F56010} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {C1D03B6C-F967-445D-A175-2E5C1F1B9042} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {F07C668C-1B3D-402C-8FA8-54E96FF186D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {F9C8F510-1791-47DD-AAE5-CEE8496088D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce" HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\StartupApproved\Run: => "cz.seznam.software.autoupdate" HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall" DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg DeleteKey: HKLM\SOFTWARE\Clients\StartMenuInternet\ChromePlus C:\WINDOWS\IObit C:\Users\Martin\AppData\Roaming\IObit C:\ProgramData\IObit C:\Users\Martin\AppData\LocalLow\IObit C:\Program Files (x86)\IObit C:\WINDOWS\System32\Tasks\Driver Booster Scheduler C:\Users\Public\Desktop\Driver Booster 5.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: preventivni kontrola
Fix result of Farbar Recovery Scan Tool (x64) Version: 24.02.2018
Ran by Martin (25-02-2018 02:37:03) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Folder: C:\Users\Martin\AppData\Roaming\ChromePlus
File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi
File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info
File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi
CMD: type "C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js"
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131586959274119921&GUID=A3677896-7467-4AD0-8C98-FF19B6C5FADD
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
URLSearchHook: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> {408DBBA8-4D00-46DA-9D22-47E4F4D32382} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=A ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO-x32: No Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> No File
Toolbar: HKU\.DEFAULT -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
FF Extension: (GoPhotoIt) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi [2012-07-31] [Legacy] [not signed]
FF Extension: (TheBflix) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info [2012-10-23] [Legacy] [not signed]
FF Extension: (Online HD TV) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi [2012-10-21] [Legacy] [not signed]
FF Extension: (Seznam li�ti�ka) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-12-04] [Legacy]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\McSiteAdvisor.xml [2018-01-07]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll [No File]
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [No File]
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [No File]
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR NewTab: Default -> Active:"chrome-extension://ikgjglmlehllifdekcggaapkaplbdpje/product.html"
CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?q={searchTerms}?trackid=sp-006
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=c ... earchTerms}
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clbfjfbnelcflpgpklppgplejolacbej] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Martin\AppData\Local\Temp\crx1087.tmp <not found>
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx <not found>
StartMenuInternet: ChromePlus - C:\Users\Martin\AppData\Roaming\ChromePlus\chrome.exe
U3 idsvc; no ImagePath
2018-02-07 19:34 - 2018-02-07 19:35 - 000002326 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin)
2011-11-14 15:14 - 2011-11-14 15:14 - 000000000 _____ () C:\Users\Martin\AppData\Roaming\Application.set
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {0358106B-BE82-4380-A60C-35506A5606C9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0388A018-222F-4791-83B2-6E324B944BDB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {347663C4-969A-4770-B7C3-A91A1B879D42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4B0285C2-8B63-439B-BD75-037025741A8E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {6945FBA0-A711-4106-BC0B-3F0048B55997} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7A23875C-5969-4438-8E4C-3EE7826DB072} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7DAACEA7-4393-4060-883F-8E6C881080BF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9} - System32\Tasks\Driver Booster SkipUAC (Martin) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9213EEA4-E1CA-4005-962F-A3A40BFB39A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {A5F72B22-F30D-4570-99C3-6F7A909C16A1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AC30822E-26B3-4149-8E69-3368B0F56010} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C1D03B6C-F967-445D-A175-2E5C1F1B9042} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F07C668C-1B3D-402C-8FA8-54E96FF186D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F9C8F510-1791-47DD-AAE5-CEE8496088D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
DeleteKey: HKLM\SOFTWARE\Clients\StartMenuInternet\ChromePlus
C:\WINDOWS\IObit
C:\Users\Martin\AppData\Roaming\IObit
C:\ProgramData\IObit
C:\Users\Martin\AppData\LocalLow\IObit
C:\Program Files (x86)\IObit
C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
C:\Users\Public\Desktop\Driver Booster 5.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========================= Folder: C:\Users\Martin\AppData\Roaming\ChromePlus ========================
not found.
