Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Kavasi
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 29 pro 2016 12:12

Preventivka

#1 Příspěvek od Kavasi »

Ahoj, prosím o preventivní kontrolu. Předem Díky :)

LOG z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Misanek at 2018-03-05 22:03:43
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 91 GB (40%) free of 229 GB
Total RAM: 3969 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:49, on 5.3.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Misanek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\trend micro\Misanek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [OPENVPN-GUI] C:\Program Files\OpenVPN\bin\openvpn-gui.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_C43E59E82F97EB6162ECC4416AB9C470] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Misanek\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O16 - DPF: {538793D5-659C-4639-A56C-A179AD87ED44} (Cisco AnyConnect Secure Mobility Client Web Control) - https://vpn.upce.cz/CACHE/stc/3/binaries/vpnweb.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPNService - - C:\Program Files\OpenVPN\bin\openvpnserv2.exe
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: OpenVPN Legacy Service (OpenVPNServiceLegacy) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Update Service (updatesrv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Security Service (vsserv) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
O23 - Service: Bitdefender Correlation Service (vsservppl) - Bitdefender - C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13618 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 29763728
\??\C:\Windows\system32\conhost.exe "1814427985-145149086820427653631844538371-114633925818026002671329538678-417231663
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe" -service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\OpenVPN\bin\openvpnserv.exe"
"C:\Program Files\Bitdefender Agent\ProductAgentService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe" /service
"C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE"
"C:\Program Files\Bitdefender Antivirus Free\vsserv.exe" /service
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe" /service
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
\??\C:\Windows\system32\conhost.exe "-1580087995318276714-1236977294415319509-14939572371685338253-367668957-212849948
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files\OpenVPN\bin\openvpn-gui.exe
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Misanek\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Misanek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=64.0.3282.186 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fef57f2050,0x7fef57f2060,0x7fef57f2070
"C:\Users\Misanek\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4460 --on-initialized-event-handle=304 --parent-handle=308 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --gpu-preferences=GAAAAAAAAAAABwAAAQAAAAAAAAAAAGAA --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.4425 --gpu-driver-date=4-4-2016 --service-request-channel-token=B8D288EC8D589B85BEAC76F08AD6BD28 --mojo-platform-channel-handle=1536 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --service-pipe-token=B658F1A49C89C8E47D6B7FCD6165C9E3 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=B658F1A49C89C8E47D6B7FCD6165C9E3 --renderer-client-id=3 --mojo-platform-channel-handle=2180 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --service-pipe-token=9C1EA90E6A6831B0694598E9F7EBACA4 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=9C1EA90E6A6831B0694598E9F7EBACA4 --renderer-client-id=4 --mojo-platform-channel-handle=2280 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --service-pipe-token=D5D53C98769D61332DF53BAC49892C81 --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=D5D53C98769D61332DF53BAC49892C81 --renderer-client-id=5 --mojo-platform-channel-handle=2456 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --service-pipe-token=F8A5E1062C62B5D5B829428FD19BBA1E --lang=cs --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=F8A5E1062C62B5D5B829428FD19BBA1E --renderer-client-id=6 --mojo-platform-channel-handle=2560 /prefetch:1
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\cmd.exe /d /c "C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe" chrome-extension://fkepacicchenbjecpbpbclokcabebhah/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.8ce40497a7556d93 > \\.\pipe\chrome.nativeMessaging.out.8ce40497a7556d93
\??\C:\Windows\system32\conhost.exe "-117013791613363454420657293991152597044-14397779231171495484-531680190-1687205235
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --capture-python --no-upload-gzip --no-rate-limit --database=C:\Users\Misanek\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=buildno=Dropbox-win-44.4.58 --annotation=client_session_id=5fead4f7-f6da-45c6-a011-2a12823c03b1 --annotation=host_int_account1_boot=18872895104 --annotation=machine_id=eea085c1-7704-4c4e-8aa2-41929faabefe --annotation=platform=win --annotation=platform_version=7 --initial-client-data=0xd0,0xdc,0xe0,0xd8,0xe4,0x60fe8db8,0x60fe8dc8,0x60fe8dd8
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe" chrome-extension://fkepacicchenbjecpbpbclokcabebhah/ --parent-window=0
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:5fead4f7-f6da-45c6-a011-2a12823c03b1 -target-handle:216 -target-shutdown-event:228 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -method:collectupload -handler-pipe:\\.\pipe\crashpad_5084_JLYSTATMLLYNDLPG
"C:\Program Files\iPod\bin\iPodService.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Bitdefender Antivirus Free\bdagent.exe" -minimized
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\Misanek\AppData\Local\Steam\htmlcache" "-steampid=4408" "-buildid=1513371133" "-steamid=0" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Misanek\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\Misanek\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x184,0x188,0x18c,0x180,0x190,0x5bfd81a4,0x5bfd81b4,0x5bfd81c4
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --disable-smooth-scrolling --enable-pinch --service-pipe-token=87EC72CDA0DE9F71E81C0A1ED0B7EB87 --enable-blink-features=ResizeObserver --lang=en-US --lang=cs-CZ --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback.host/* --disable-spell-checking --buildid=1513371133 --steamid=0 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --disable-accelerated-video-decode --disable-gpu-compositing --enable-gpu-async-worker-context --service-request-channel-token=87EC72CDA0DE9F71E81C0A1ED0B7EB87 --renderer-client-id=2 --mojo-platform-channel-handle=1500 /prefetch:1
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\ehome\ehRecvr.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --lang=cs --service-sandbox-type=utility --use-simple-cache-backend=on --service-request-channel-token=F179F4A361162E542A634D1DCBA4772B --mojo-platform-channel-handle=1640 --ignored=" --type=renderer " /prefetch:8
C:\Windows\ehome\mcGlidHost.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe"
"C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe"
"C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --service-pipe-token=9C63F9AB0FD951AD2F0BBD614C4AC900 --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=9C63F9AB0FD951AD2F0BBD614C4AC900 --renderer-client-id=210 --mojo-platform-channel-handle=824 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --service-pipe-token=0F28A8FF863524D82F9484FD636CED4E --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=0F28A8FF863524D82F9484FD636CED4E --renderer-client-id=251 --mojo-platform-channel-handle=4992 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --service-pipe-token=08C32FFAB196C1BAA825EEA45031BE5C --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=08C32FFAB196C1BAA825EEA45031BE5C --renderer-client-id=255 --mojo-platform-channel-handle=6524 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-experimental-canvas-features --field-trial-handle=1356,6735582995236150232,11000424489620443805,131072 --service-pipe-token=43E6CD2B7211C79396A3E047EE3F2EDF --lang=cs --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --service-request-channel-token=43E6CD2B7211C79396A3E047EE3F2EDF --renderer-client-id=257 --mojo-platform-channel-handle=7124 /prefetch:1
taskeng.exe {3333CDAC-4865-45E1-9816-D7224F1059D0}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Users\Misanek\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-28 207016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-02-28 1058480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-28 3208368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-28 149168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-02-28 677040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-28 2197680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [2014-01-15 8925184]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-08-16 1703424]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2013-02-21 698712]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2018-01-22 298296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-02-08 9363672]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2018-01-10 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2018-01-10 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2018-01-10 356664]
"OPENVPN-GUI"=C:\Program Files\OpenVPN\bin\openvpn-gui.exe [2017-03-22 615040]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2018-01-29 41100328]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-12-15 3111712]
"GoogleChromeAutoLaunch_C43E59E82F97EB6162ECC4416AB9C470"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-02-22 1581912]
"Spotify Web Helper"=C:\Users\Misanek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-02-20 780688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-11-13 134616]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-02-26 3567936]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Windows\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2018-03-05 22:03:43 ----D---- C:\rsit
2018-03-05 22:03:43 ----D---- C:\Program Files\trend micro
2018-03-05 10:36:13 ----A---- C:\Windows\system32\CNHMCA6.dll
2018-03-05 10:36:13 ----A---- C:\Windows\system32\CNC_CAL.dll
2018-03-05 10:36:13 ----A---- C:\Windows\system32\CNC_CAI.dll
2018-03-05 10:36:13 ----A---- C:\Windows\system32\CNC_CAC.dll
2018-02-26 12:24:48 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2018-02-26 12:24:48 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2018-02-26 12:24:48 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2018-02-26 12:24:48 ----A---- C:\Windows\system32\DbxSvc.exe
2018-02-24 06:56:23 ----D---- C:\Windows\system32\tmp00006226
2018-02-23 20:44:08 ----A---- C:\Windows\system32\drivers\gzflt.sys
2018-02-23 20:44:03 ----A---- C:\Windows\system32\drivers\bddci.sys
2018-02-23 20:44:03 ----A---- C:\Windows\system32\drivers\atc.sys
2018-02-06 17:26:40 ----D---- C:\ProgramData\bdch

