Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu - Sai

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#16 Příspěvek od Sainzik »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 29.5.2015
Čas skenování: 17:05:44
Protokol: jj.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.29.04
Databáze rootkitů: v2015.05.24.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: XDANCUMP

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 419838
Uplynulý čas: 32 min, 27 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Sai

#17 Příspěvek od Márty84 »

:arrow: MBAM odinstalujte.


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#18 Příspěvek od Sainzik »

# AdwCleaner v4.205 - Log vytvořen 29/05/2015 v 18:40:14
# Aktualizováno 21/05/2015 by Xplode
# Databáze : 2015-05-25.3 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : XDANCUMP - DANDY
# Spuštěno z : C:\Users\XDANCUMP\Desktop\adwcleaner_4.205.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Users\XDANCUMP\AppData\Local\globalUpdate
Soubor Smazáno : C:\Users\XDANCUMP\AppData\Roaming\Adobe Formát AIFF CS5 – předvolby
Soubor Smazáno : C:\Users\XDANCUMP\AppData\Roaming\BYAIAMUF
Soubor Smazáno : C:\Users\XDANCUMP\AppData\Roaming\MPQEditor.ini

***** [ Naplánované úlohy ] *****

Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi

***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Google Chrome v43.0.2357.81

[C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.luckysearches.com/web/?utm_source=b ... earchTerms}
[C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] :
[C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : 35A21FC6E826D70472DFA9C8100CD26BEB7C09286705669B34E9070339EE527A"},"software_reporter":{"prompt_reason":"5D17C629314C12F4DE6EE807128D7FC68DA02DA9581D21542214D25747ACDED3","prompt_seed":"863F6C032E6B00B31623064386458BFD54540D6F3A4EBE1A7DB31EA9311B654B","prompt_version":"A27BD9950F6C50F6D34EDB08D42C528187F1FBC1849D06911F3770B0902000FC"},"sync":{"remaining_rollback_tries":"241A3AF5460A292CC0A5276FCEB14A7CD45BB539FD71FCC354E0306AAC97DB85"}},"super_mac":"69DA4994A8A26476465C983FCBC512584B5EA85FF80459EBAA6A9AC0DDE3F628"},"session":{"restore_on_startup":1,"startup_urls":["hxxp://www.luckysearches.com/?type=hp&ts=14273 ... 3B7HD6JDLX

*************************

AdwCleaner[R0].txt - [7434 bytů] - [29/05/2015 18:32:49]
AdwCleaner[S0].txt - [2415 bytů] - [29/05/2015 18:40:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2473 bytů] ##########
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Sai

#19 Příspěvek od Márty84 »

:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#20 Příspěvek od Sainzik »

Logfile of random's system information tool 1.10 (written by random/random)
Run by XDANCUMP at 2015-05-29 19:03:06
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 95 GB (40%) free of 234 GB
Total RAM: 8054 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:03:09, on 29.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\trend micro\XDANCUMP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Bluetooth Monitor.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.hola.org
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E6F3810-D2B4-4B9A-8E92-734326B3914C}: NameServer = 195.27.1.1,10.0.0.138
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\Windows\SysWOW64\guard32.dll
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - (no file)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