====== End of Folder: ======
========================= File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi ========================
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi
File not signed
MD5: 778D3843EB97EB33EB29BA363B069226
Creation and modification date: 2012-07-31 12:59 - 2012-07-31 12:59
Size: 000221380
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/56a1d05 ... 519437382/
====== End of File: ======
========================= File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info ========================
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info
File is digitally signed
MD5: D41D8CD98F00B204E9800998ECF8427E (0-byte)
Creation and modification date: 2012-10-23 16:58 - 2012-10-23 16:58
Size: 000000000
Attributes: ----D
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0-byte
====== End of File: ======
========================= File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi ========================
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi
File not signed
MD5: 2A2EADCFB10C81D1A4C953958A7449DB
Creation and modification date: 2012-10-21 06:29 - 2012-10-21 06:29
Size: 000214909
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/339e92a ... 465438971/
====== End of File: ======
========= type "C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js" =========
user_pref("extensions.BabylonToolbar_i.id", "f4d8dae60000000000004e5d603af7f6");
user_pref("extensions.BabylonToolbar_i.hardId", "f4d8dae60000000000004e5d603af7f6");
user_pref("extensions.BabylonToolbar_i.instlDay", "15337");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.177:31:51");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101241");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8INx ... 26&search=");
user_pref("extensions.incredibar_i.id", "f4d8dae60000000000004e5d603af7f6");
user_pref("extensions.incredibar_i.instlDay", "15634");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.147:10:23");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.upn2", "6R8INxlFAq");
user_pref("extensions.incredibar_i.upn2n", "92825262384088766");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.did", "10650");
user_pref("extensions.incredibar_i.ppd", "53%5F4");
user_pref("extensions.autoDisableScopes",14);
========= End of CMD: =========
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{408DBBA8-4D00-46DA-9D22-47E4F4D32382}" => removed successfully
HKLM\Software\Classes\CLSID\{408DBBA8-4D00-46DA-9D22-47E4F4D32382} => key not found
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}" => removed successfully
HKLM\Software\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => key not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => key not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}" => removed successfully
HKLM\Software\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => key not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}" => removed successfully
HKLM\Software\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => key not found
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi => moved successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info => moved successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi => moved successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => moved successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\McSiteAdvisor.xml => moved successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/vbp;version=0.9.17" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => not found
"HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca" => removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf" => removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph" => removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\ChromePlus\shell\open\command\\Default => value restored successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin) => moved successfully
C:\Users\Martin\AppData\Roaming\Application.set => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0358106B-BE82-4380-A60C-35506A5606C9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0358106B-BE82-4380-A60C-35506A5606C9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0388A018-222F-4791-83B2-6E324B944BDB} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0388A018-222F-4791-83B2-6E324B944BDB} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{347663C4-969A-4770-B7C3-A91A1B879D42} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347663C4-969A-4770-B7C3-A91A1B879D42} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B0285C2-8B63-439B-BD75-037025741A8E} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B0285C2-8B63-439B-BD75-037025741A8E} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6945FBA0-A711-4106-BC0B-3F0048B55997} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6945FBA0-A711-4106-BC0B-3F0048B55997} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A23875C-5969-4438-8E4C-3EE7826DB072} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A23875C-5969-4438-8E4C-3EE7826DB072} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DAACEA7-4393-4060-883F-8E6C881080BF} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DAACEA7-4393-4060-883F-8E6C881080BF} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9} => could not remove key. ErrorCode1: 0x00000002