======List of files/folders modified in the last 1 month======

2018-03-05 22:03:49 ----D---- C:\Program Files\Bitdefender Antivirus Free
2018-03-05 22:03:43 ----RD---- C:\Program Files
2018-03-05 22:03:40 ----D---- C:\Windows\Temp
2018-03-05 18:00:15 ----D---- C:\Windows\system32\config
2018-03-05 17:45:05 ----D---- C:\Windows\system32\Tasks
2018-03-05 17:44:53 ----SHD---- C:\Windows\Installer
2018-03-05 17:44:47 ----D---- C:\Windows\system32\catroot
2018-03-05 17:44:46 ----D---- C:\Windows\system32\DriverStore
2018-03-05 17:44:46 ----D---- C:\Windows\inf
2018-03-05 15:42:52 ----D---- C:\Windows\system32\drivers
2018-03-05 15:38:48 ----D---- C:\Windows\System32
2018-03-05 15:38:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-03-05 15:32:16 ----D---- C:\Program Files (x86)\Steam
2018-03-03 12:46:02 ----D---- C:\Users\Misanek\AppData\Roaming\vlc
2018-03-02 20:41:22 ----D---- C:\Users\Misanek\AppData\Roaming\Spotify
2018-03-02 20:31:41 ----D---- C:\utorrent
2018-03-02 19:28:02 ----D---- C:\Program Files (x86)\Dropbox
2018-02-28 20:37:32 ----D---- C:\Windows\Microsoft.NET
2018-02-28 20:34:10 ----D---- C:\Windows
2018-02-28 20:33:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-02-28 20:33:16 ----D---- C:\Program Files (x86)\Common Files
2018-02-28 20:31:51 ----D---- C:\Program Files (x86)\Microsoft Office
2018-02-27 20:32:35 ----SHD---- C:\System Volume Information
2018-02-27 15:10:02 ----D---- C:\Windows\SysWOW64
2018-02-27 15:10:02 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-02-25 18:35:53 ----D---- C:\Windows\Minidump
2018-02-20 17:52:27 ----D---- C:\ProgramData\Package Cache
2018-02-20 17:46:24 ----D---- C:\ProgramData\Hotspot Shield
2018-02-20 17:46:15 ----D---- C:\Program Files (x86)\Hotspot Shield
2018-02-19 19:12:30 ----D---- C:\Torrent
2018-02-19 18:08:44 ----A---- C:\Windows\SYSWOW64\SmartFlow.txt
2018-02-11 21:37:24 ----D---- C:\ProgramData\Cisco
2018-02-11 21:37:24 ----D---- C:\Program Files (x86)\Cisco
2018-02-11 21:36:54 ----D---- C:\Windows\system32\drivers\etc
2018-02-06 17:26:40 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Atc;Atc; C:\Windows\system32\DRIVERS\Atc.sys [2018-02-23 1177720]
R0 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2018-02-23 1725800]
R0 BdDci;BdDci Service; C:\Windows\system32\DRIVERS\bddci.sys [2018-02-23 154888]
R0 gzflt;gzflt; C:\Windows\system32\drivers\gzflt.sys [2018-02-23 191784]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-12-16 77432]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2018-01-16 193968]
R2 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2016-06-22 520032]
R3 AFTrafMgr1.4;AFTrafMgr1.4; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [2018-01-03 56840]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2013-02-21 489264]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2014-01-15 23760]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-01-15 8061648]
R3 DDDriver;DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [2017-12-14 41608]
R3 DellProf;DellProf; C:\Windows\system32\drivers\DellProf.sys [2017-12-14 41208]
R3 edrsensor;edrsensor; C:\Windows\system32\DRIVERS\edrsensor.sys [2018-02-23 248336]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2016-11-02 38680]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-06-15 3802600]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-06-15 463112]
R3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2010-02-03 113280]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2018-03-05 110016]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2018-03-05 46008]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-03-05 253880]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-11-13 99288]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-08-16 551936]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2016-04-21 27136]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2017-03-21 42064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2016-09-20 878072]
S3 Blfp;Broadcom Advanced Server Program Driver; C:\Windows\system32\DRIVERS\basp.sys [2011-08-22 121856]
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HPEWSFXBULK;HPEWSFXBULK; C:\Windows\system32\drivers\hpfx64bulk.sys [2009-02-26 20504]
S3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2018-01-14 84256]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2016-03-28 23040]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2016-03-28 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64; C:\Windows\system32\DRIVERS\vpnva64-6.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-01-05 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 BrcmMgmtAgent;Broadcom Management Agent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2011-11-30 163840]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-02-22 7962800]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2018-02-26 51024]
R2 DDVCollectorSvcApi;Dell Data Vault Service API; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2017-12-14 208792]
R2 DDVDataCollector;Dell Data Vault Collector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2017-12-14 3294608]
R2 DDVRulesProcessor;Dell Data Vault Processor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2017-12-14 217488]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2018-02-05 53680]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-06-15 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-11-13 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-11-13 390616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 6234056]
R2 OpenVPNServiceInteractive;OpenVPN Interactive Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2017-03-22 72320]
R2 ProductAgentService;ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [2017-04-11 1254736]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-16 339456]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2018-02-14 41432]
R2 updatesrv;Bitdefender Update Service; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [2018-02-23 100392]
R2 vsserv;Bitdefender Security Service; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [2018-02-23 100392]
R2 vsservppl;Bitdefender Correlation Service; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [2018-02-23 100392]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-01-22 673080]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-12-03 5132888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-03 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-28 153752]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-06-15 280696]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-03 143144]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-28 153752]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 OpenVPNService;OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [2016-11-25 15872]
S3 OpenVPNServiceLegacy;OpenVPN Legacy Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2017-03-22 72320]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-02-22 211632]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-23 837312]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-12-28 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Kavasi
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 29 pro 2016 12:12