--
End of file - 11552 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 26691472
\??\C:\Windows\system32\conhost.exe "-2803610141231078614-1257872949-1611463085-828787903-2808977661405141500-121639256
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe" --type=host --daemon-pipe=412
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\nlssrv32.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {0FDCAF2D-B888-42C3-AF8E-384776D1E244}
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe"
BtMon64.exe
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3864.0.68455039\227923678" --disable-breakpad --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,43 --gpu-vendor-id=0x1002 --gpu-device-id=0x9553 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.723.2.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.1.1500164720\52710345" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.2.1644575093\567109785" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.3.1178413748\376292675" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.4.1645780464\2092315526" /prefetch:673131151
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.5.1708328528\692821114" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.6.1921155604\1791977612" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.7.765695965\1303770695" /prefetch:673131151
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosA2dp.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHid.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.9.1013180464\1259843468" /prefetch:673131151
"\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\\TosBtHsp.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.10.1485380769\994994266" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Unused_A1/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_95/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/control/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=3864 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --enable-gpu-rasterization --use-image-texture-target=3553 --channel="3864.11.482477194\337248953" /prefetch:673131151
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe"
"C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3864.12.1350059115\1241333297" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\Users\XDANCUMP\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-07-09 38304]
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-05-10 915320]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-03-21 2691480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [2012-10-16 646744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScannerSelectorEX]
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFFSum_Pro_LL2]
c:\program files (x86)\companion suite pro ll2\mffsum.exe [2010-01-08 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MFPrintServer_Pro_LL2]
c:\program files (x86)\companion suite pro ll2\mfprintserver.exe [2010-01-08 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [2007-11-13 29984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files (x86)\PDF24\pdf24.exe [2014-07-04 191528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
c:\program files (x86)\scansoft\paperport\ereg\ereg.exe -r c:\programdata\scansoft\paperport\11\config\ereg\ereg.ini []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection]
c:\users\xdancump\appdata\roaming\search protection\searchprotection.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
c:\program files (x86)\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe [2006-10-25 210472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 335232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-10-26 1050072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 595816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files\toshiba\power saver\tpwrmain.exe [2010-09-28 566184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
c:\program files\zoner\photo studio 15\program32\zpstray.exe [2014-03-13 779776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^XDANCUMP^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe [2015-03-05 42560368]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-26 102400]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
Bluetooth Monitor.lnk - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"MemCheckBoxInRunDlg"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.CFHD"=CFHD.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-29 18:32:39 ----D---- C:\AdwCleaner
2015-05-27 15:52:25 ----D---- C:\rsit
2015-05-27 15:52:25 ----D---- C:\Program Files\trend micro
2015-05-27 15:42:38 ----A---- C:\TDSSKiller.3.0.0.44_27.05.2015_15.42.38_log.txt
2015-05-24 03:24:47 ----A---- C:\ComboFix.txt
2015-05-24 03:18:50 ----D---- C:\$RECYCLE.BIN
2015-05-24 03:05:35 ----A---- C:\Windows\NIRCMD.exe
2015-05-23 04:03:36 ----D---- C:\Program Files (x86)\Seznam.cz
2015-05-23 04:03:34 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Mozilla
2015-05-23 04:03:21 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Seznam.cz
2015-05-23 04:01:53 ----D---- C:\Users\XDANCUMP\AppData\Roaming\SSN
2015-05-19 00:40:53 ----D---- C:\Program Files (x86)\Red Giant Link
2015-05-19 00:40:23 ----D---- C:\ProgramData\goodasnew
2015-05-09 16:07:12 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Apple Computer
2015-05-09 16:00:36 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Canon_Inc_IC
2015-05-09 15:59:30 ----D---- C:\ProgramData\Canon_Inc_IC
2015-05-08 21:42:56 ----D---- C:\Program Files (x86)\QuickTime
2015-05-08 21:41:24 ----D---- C:\ProgramData\Apple
2015-05-08 21:41:24 ----D---- C:\Program Files (x86)\Apple Software Update
2015-05-08 02:33:52 ----D---- C:\Twixtor5AEManual
2015-05-08 02:33:51 ----D---- C:\Twixtor5AE
2015-05-08 00:39:46 ----D---- C:\Users\XDANCUMP\AppData\Roaming\Red Giant
2015-05-08 00:39:39 ----D---- C:\ProgramData\Red Giant
2015-05-08 00:39:27 ----D---- C:\Program Files (x86)\Red Giant
2015-05-08 00:38:16 ----D---- C:\ProgramData\RedGiant
2015-05-01 19:18:06 ----A---- C:\TDSSKiller.3.0.0.44_01.05.2015_19.18.06_log.txt
2015-05-01 19:17:15 ----A---- C:\Windows\zip.exe
2015-05-01 19:17:15 ----A---- C:\Windows\SWSC.exe
2015-05-01 19:17:15 ----A---- C:\Windows\SWREG.exe
2015-05-01 19:17:15 ----A---- C:\Windows\sed.exe
2015-05-01 19:17:15 ----A---- C:\Windows\PEV.exe
2015-05-01 19:17:15 ----A---- C:\Windows\MBR.exe
2015-05-01 19:17:15 ----A---- C:\Windows\grep.exe
2015-05-01 19:17:07 ----D---- C:\Qoobox