"C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin)" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Martin) => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9213EEA4-E1CA-4005-962F-A3A40BFB39A9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9213EEA4-E1CA-4005-962F-A3A40BFB39A9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5F72B22-F30D-4570-99C3-6F7A909C16A1} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5F72B22-F30D-4570-99C3-6F7A909C16A1} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC30822E-26B3-4149-8E69-3368B0F56010} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC30822E-26B3-4149-8E69-3368B0F56010} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1D03B6C-F967-445D-A175-2E5C1F1B9042} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1D03B6C-F967-445D-A175-2E5C1F1B9042} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F07C668C-1B3D-402C-8FA8-54E96FF186D6} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F07C668C-1B3D-402C-8FA8-54E96FF186D6} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9C8F510-1791-47DD-AAE5-CEE8496088D6} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9C8F510-1791-47DD-AAE5-CEE8496088D6} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\seznam-listicka-distribuce" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => not found
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cz.seznam.software.autoupdate" => removed successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => not found
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\SpybotPostWindows10UpgradeReInstall" => removed successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => not found
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" => removed successfully
"HKLM\SOFTWARE\Clients\StartMenuInternet\ChromePlus" => removed successfully
C:\WINDOWS\IObit => moved successfully
C:\Users\Martin\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Users\Martin\AppData\LocalLow\IObit => moved successfully
"C:\Program Files (x86)\IObit" => not found
"C:\WINDOWS\System32\Tasks\Driver Booster Scheduler" => not found
"C:\Users\Public\Desktop\Driver Booster 5.lnk" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15005495 B
Java, Flash, Steam htmlcache => 35864355 B
Windows/system/drivers => 749624 B
Edge => 6442672 B
Chrome => 568225551 B
Firefox => 312067299 B
Opera => 279429859 B
Temp, IE cache, history, cookies, recent:
Default => 40258 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 230464 B
Martin => 102512305 B
DefaultAppPool => 33058 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-02-2018 02:50:21)
Result of scheduled keys to remove after reboot:
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0358106B-BE82-4380-A60C-35506A5606C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0358106B-BE82-4380-A60C-35506A5606C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0388A018-222F-4791-83B2-6E324B944BDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0388A018-222F-4791-83B2-6E324B944BDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{347663C4-969A-4770-B7C3-A91A1B879D42}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347663C4-969A-4770-B7C3-A91A1B879D42}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B0285C2-8B63-439B-BD75-037025741A8E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B0285C2-8B63-439B-BD75-037025741A8E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6945FBA0-A711-4106-BC0B-3F0048B55997}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6945FBA0-A711-4106-BC0B-3F0048B55997}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A23875C-5969-4438-8E4C-3EE7826DB072}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A23875C-5969-4438-8E4C-3EE7826DB072}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DAACEA7-4393-4060-883F-8E6C881080BF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DAACEA7-4393-4060-883F-8E6C881080BF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Martin)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9213EEA4-E1CA-4005-962F-A3A40BFB39A9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9213EEA4-E1CA-4005-962F-A3A40BFB39A9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5F72B22-F30D-4570-99C3-6F7A909C16A1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5F72B22-F30D-4570-99C3-6F7A909C16A1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC30822E-26B3-4149-8E69-3368B0F56010}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC30822E-26B3-4149-8E69-3368B0F56010}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1D03B6C-F967-445D-A175-2E5C1F1B9042}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1D03B6C-F967-445D-A175-2E5C1F1B9042}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F07C668C-1B3D-402C-8FA8-54E96FF186D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F07C668C-1B3D-402C-8FA8-54E96FF186D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9C8F510-1791-47DD-AAE5-CEE8496088D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9C8F510-1791-47DD-AAE5-CEE8496088D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
==== End of Fixlog 02:50:22 ====
Ran by Martin (25-02-2018 02:37:03) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Folder: C:\Users\Martin\AppData\Roaming\ChromePlus
File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi
File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info
File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi
CMD: type "C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js"
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131586959274119921&GUID=A3677896-7467-4AD0-8C98-FF19B6C5FADD
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
URLSearchHook: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> {408DBBA8-4D00-46DA-9D22-47E4F4D32382} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=A ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
BHO-x32: No Name -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> No File