Re: Preventivka

#3 Příspěvek od Kavasi »

# AdwCleaner 7.0.8.0 - Logfile created on Tue Mar 06 15:21:01 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Misanek\AppData\Roaming\acestream
Deleted: C:\Users\Misanek\AppData\LocalLow\.acestream
Deleted: C:\Users\Misanek\AppData\Roaming\.acestream
Deleted: C:\_acestream_cache_


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Value] - HKCU\Software\RegisteredApplications|AceStream
Deleted: [Key] - HKLM\SOFTWARE\MimarSinan


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: MPC Safe Search - mpc safe search


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1457 B] - [2018/3/6 15:20:8]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Kavasi
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 29 pro 2016 12:12

Re: Preventivka

#5 Příspěvek od Kavasi »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by Misanek (administrator) on MISANEK-PC (06-03-2018 19:40:40)
Running from C:\Users\Misanek\Desktop
Loaded Profiles: Misanek (Available Profiles: Misanek)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Misanek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\mcGlidHost.exe
(forum.viry.cz) C:\Users\Misanek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [8925184 2014-01-15] (Dell Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-11-13] (Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-02-26] (Dropbox, Inc.)
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [615040 2017-03-22] ()
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [GoogleChromeAutoLaunch_C43E59E82F97EB6162ECC4416AB9C470] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1581912 2018-02-22] (Google Inc.)
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Run: [Spotify Web Helper] => C:\Users\Misanek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2018-02-20] (Spotify Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.0 keystone.mwbsys.com 0.0.0.0 serius.mwbsys.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B0FF23F9-BCAD-4F5D-BFCB-8F42DB092044}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EE85218D-40E3-4D33-971B-AE51D6B34BA0}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2693692505-850551649-2296808387-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-28] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-02-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-28] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-28] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-02-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-28] (Microsoft Corporation)
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} hxxps://vpn.upce.cz/CACHE/stc/3/binaries/vpnweb.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-28] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-02-28] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-02-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default [2018-03-06]
CHR Extension: (Prezentace) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-28]
CHR Extension: (YouTube) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-28]
CHR Extension: (Dropbox for Gmail) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2018-02-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Tabulky) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Záložky na iCloudu) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2017-10-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-28]
CHR Extension: (AdBlock) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-02]
CHR Extension: (Twinoo Brain Training - Test your Brain) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\igippnbkniajgjmfiklnjokigepheabp [2016-12-28]
CHR Extension: (The West) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2016-12-28]
CHR Extension: (Webcam Toy) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2016-12-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-08-21]
CHR Extension: (Nákupní centrum parkování) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjfoehokglnmbbnncflhhgapdfkhahle [2016-12-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Televize Online) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2016-12-28]
CHR Extension: (Gmail) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-28]
CHR Extension: (Chrome Media Router) - C:\Users\Misanek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-08]
CHR HKU\S-1-5-21-2693692505-850551649-2296808387-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [163840 2011-11-30] (Broadcom Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962800 2018-02-22] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-03] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-03] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-02-26] (Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53680 2018-02-05] (AnchorFree Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-06-15] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72320 2017-03-22] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72320 2017-03-22] (The OpenVPN Project)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc.)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [100392 2018-02-23] (Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [100392 2018-02-23] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [100392 2018-02-23] (Bitdefender)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6177280 2014-01-15] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-01-03] (AnchorFree Inc.)
R0 Atc; C:\Windows\System32\DRIVERS\Atc.sys [1177720 2018-02-23] (BitDefender S.R.L. Bucharest, ROMANIA)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1725800 2018-02-23] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
R0 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [154888 2018-02-23] (Bitdefender)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R3 edrsensor; C:\Windows\System32\DRIVERS\edrsensor.sys [248336 2018-02-23] (BitDefender S.R.L. Bucharest, ROMANIA)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-12-16] ()
R0 gzflt; C:\Windows\System32\drivers\gzflt.sys [191784 2018-02-23] (BitDefender LLC)
S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2009-02-26] (Hewlett Packard)
R3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-01-16] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-03-06] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-03-06] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-03-06] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2018-01-14] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11616 2000-09-05] () [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R2 trufos; C:\Windows\System32\drivers\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-06 19:40 - 2018-03-06 19:40 - 000022721 _____ C:\Users\Misanek\Desktop\FRST.txt
2018-03-06 19:40 - 2018-03-06 19:40 - 000000000 ____D C:\FRST
2018-03-06 19:39 - 2018-03-06 19:39 - 000112640 _____ (forum.viry.cz) C:\Users\Misanek\Desktop\FRSTLauncher.exe
2018-03-06 19:39 - 2018-03-06 19:04 - 002403328 _____ (Farbar) C:\Users\Misanek\Desktop\FRST64.exe
2018-03-06 19:38 - 2018-03-06 19:39 - 000112640 _____ (forum.viry.cz) C:\Users\Misanek\Downloads\FRSTLauncher.exe
2018-03-06 19:04 - 2018-03-06 19:04 - 002403328 _____ (Farbar) C:\Users\Misanek\Downloads\FRST64.exe
2018-03-06 16:18 - 2018-03-06 16:21 - 000000000 ____D C:\AdwCleaner
2018-03-06 16:18 - 2018-03-06 16:18 - 008222496 _____ (Malwarebytes) C:\Users\Misanek\Downloads\adwcleaner_7.0.8.0.exe
2018-03-06 16:18 - 2018-03-06 16:18 - 008222496 _____ (Malwarebytes) C:\Users\Misanek\Desktop\adwcleaner_7.0.8.0.exe
2018-03-05 22:03 - 2018-03-05 22:03 - 001222144 _____ C:\Users\Misanek\Downloads\RSITx64.exe
2018-03-05 22:03 - 2018-03-05 22:03 - 000000000 ____D C:\rsit
2018-03-05 22:03 - 2018-03-05 22:03 - 000000000 ____D C:\Program Files\trend micro
2018-03-05 17:45 - 2018-03-05 17:45 - 000003808 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2018-03-05 10:36 - 2014-02-04 15:29 - 000316928 _____ (CANON INC.) C:\Windows\system32\CNC_CAC.dll
2018-03-05 10:36 - 2014-02-04 15:29 - 000105984 _____ (CANON INC.) C:\Windows\system32\CNC_CAI.dll
2018-03-05 10:36 - 2014-01-21 13:16 - 000369664 _____ (CANON INC.) C:\Windows\system32\CNC_CAL.dll
2018-03-05 10:36 - 2013-12-02 12:51 - 000096000 _____ C:\Windows\system32\CNC177FD.TBL
2018-03-05 10:36 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2018-03-02 19:59 - 2018-03-02 19:59 - 000021958 _____ C:\Users\Misanek\Downloads\The.Big.Bang.Theory.S11E16.HDTV.x264-SVA.srt
2018-03-02 19:27 - 2018-03-02 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-02-27 19:46 - 2018-02-27 19:46 - 000111209 _____ C:\Users\Misanek\Downloads\Obecký ekonometrický model.pdf
2018-02-27 18:41 - 2018-02-27 18:47 - 000017085 _____ C:\Users\Misanek\Downloads\tk.xlsx
2018-02-26 22:06 - 2018-02-26 22:06 - 000146727 _____ C:\Users\Misanek\Downloads\P_edná_ka1.pdf
2018-02-26 21:08 - 2018-02-26 21:08 - 000463558 _____ C:\Users\Misanek\Downloads\od-vse.zip
2018-02-26 12:24 - 2018-02-26 12:24 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-02-26 12:24 - 2018-02-26 12:24 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-02-26 12:24 - 2018-02-26 12:24 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-02-26 12:24 - 2018-02-26 12:24 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-02-25 18:35 - 2018-02-25 18:35 - 533605188 _____ C:\Windows\MEMORY.DMP
2018-02-25 18:35 - 2018-02-25 18:35 - 000470728 _____ C:\Windows\Minidump\022518-7020-01.dmp
2018-02-24 06:56 - 2018-02-24 06:56 - 000000000 ____D C:\Windows\system32\tmp00006226
2018-02-23 20:46 - 2018-02-23 20:46 - 000057740 _____ C:\Users\Misanek\Downloads\dude.sub
2018-02-23 20:45 - 2018-02-23 20:45 - 000147934 _____ C:\Users\Misanek\Downloads\FC.srt
2018-02-23 20:44 - 2018-02-23 20:44 - 001177720 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2018-02-23 20:44 - 2018-02-23 20:44 - 000191784 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2018-02-23 20:44 - 2018-02-23 20:44 - 000154888 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2018-02-20 22:44 - 2018-03-05 12:26 - 000000000 ____D C:\Users\Misanek\Desktop\Osobní doprava
2018-02-20 22:38 - 2018-02-20 22:38 - 000376926 _____ C:\Users\Misanek\Downloads\102759-5456346.pdf
2018-02-20 21:02 - 2018-02-20 21:02 - 003015464 _____ C:\Users\Misanek\Desktop\05-12-17-prohlaseni-o-draze-2018-2-zmena.pdf
2018-02-20 20:07 - 2018-02-20 20:07 - 000040012 _____ C:\Users\Misanek\Downloads\od1.zip
2018-02-20 17:46 - 2018-02-20 17:46 - 000001068 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2018-02-20 17:46 - 2018-02-20 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2018-02-18 23:47 - 2018-02-18 23:47 - 000354658 _____ C:\Users\Misanek\Downloads\AZLOP_pozadavky_zapocet_zkouska_2017_2018.pdf
2018-02-18 23:47 - 2018-02-18 23:47 - 000278629 _____ C:\Users\Misanek\Downloads\Kontakt.pdf
2018-02-18 23:47 - 2018-02-18 23:47 - 000165335 _____ C:\Users\Misanek\Downloads\AZLOP_plan_predmetu_2017_2018.pdf
2018-02-18 22:14 - 2018-02-18 22:14 - 038911168 _____ C:\Users\Misanek\Downloads\vlc-3.0.0-win32.exe
2018-02-18 22:07 - 2018-02-18 22:07 - 000054586 _____ C:\Users\Misanek\Downloads\The Good Doctor S01E04 HDTV x264-KILLERS.srt
2018-02-18 22:07 - 2018-02-18 22:07 - 000054136 _____ C:\Users\Misanek\Downloads\The Good Doctor S01E02 HDTV x264-KILLERS.srt
2018-02-18 22:07 - 2018-02-18 22:07 - 000053595 _____ C:\Users\Misanek\Downloads\The Good Doctor S01E05 HDTV x264-KILLERS.srt
2018-02-18 22:07 - 2018-02-18 22:07 - 000050777 _____ C:\Users\Misanek\Downloads\The Good Doctor S01E06 HDTV x264-KILLERS.srt
2018-02-18 22:07 - 2018-02-18 22:07 - 000045286 _____ C:\Users\Misanek\Downloads\The.Good.Doctor.S01E03.HDTV.x264-KILLERS.srt
2018-02-11 21:42 - 2018-02-11 21:43 - 000000000 ____D C:\Users\Misanek\Desktop\pozvanka tatka 50
2018-02-11 21:42 - 2018-02-11 21:42 - 000000000 ____D C:\Users\Misanek\Desktop\prani
2018-02-11 21:41 - 2018-02-11 21:43 - 000000000 ____D C:\Users\Misanek\Desktop\Erasmus docs
2018-02-08 22:32 - 2018-02-08 22:32 - 000000473 _____ C:\Users\Misanek\Desktop\poem.txt
2018-02-06 17:26 - 2018-02-06 17:26 - 000000000 ____D C:\ProgramData\bdch
2018-02-04 22:53 - 2018-02-04 22:53 - 000027139 _____ C:\Users\Misanek\Downloads\The.Big.Bang.Theory.S11E15.HDTV.x264-SVA.srt
2018-02-04 14:47 - 2018-02-04 14:47 - 000410209 _____ C:\Users\Misanek\Desktop\DopPol.pdf
2018-02-04 14:43 - 2018-02-04 14:43 - 016892046 _____ C:\Users\Misanek\Downloads\2017 (1).ZIP
2018-02-04 14:28 - 2018-02-04 14:28 - 000040873 _____ C:\Users\Misanek\Downloads\basic.ics