Toolbar: HKU\.DEFAULT -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-1504789416-810619661-2310688379-1000 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
FF Extension: (GoPhotoIt) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi [2012-07-31] [Legacy] [not signed]
FF Extension: (TheBflix) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info [2012-10-23] [Legacy] [not signed]
FF Extension: (Online HD TV) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi [2012-10-21] [Legacy] [not signed]
FF Extension: (Seznam li�ti�ka) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-12-04] [Legacy]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\McSiteAdvisor.xml [2018-01-07]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => not found
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll [No File]
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [No File]
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [No File]
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR NewTab: Default -> Active:"chrome-extension://ikgjglmlehllifdekcggaapkaplbdpje/product.html"
CHR DefaultSearchURL: Default -> hxxps://www.google.de/search?q={searchTerms}?trackid=sp-006
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=c ... earchTerms}
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clbfjfbnelcflpgpklppgplejolacbej] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\Martin\AppData\Local\Temp\crx1087.tmp <not found>
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx <not found>
StartMenuInternet: ChromePlus - C:\Users\Martin\AppData\Roaming\ChromePlus\chrome.exe
U3 idsvc; no ImagePath
2018-02-07 19:34 - 2018-02-07 19:35 - 000002326 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin)
2011-11-14 15:14 - 2011-11-14 15:14 - 000000000 _____ () C:\Users\Martin\AppData\Roaming\Application.set
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {0358106B-BE82-4380-A60C-35506A5606C9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0388A018-222F-4791-83B2-6E324B944BDB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {347663C4-969A-4770-B7C3-A91A1B879D42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {4B0285C2-8B63-439B-BD75-037025741A8E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {6945FBA0-A711-4106-BC0B-3F0048B55997} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7A23875C-5969-4438-8E4C-3EE7826DB072} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7DAACEA7-4393-4060-883F-8E6C881080BF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9} - System32\Tasks\Driver Booster SkipUAC (Martin) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9213EEA4-E1CA-4005-962F-A3A40BFB39A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {A5F72B22-F30D-4570-99C3-6F7A909C16A1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AC30822E-26B3-4149-8E69-3368B0F56010} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C1D03B6C-F967-445D-A175-2E5C1F1B9042} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F07C668C-1B3D-402C-8FA8-54E96FF186D6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F9C8F510-1791-47DD-AAE5-CEE8496088D6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1504789416-810619661-2310688379-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
DeleteKey: HKLM\SOFTWARE\Clients\StartMenuInternet\ChromePlus
C:\WINDOWS\IObit
C:\Users\Martin\AppData\Roaming\IObit
C:\ProgramData\IObit
C:\Users\Martin\AppData\LocalLow\IObit
C:\Program Files (x86)\IObit
C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
C:\Users\Public\Desktop\Driver Booster 5.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========================= Folder: C:\Users\Martin\AppData\Roaming\ChromePlus ========================
not found.
====== End of Folder: ======
========================= File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi ========================
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi
File not signed
MD5: 778D3843EB97EB33EB29BA363B069226
Creation and modification date: 2012-07-31 12:59 - 2012-07-31 12:59
Size: 000221380
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/56a1d05 ... 519437382/
====== End of File: ======
========================= File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info ========================
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info
File is digitally signed
MD5: D41D8CD98F00B204E9800998ECF8427E (0-byte)
Creation and modification date: 2012-10-23 16:58 - 2012-10-23 16:58
Size: 000000000
Attributes: ----D
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0-byte
====== End of File: ======
========================= File: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi ========================
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi
File not signed
MD5: 2A2EADCFB10C81D1A4C953958A7449DB
Creation and modification date: 2012-10-21 06:29 - 2012-10-21 06:29
Size: 000214909
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/339e92a ... 465438971/
====== End of File: ======
========= type "C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js" =========
user_pref("extensions.BabylonToolbar_i.id", "f4d8dae60000000000004e5d603af7f6");
user_pref("extensions.BabylonToolbar_i.hardId", "f4d8dae60000000000004e5d603af7f6");
user_pref("extensions.BabylonToolbar_i.instlDay", "15337");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.177:31:51");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101241");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8INx ... 26&search=");
user_pref("extensions.incredibar_i.id", "f4d8dae60000000000004e5d603af7f6");
user_pref("extensions.incredibar_i.instlDay", "15634");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.147:10:23");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.upn2", "6R8INxlFAq");