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-06 19:39 - 2017-01-06 00:06 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2018-03-06 18:46 - 2017-03-03 21:41 - 000000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-03-06 17:47 - 2016-12-29 00:57 - 000000000 ____D C:\Users\Misanek\AppData\Roaming\vlc
2018-03-06 16:29 - 2009-07-14 05:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-06 16:29 - 2009-07-14 05:45 - 000022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-06 16:26 - 2011-04-12 09:34 - 000694802 _____ C:\Windows\system32\perfh005.dat
2018-03-06 16:26 - 2011-04-12 09:34 - 000151654 _____ C:\Windows\system32\perfc005.dat
2018-03-06 16:26 - 2009-07-14 06:13 - 001651202 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-06 16:26 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-06 16:22 - 2018-01-16 11:36 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-03-06 16:22 - 2018-01-16 11:36 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-03-06 16:22 - 2017-11-07 16:17 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-06 16:22 - 2017-08-21 21:10 - 000000000 ___RD C:\Users\Misanek\Disk Google
2018-03-06 16:22 - 2016-12-28 18:55 - 000000000 __SHD C:\Users\Misanek\IntelGraphicsProfiles
2018-03-06 16:21 - 2018-01-16 11:36 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-03-06 16:21 - 2017-03-03 21:48 - 000000000 ___RD C:\Users\Misanek\iCloudDrive
2018-03-06 16:21 - 2017-03-03 21:41 - 000000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-03-06 16:21 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-06 16:13 - 2016-12-28 18:25 - 000003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2018-03-03 19:05 - 2017-03-03 21:48 - 000003428 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2018-03-02 21:10 - 2017-08-24 17:28 - 000000000 ___RD C:\Users\Misanek\Desktop\Na Pána
2018-03-02 21:08 - 2016-12-29 00:56 - 000000000 ____D C:\Users\Misanek\AppData\Local\Spotify
2018-03-02 20:41 - 2016-12-29 00:55 - 000000000 ____D C:\Users\Misanek\AppData\Roaming\Spotify
2018-03-02 20:31 - 2017-01-07 22:48 - 000000000 ____D C:\utorrent
2018-03-02 19:28 - 2017-03-03 21:41 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-02-28 20:33 - 2016-12-29 00:58 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-28 20:31 - 2016-12-29 00:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-28 20:23 - 2016-12-29 00:47 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-27 15:10 - 2017-03-03 21:48 - 000000000 ____D C:\Users\Misanek\Documents\Soubory Outlooku
2018-02-27 15:10 - 2016-12-28 20:58 - 001669334 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-25 19:36 - 2016-12-29 00:46 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-25 18:35 - 2017-05-10 19:45 - 000000000 ____D C:\Windows\Minidump
2018-02-23 20:43 - 2017-01-06 00:08 - 001725800 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2018-02-23 20:43 - 2017-01-06 00:08 - 000248336 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\edrsensor.sys
2018-02-23 20:25 - 2016-12-28 18:15 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-22 20:21 - 2017-11-08 22:15 - 000000000 ____D C:\Users\Misanek\Documents\DAVAProject
2018-02-20 17:52 - 2017-03-26 15:16 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-20 17:46 - 2017-03-26 15:16 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-02-20 17:46 - 2017-03-26 15:16 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2018-02-19 19:12 - 2018-01-07 21:25 - 000000000 ____D C:\Torrent
2018-02-19 18:08 - 2017-08-21 13:28 - 000000185 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-02-14 12:26 - 2018-01-16 15:32 - 000000000 ____D C:\Windows\System32\Tasks\Games
2018-02-13 17:52 - 2017-08-21 21:08 - 000002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-02-13 17:52 - 2017-08-21 21:08 - 000002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-02-13 17:52 - 2017-08-21 21:08 - 000002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-02-13 17:52 - 2017-08-21 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-02-11 21:40 - 2017-11-20 21:17 - 000000000 ____D C:\Users\Misanek\Desktop\ARCP
2018-02-11 21:40 - 2017-11-01 15:09 - 000000000 ____D C:\Users\Misanek\Desktop\DIPLOMKA
2018-02-11 21:38 - 2017-05-02 15:44 - 000000000 ____D C:\Users\Misanek\Desktop\FotkyJa
2018-02-11 21:37 - 2018-01-25 13:07 - 000000000 ____D C:\ProgramData\Cisco
2018-02-11 21:37 - 2016-12-28 19:10 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-02-11 21:31 - 2017-03-03 21:43 - 000000000 ___RD C:\Users\Misanek\Dropbox
2018-02-08 22:17 - 2017-03-03 21:48 - 000000000 ____D C:\Users\Misanek\AppData\Local\040645C3-005C-4C61-9943-110BDA864E8C.aplzod
2018-02-05 21:43 - 2018-01-12 19:28 - 000332801 _____ C:\Users\Misanek\Desktop\dop_pol1.pdf

==================== Files in the root of some directories =======

2017-04-02 23:03 - 2017-04-02 23:12 - 000004608 _____ () C:\Users\Misanek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-23 22:01 - 2018-01-30 18:13 - 000007602 _____ () C:\Users\Misanek\AppData\Local\Resmon.ResmonCfg
2017-01-10 21:11 - 2017-01-10 21:12 - 000000000 _____ () C:\Users\Misanek\AppData\Local\{FE9909CC-B76C-42C9-B70F-245C31B34618}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-27 20:25

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:223.47 GB) (Free:88.46 GB) NTFS
Drive d: () (Fixed) (Total:298.09 GB) (Free:208.89 GB) NTFS
\\?\Volume{0fc6421d-cd28-11e6-9ec6-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

Available physical RAM: 723.7 MB
Total physical RAM: 3969.29 MB
Percentage of memory in use: 81%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1D1B7352)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: CCE11AE1)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Misanek\Downloads\ccsetup527.exe:BDU [0]
AlternateDataStreams: C:\Users\Misanek\Downloads\CoD2_Patch_1_3.exe:BDU [0]