user_pref("extensions.incredibar_i.upn2n", "92825262384088766");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.did", "10650");
user_pref("extensions.incredibar_i.ppd", "53%5F4");
user_pref("extensions.autoDisableScopes",14);
========= End of CMD: =========
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{408DBBA8-4D00-46DA-9D22-47E4F4D32382}" => removed successfully
HKLM\Software\Classes\CLSID\{408DBBA8-4D00-46DA-9D22-47E4F4D32382} => key not found
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}" => removed successfully
HKLM\Software\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => key not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f} => key not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}" => removed successfully
HKLM\Software\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => key not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}" => removed successfully
HKLM\Software\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => key not found
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\gophoto@gophoto.it.xpi => moved successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\info@bflix.info => moved successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\onlinehdtv@onlinehd.tv.xpi => moved successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => moved successfully
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\searchplugins\McSiteAdvisor.xml => moved successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/vbp;version=0.9.17" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => not found
"HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca" => removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf" => removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph" => removed successfully
HKLM\SOFTWARE\Clients\StartMenuInternet\ChromePlus\shell\open\command\\Default => value restored successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin) => moved successfully
C:\Users\Martin\AppData\Roaming\Application.set => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0358106B-BE82-4380-A60C-35506A5606C9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0358106B-BE82-4380-A60C-35506A5606C9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0388A018-222F-4791-83B2-6E324B944BDB} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0388A018-222F-4791-83B2-6E324B944BDB} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{347663C4-969A-4770-B7C3-A91A1B879D42} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347663C4-969A-4770-B7C3-A91A1B879D42} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B0285C2-8B63-439B-BD75-037025741A8E} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B0285C2-8B63-439B-BD75-037025741A8E} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6945FBA0-A711-4106-BC0B-3F0048B55997} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6945FBA0-A711-4106-BC0B-3F0048B55997} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A23875C-5969-4438-8E4C-3EE7826DB072} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A23875C-5969-4438-8E4C-3EE7826DB072} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DAACEA7-4393-4060-883F-8E6C881080BF} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DAACEA7-4393-4060-883F-8E6C881080BF} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9} => could not remove key. ErrorCode1: 0x00000002
"C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin)" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Martin) => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9213EEA4-E1CA-4005-962F-A3A40BFB39A9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9213EEA4-E1CA-4005-962F-A3A40BFB39A9} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5F72B22-F30D-4570-99C3-6F7A909C16A1} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5F72B22-F30D-4570-99C3-6F7A909C16A1} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC30822E-26B3-4149-8E69-3368B0F56010} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC30822E-26B3-4149-8E69-3368B0F56010} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1D03B6C-F967-445D-A175-2E5C1F1B9042} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1D03B6C-F967-445D-A175-2E5C1F1B9042} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F07C668C-1B3D-402C-8FA8-54E96FF186D6} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F07C668C-1B3D-402C-8FA8-54E96FF186D6} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9C8F510-1791-47DD-AAE5-CEE8496088D6} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9C8F510-1791-47DD-AAE5-CEE8496088D6} => could not remove key. ErrorCode1: 0x00000002
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\seznam-listicka-distribuce" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => not found
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cz.seznam.software.autoupdate" => removed successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => not found
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\SpybotPostWindows10UpgradeReInstall" => removed successfully
"HKU\S-1-5-21-1504789416-810619661-2310688379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall" => not found
"HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" => removed successfully
"HKLM\SOFTWARE\Clients\StartMenuInternet\ChromePlus" => removed successfully
C:\WINDOWS\IObit => moved successfully
C:\Users\Martin\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Users\Martin\AppData\LocalLow\IObit => moved successfully
"C:\Program Files (x86)\IObit" => not found
"C:\WINDOWS\System32\Tasks\Driver Booster Scheduler" => not found