==================== Security Center ==================

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus Free Antimalware (Disabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Antimalware (Disabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Misanek\Desktop" je 3776 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Misanek (06-03-2018 19:41:09)
Running from C:\Users\Misanek\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-12-28 18:08:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2693692505-850551649-2296808387-500 - Administrator - Disabled)
Guest (S-1-5-21-2693692505-850551649-2296808387-501 - Limited - Disabled)
Misanek (S-1-5-21-2693692505-850551649-2296808387-1000 - Administrator - Enabled) => C:\Users\Misanek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus Free Antimalware (Disabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Antimalware (Disabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ArnesLink 1.0 x64 (HKLM\...\{386E172D-85BC-414C-8E1B-6D103F95CC7D}) (Version: 1.0 - Amebis, Slovenia, E.U.)
Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.5.12 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{9B34CC4C-E7FF-4AC8-B771-1D09612D6430}) (Version: 15.0.8.5 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Citace (HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\25F78ACDA8837CB472CCA2BEF7372AF197751FD8) (Version: 0.1.2.12 - Citace)
Citace PRO (HKLM\...\{1CF4CFDD-5050-450A-91F1-FBEB8C71AB11}) (Version: 3.3.0 - Citace.com)
Convert MOV to AVI 1.0 (HKLM-x32\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version: - )
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{9DD6B149-CEBC-4910-B11A-242393EDF6D3}) (Version: 2.1.4.14 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.215 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hotspot Shield 7.4.6 (HKLM-x32\...\{65ed84d7-2bc2-4663-9b41-4681aa85be92}) (Version: 7.4.6.10822 - AnchorFree Inc.)
Hotspot Shield 7.4.6 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925C1670D69}) (Version: 7.4.6.10822 - AnchorFree Inc.) Hidden
Hotspot Shield 7.4.6 (HKLM-x32\...\HotspotShield) (Version: 7.4.6 - AnchorFree Inc.) Hidden
iCloud (HKLM\...\{694E3E02-E14A-4BB2-A970-CF7F017FD5CC}) (Version: 7.3.0.20 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{30771861-1BBF-4BE2-8CD2-FB282C58C3ED}) (Version: 12.7.3.46 - Apple Inc.)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.9029.2167 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
OpenVPN 2.4.1-I601 (HKLM\...\OpenVPN) (Version: 2.4.1-I601 - OpenVPN Technologies, Inc.)
PhotoFiltre Studio X (HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\PhotoFiltre Studio X) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Spotify (HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\Spotify) (Version: 1.0.74.380.g1fcff12a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2693692505-850551649-2296808387-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-01-10] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-06-15] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10D544FF-8516-4798-8DFB-26B2A053CD97} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {13D13EC0-F4A7-4555-995A-A441DAD0E7EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-02-28] (Microsoft Corporation)
Task: {181D0BD0-C6DE-49E6-81ED-6EA89109CC6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-28] (Google Inc.)
Task: {1831507C-AA0C-4FFD-92F5-7678FCC54366} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {2C27F725-CE8A-4C5B-9338-3A2AC6753ADF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {381C3AC5-6D28-4676-BC29-83C82FA6EE35} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-02-28] (Microsoft Corporation)
Task: {4F758BE7-200B-4946-89B5-2B3C175DF85B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-28] (Microsoft Corporation)
Task: {56678361-42F6-40E8-88E1-98BA74F04037} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {7A7A8B49-8E44-44C9-80DE-11714BF175E7} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {7CAFF23B-841E-4BCC-BEF8-5812C694124D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {85F9FF8E-D044-4DB1-9F6D-87DEE183BA2B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2018-01-10] (Apple Inc.)
Task: {88919272-22FF-48BB-861A-FA8EDC2404EF} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {8A308B20-E5DD-41A7-B6CC-512C58D95009} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-28] (Microsoft Corporation)
Task: {8B705562-A8F2-46FC-A12E-9D46105DEF09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {8CDB0D93-5133-4E63-96EE-FCD901E3A782} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-02-28] (Microsoft Corporation)
Task: {8F20FB74-1FBE-459D-89CE-6D05AAFA7A13} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-03] (Dropbox, Inc.)
Task: {9099D86C-CCDF-467B-B2D5-EAC8287E102D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {951EB96A-A9AD-4E52-9A18-F1A782A52487} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-03] (Dropbox, Inc.)
Task: {A4739BB7-012C-4C60-A9ED-BF728D144364} - System32\Tasks\{A2917112-DA9F-4CF8-A97C-51ED35602395} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\EA SPORTS\NHL 2001\nhl2001_uninst.exe" -d "C:\Program Files (x86)\EA SPORTS\NHL 2001"
Task: {B65F697E-089D-4FD8-A0F2-28751641691D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2018-02-14] (Dell Inc.)
Task: {BEA125AE-DDBB-4956-A0BD-DEF5B40B221C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-28] (Google Inc.)
Task: {DFD72E43-67F9-423B-9E48-1F70F215B01F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {F1D8B96F-D2A2-4D3E-91CB-B5405947F904} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)
Task: {F6564676-C1A9-4300-9930-9F5862665936} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2018-02-14] (Dell Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-06 00:08 - 2018-02-23 20:43 - 000280568 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
2017-02-15 13:29 - 2017-02-15 13:29 - 001008448 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\otengines_02439_002\ashttpbr.mdl
2017-02-15 13:29 - 2017-02-15 13:29 - 000541952 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\otengines_02439_002\ashttpdsp.mdl
2017-02-15 13:29 - 2017-02-15 13:29 - 003243920 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\otengines_02439_002\ashttpph.mdl
2017-02-15 13:29 - 2017-02-15 13:29 - 001544568 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\otengines_02439_002\ashttprbl.mdl
2017-11-28 18:16 - 2017-12-16 23:42 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2017-02-08 03:52 - 2017-02-08 03:52 - 000065536 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-03-22 17:49 - 2017-03-22 17:49 - 000615040 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2018-01-29 12:42 - 2018-01-29 12:42 - 041100328 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2018-02-23 20:25 - 2018-02-22 04:57 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libglesv2.dll
2018-02-23 20:25 - 2018-02-22 04:57 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libegl.dll
2018-02-05 19:09 - 2018-02-05 19:09 - 000161200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 18:55 - 2017-11-30 18:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-11-07 16:18 - 2017-11-29 06:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-11-07 16:18 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-11-07 16:18 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-11-07 16:18 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-11-07 16:18 - 2017-12-15 20:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-12-16 12:15 - 2017-11-04 02:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-16 12:15 - 2017-11-04 02:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-16 12:15 - 2017-11-04 02:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-16 12:15 - 2017-11-04 02:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-16 12:15 - 2017-11-04 02:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-11-07 16:18 - 2017-12-15 20:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-11-07 16:18 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-03-02 19:27 - 2018-02-26 12:24 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-03-02 19:27 - 2018-02-26 12:24 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-04-10 17:46 - 2018-02-26 12:24 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-03-03 21:42 - 2018-02-26 12:26 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-04-10 17:46 - 2018-02-26 12:24 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-10 17:46 - 2018-02-26 12:24 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-03-02 19:27 - 2018-02-26 12:24 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-03-02 19:27 - 2018-02-26 12:24 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-03-03 21:42 - 2018-02-26 12:24 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-03-03 21:42 - 2018-02-26 12:26 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-03-02 19:27 - 2018-02-26 12:24 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-03-02 19:27 - 2018-02-26 12:24 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-03 21:42 - 2018-02-26 12:26 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-03-03 21:42 - 2018-02-26 12:26 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-09-21 19:07 - 2018-02-26 12:24 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-09-09 14:05 - 2018-02-26 12:27 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2017-05-15 20:12 - 2018-02-26 12:26 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-04-10 17:46 - 2018-02-26 12:27 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-04-10 17:46 - 2018-02-26 12:27 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-03 21:42 - 2018-02-26 12:26 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-03-03 21:42 - 2018-02-26 12:24 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-03 21:42 - 2018-02-26 12:26 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-03 21:42 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-10 17:46 - 2018-02-26 12:27 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-10 17:46 - 2018-02-26 12:24 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-04-10 17:46 - 2018-02-26 12:27 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-03-02 19:27 - 2018-02-26 12:24 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-01-11 20:22 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-03 21:42 - 2018-02-26 12:26 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-03-02 19:27 - 2018-02-26 12:26 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-04-10 17:46 - 2018-02-26 12:26 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-03-02 19:27 - 2018-02-26 12:26 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-11-07 16:18 - 2017-09-07 03:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-11-07 16:18 - 2017-10-31 05:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-11-07 16:18 - 2015-09-25 00:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2018-03-06 16:21 - 2018-03-06 16:21 - 000088064 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\_ctypes.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000069120 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\bz2.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000920064 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\_hashlib.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000098816 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32api.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000110080 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\pywintypes27.dll
2018-03-06 16:21 - 2018-03-06 16:21 - 000364544 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\pythoncom27.dll
2018-03-06 16:21 - 2018-03-06 16:21 - 000686080 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\unicodedata.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000320512 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32com.shell.shell.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 001177088 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\wx._core_.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000806912 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\wx._gdi_.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000816640 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\wx._windows_.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 001067520 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\wx._controls_.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000733696 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\wx._misc_.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000736256 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\pysqlite2._sqlite.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000119808 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32file.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000108544 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32security.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000007168 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\hashobjs_ext.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000017920 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\thumbnails_ext.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000082432 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\usb_ext.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000013824 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\common.time34.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000018432 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32event.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000027648 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\windows.conditional.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000017408 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\windows.winwrap.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000089088 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\windows.volumes.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000167936 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32gui.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000046080 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\_socket.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 001311232 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\_ssl.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000135680 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\_elementtree.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000133632 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\pyexpat.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000038912 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32inet.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000077824 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\wx._html2.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000036864 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\_psutil_windows.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000524248 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\windows._lib_cacheinvalidation.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000010240 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\select.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000011264 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32crypt.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000218624 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\PIL._imaging.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000027648 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\_multiprocessing.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000020480 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\_yappi.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000035840 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32process.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000024064 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32pipe.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000025600 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32pdh.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000059392 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\windows.device_monitor.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000017408 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32profile.pyd
2018-03-06 16:21 - 2018-03-06 16:21 - 000022528 _____ () C:\Users\Misanek\AppData\Local\Temp\_MEI40922\win32ts.pyd
2017-01-05 13:41 - 2013-11-13 20:23 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Misanek\Downloads\ccsetup527.exe:BDU [0]
AlternateDataStreams: C:\Users\Misanek\Downloads\CoD2_Patch_1_3.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\sharepoint.com -> hxxps://unipardubice-myfiles.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-01-08 01:04 - 000000881 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 keystone.mwbsys.com 0.0.0.0 serius.mwbsys.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2693692505-850551649-2296808387-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Misanek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{8B520AD5-672B-4C56-8960-8AA76F6392F5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{A0855B48-C664-4CD2-81F7-C3E1A9E19CA5}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{EBD813B1-CAAD-43B4-BF1A-38E495AFEAA2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{C38F8D0E-956E-43AE-A9C3-F63CDA293E1A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{5F349251-2D48-436C-B287-8D3D83C02181}] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [{2CAE077A-5CC2-4ABA-BDDE-38B1B8A75558}] => (Allow) C:\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C70E84F3-0F73-4CBB-BDFA-733AF1079E0B}C:\users\misanek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\misanek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{77A6E0AD-AB76-4465-80D5-236564E8E640}C:\users\misanek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\misanek\appdata\roaming\spotify\spotify.exe
FirewallRules: [{662C5E4E-0EBF-41CF-A1AF-A47CEA6E247C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{15540945-EF34-475B-AC0C-4EE3A0E81191}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6B2F4D40-6D98-424D-AC01-B5CD34ACF89D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DD4ACEF1-2396-4C78-83EC-DD8058D9D849}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{1E812831-593B-4410-B7DB-1CC88FDB16D0}C:\users\misanek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\misanek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1FFAD0BB-E623-46F2-859E-1E118F199878}C:\users\misanek\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\misanek\appdata\roaming\spotify\spotify.exe
FirewallRules: [{35585F42-101A-4B90-9D01-8C287A44CF7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5EDD52A9-6D84-4D55-AAF5-EA1686B43357}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{998EF662-F4C1-40F1-B1E5-35B1F32500B7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{56FC6A88-FCF1-4D97-9069-B2A704C416CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3DACA9D4-4EE8-4371-89E1-0039849A8AE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe
FirewallRules: [{A7556730-878B-4C9D-BB39-046AB2EA749D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\World of Tanks Blitz\wotblitz.exe
FirewallRules: [{0C8A8284-B8FF-43BE-B10B-2556B39CD868}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{0BFD825E-CFD1-4BCC-A1B7-6AFE88BC8029}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1280D997-ACC0-4625-803C-A3BC1EFEFFF0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{BD1F63C3-CB6E-4168-A314-4785FD730937}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{37F645BD-43AD-4F4E-A42F-F4611B49A71B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