"C:\Users\Public\Desktop\Driver Booster 5.lnk" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15005495 B
Java, Flash, Steam htmlcache => 35864355 B
Windows/system/drivers => 749624 B
Edge => 6442672 B
Chrome => 568225551 B
Firefox => 312067299 B
Opera => 279429859 B
Temp, IE cache, history, cookies, recent:
Default => 40258 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 230464 B
Martin => 102512305 B
DefaultAppPool => 33058 B
RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-02-2018 02:50:21)
Result of scheduled keys to remove after reboot:
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0358106B-BE82-4380-A60C-35506A5606C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0358106B-BE82-4380-A60C-35506A5606C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0388A018-222F-4791-83B2-6E324B944BDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0388A018-222F-4791-83B2-6E324B944BDB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FA5A5F0-1F06-4509-B25B-8EF778FE4ABC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{347663C4-969A-4770-B7C3-A91A1B879D42}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347663C4-969A-4770-B7C3-A91A1B879D42}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B0285C2-8B63-439B-BD75-037025741A8E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B0285C2-8B63-439B-BD75-037025741A8E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E36D3ED-F0D6-4FD4-9BE5-4E0820EF502D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6945FBA0-A711-4106-BC0B-3F0048B55997}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6945FBA0-A711-4106-BC0B-3F0048B55997}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F5EB06E-FAD9-45DC-86CE-ED00FFFB28F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A23875C-5969-4438-8E4C-3EE7826DB072}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A23875C-5969-4438-8E4C-3EE7826DB072}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DAACEA7-4393-4060-883F-8E6C881080BF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DAACEA7-4393-4060-883F-8E6C881080BF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91EA35E2-50B9-4FDA-BC3F-EF68CDB8A4F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Martin)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9213EEA4-E1CA-4005-962F-A3A40BFB39A9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9213EEA4-E1CA-4005-962F-A3A40BFB39A9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5F72B22-F30D-4570-99C3-6F7A909C16A1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5F72B22-F30D-4570-99C3-6F7A909C16A1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC30822E-26B3-4149-8E69-3368B0F56010}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC30822E-26B3-4149-8E69-3368B0F56010}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1D03B6C-F967-445D-A175-2E5C1F1B9042}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1D03B6C-F967-445D-A175-2E5C1F1B9042}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5CB7192-4BDF-4CE6-8961-FD1E2D496EB1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC7362CE-0D22-4DBC-8AAD-CAFE7F8F383F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F07C668C-1B3D-402C-8FA8-54E96FF186D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F07C668C-1B3D-402C-8FA8-54E96FF186D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9C8F510-1791-47DD-AAE5-CEE8496088D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9C8F510-1791-47DD-AAE5-CEE8496088D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
==== End of Fixlog 02:50:22 ====
Re: preventivni kontrola
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: FF user.js: detected! => C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js [2014-03-24] End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Nasledne vytvor nove logy z FRST (tlacitko Scan) a vloz do dalsej odpovede.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: preventivni kontrola
Prosim vas jeste jsem se chtel zeptat, jak spatne na tom vlastne muj pc byl? Me prijde ze se mu hodne ulevilo, uz ani tolik nehuci a zapina se pomerne rychleji, mam radost.
Fix result of Farbar Recovery Scan Tool (x64) Version: 24.02.2018
Ran by Martin (25-02-2018 11:57:47) Run:2
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
FF user.js: detected! => C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js [2014-03-24]
End
*****************
Processes closed successfully.
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js => moved successfully
The system needed a reboot.
==== End of Fixlog 11:58:30 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 24.02.2018
Ran by Martin (25-02-2018 11:57:47) Run:2
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
FF user.js: detected! => C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js [2014-03-24]
End
*****************
Processes closed successfully.
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\742z7rsh.default\user.js => moved successfully
The system needed a reboot.
==== End of Fixlog 11:58:30 ====
Re: preventivni kontrola
To som rad. Bola tam tona adware - nechcene reklamne programy, viac info napr. tu: https://forum.viry.cz/viewtopic.php?f=24&t=142553 Poprosim este o tie nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: preventivni kontrola
Vyzera to uz OK. Skontroluj, velkost plochy (C:\Users\Martin\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu. Ak nie su dalsie problemy, tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Oznac moznost "Purge system restore"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: preventivni kontrola
ok vse je splneno, jeste jednou dekuji za pomoc a nashledanou
Re: preventivni kontrola
Nie je zaco, rad som pomohol
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?