19-02-2018 17:26:46 Naplánovaný kontrolní bod
27-02-2018 20:32:27 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: BCM20702A0
Description: BCM20702A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič USB (Universal Serial Bus)
Description: Řadič USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/06/2018 04:22:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/06/2018 04:21:44 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/06/2018 04:03:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/06/2018 04:03:09 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/05/2018 03:32:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/05/2018 03:31:37 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/05/2018 10:16:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/05/2018 10:15:46 AM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (03/06/2018 04:22:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/06/2018 04:22:10 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní chyby: 105

Error: (03/06/2018 04:21:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
Atc

Error: (03/06/2018 04:21:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (03/06/2018 04:21:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (03/06/2018 04:21:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (03/06/2018 04:21:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Data Vault Processor byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/06/2018 04:21:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 81%
Total physical RAM: 3969.29 MB
Available physical RAM: 723.7 MB
Total Virtual: 7936.76 MB
Available Virtual: 4114.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:88.46 GB) NTFS
Drive d: () (Fixed) (Total:298.09 GB) (Free:208.89 GB) NTFS

\\?\Volume{0fc6421d-cd28-11e6-9ec6-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1D1B7352)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: CCE11AE1)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka

#6 Příspěvek od Conder »

:arrow: Doinstaluj vsetky dolezite aktalizacie cez Windows Update. Nasledne pokracuj dalsimi krokmi:

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

Zip: C:\Windows\Minidump
Folder: C:\Windows\system32\tmp00006226
Folder: C:\ProgramData\bdch

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
2018-02-24 06:56 - 2018-02-24 06:56 - 000000000 ____D C:\Windows\system32\tmp00006226
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\Users\Misanek\Downloads\ccsetup527.exe:BDU [0]
AlternateDataStreams: C:\Users\Misanek\Downloads\CoD2_Patch_1_3.exe:BDU [0]
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\sharepoint.com -> hxxps://unipardubice-myfiles.sharepoint.com

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: Na ploche sa vytvori ZIP archiv s aktualnym datumom a casom v nazve, nahraj ho ako prilohu k dalsiemu prispevku.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Kavasi
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 29 pro 2016 12:12

Re: Preventivka

#7 Příspěvek od Kavasi »

Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Misanek (06-03-2018 22:36:40) Run:1
Running from C:\Users\Misanek\Desktop
Loaded Profiles: Misanek (Available Profiles: Misanek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Zip: C:\Windows\Minidump
Folder: C:\Windows\system32\tmp00006226
Folder: C:\ProgramData\bdch

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 vpnva; system32\DRIVERS\vpnva64-6.sys [X]
2018-02-24 06:56 - 2018-02-24 06:56 - 000000000 ____D C:\Windows\system32\tmp00006226
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Misanek\Downloads\ccsetup527.exe:BDU [0]
AlternateDataStreams: C:\Users\Misanek\Downloads\CoD2_Patch_1_3.exe:BDU [0]
IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-2693692505-850551649-2296808387-1000\...\sharepoint.com -> hxxps://unipardubice-myfiles.sharepoint.com

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
================== Zip: ===================
C:\Windows\Minidump -> copied successfully to C:\Users\Misanek\Desktop\06.03.2018_22.37.01.zip
=========== Zip: End ===========

========================= Folder: C:\Windows\system32\tmp00006226 ========================

2018-02-24 06:56 - 2018-02-24 06:56 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Windows\system32\tmp00006226\tmp00000000

====== End of Folder: ======


========================= Folder: C:\ProgramData\bdch ========================

2018-02-06 17:26 - 2018-02-06 17:26 - 000000083 ____A [E7160B1B50F3EB92B25C1C5CDC8AB5F4] () C:\ProgramData\bdch\bdch_stats.xml

====== End of Folder: ======

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\System\CurrentControlSet\Services\dbx" => removed successfully
dbx => service removed successfully
"HKLM\System\CurrentControlSet\Services\vpnva" => removed successfully
vpnva => service removed successfully
C:\Windows\system32\tmp00006226 => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\EPP" => removed successfully
HKLM\Software\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\EPP" => removed successfully
HKLM\Software\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\EPP" => removed successfully
HKLM\Software\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Users\Misanek\Downloads\ccsetup527.exe => ":BDU" ADS removed successfully
C:\Users\Misanek\Downloads\CoD2_Patch_1_3.exe => ":BDU" ADS removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dell.com" => removed successfully
"HKU\S-1-5-21-2693692505-850551649-2296808387-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dell.com" => removed successfully
"HKU\S-1-5-21-2693692505-850551649-2296808387-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sharepoint.com" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 143929434 B
Java, Flash, Steam htmlcache => 115235110 B
Windows/system/drivers => 192225916 B
Edge => 0 B
Chrome => 356796956 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 66228 B
Misanek => 931154958 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:39:25 ====
Přílohy
06.03.2018_22.37.01.zip
(100.4 KiB) Staženo 69 x
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka

#8 Příspěvek od Conder »

:arrow: "Velikost slozky "C:\Users\Misanek\Desktop" je 3776 MB."
  • Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
File: C:\ProgramData\bdch\bdch_stats.xml
CMD: type "C:\ProgramData\bdch\bdch_stats.xml"
C:\Windows\system32\tmp00006226
C:\ProgramData\bdch
C:\Users\Misanek\Desktop\06.03.2018_22.37.01.zip
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Pockaj na dokoncenie
  • Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Kavasi
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 29 pro 2016 12:12

Re: Preventivka

#9 Příspěvek od Kavasi »

Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Misanek (08-03-2018 20:38:56) Run:2
Running from C:\Users\Misanek\Desktop
Loaded Profiles: Misanek (Available Profiles: Misanek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
File: C:\ProgramData\bdch\bdch_stats.xml
CMD: type "C:\ProgramData\bdch\bdch_stats.xml"
C:\Windows\system32\tmp00006226
C:\ProgramData\bdch
C:\Users\Misanek\Desktop\06.03.2018_22.37.01.zip
End
*****************


========================= File: C:\ProgramData\bdch\bdch_stats.xml ========================

C:\ProgramData\bdch\bdch_stats.xml
File not signed
MD5: E7160B1B50F3EB92B25C1C5CDC8AB5F4
Creation and modification date: 2018-02-06 17:26 - 2018-02-06 17:26
Size: 000000083
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========= type "C:\ProgramData\bdch\bdch_stats.xml" =========

<bdch>
<ComputerID>DGFKJKBJMKLHCEEPJABOOCDAKOCABBOD</ComputerID>
</bdch>

========= End of CMD: =========

"C:\Windows\system32\tmp00006226" => not found
C:\ProgramData\bdch => moved successfully
C:\Users\Misanek\Desktop\06.03.2018_22.37.01.zip => moved successfully

==== End of Fixlog 20:38:57 ====
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka

#10 Příspěvek od Conder »

:arrow: Vyzera to uz OK. Su este s PC nejake problemy?

:arrow: Ak nie, tak este upraceme po pouzitych nastrojoch: :arrow: Ak si tak este neurobil, odporucam upratat tu plochu a doinstalovat vsetky dolezite aktualizacie cez Windows Update, vid. predchadzajuce prispevky.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Kavasi
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 29 pro 2016 12:12

Re: Preventivka

#11 Příspěvek od Kavasi »

Ahoj, plochu jsem uklidil a aktualizace nainstaloval. Vse vypada v pohode, diky za pomoc :))
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka

#12 Příspěvek od Conder »

Nie je zaco, rad som pomohol :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“