======List of files/folders modified in the last 1 month======

2015-05-29 19:03:09 ----D---- C:\Windows\Prefetch
2015-05-29 19:03:07 ----D---- C:\Windows\temp
2015-05-29 18:48:34 ----D---- C:\Windows\System32
2015-05-29 18:48:34 ----D---- C:\Windows\inf
2015-05-29 18:48:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-29 18:41:46 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-29 18:41:39 ----AD---- C:\Windows
2015-05-29 18:40:14 ----RD---- C:\Program Files (x86)
2015-05-29 18:31:52 ----D---- C:\Windows\system32\drivers
2015-05-29 13:47:46 ----D---- C:\Windows\system32\config
2015-05-29 13:14:23 ----SHD---- C:\System Volume Information
2015-05-28 13:24:19 ----D---- C:\Users\XDANCUMP\AppData\Roaming\uTorrent
2015-05-28 12:49:36 ----D---- C:\TipCars
2015-05-27 15:52:25 ----RD---- C:\Program Files
2015-05-27 12:20:58 ----D---- C:\WarThunder
2015-05-24 03:23:18 ----D---- C:\Windows\system32\Tasks
2015-05-24 03:23:17 ----D---- C:\Windows\Tasks
2015-05-24 03:18:55 ----A---- C:\Windows\system.ini
2015-05-24 03:18:50 ----D---- C:\Windows\erdnt
2015-05-24 03:18:48 ----D---- C:\Windows\system32\drivers\etc
2015-05-24 03:16:50 ----D---- C:\ProgramData
2015-05-24 03:16:23 ----D---- C:\Windows\SysWOW64
2015-05-24 03:13:25 ----D---- C:\Windows\SYSWOW64\drivers
2015-05-24 03:13:25 ----D---- C:\Windows\AppPatch
2015-05-24 03:13:24 ----D---- C:\Program Files (x86)\Common Files
2015-05-23 05:15:07 ----D---- C:\Windows\AutoKMS
2015-05-23 04:47:18 ----D---- C:\Windows\system32\catroot2
2015-05-23 04:46:19 ----D---- C:\Windows\Resources
2015-05-23 04:09:02 ----SHD---- C:\Windows\Installer
2015-05-23 04:09:02 ----D---- C:\Config.Msi
2015-05-23 04:08:22 ----D---- C:\Program Files (x86)\Adobe Media Player
2015-05-20 18:37:05 ----D---- C:\Windows\ModemLogs
2015-05-20 18:36:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-19 04:27:54 ----D---- C:\Users\XDANCUMP\AppData\Roaming\FileZilla
2015-05-14 20:43:09 ----D---- C:\Program Files\CCleaner
2015-05-12 02:19:53 ----D---- C:\Program Files (x86)\Shutdown Timer
2015-05-09 16:53:53 ----D---- C:\Program Files (x86)\Canon
2015-05-09 16:13:15 ----D---- C:\Windows\SoftwareDistribution
2015-05-08 21:43:21 ----D---- C:\Program Files\Internet Explorer
2015-05-08 00:37:49 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-05-06 23:48:09 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-15 538136]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-25 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-25 28008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-08-10 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-06-20 834544]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-28 283200]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2010-11-29 82224]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-27 6659072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-26 195584]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2012-04-23 3058168]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-03-31 724536]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-08-25 128200]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-02 32496]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 54664]
R3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2011-08-05 292024]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2011-07-12 19904]
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2010-08-30 94528]
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2011-01-27 67384]
S1 cpuidlep;CpuIdle Pro System Driver; C:\Windows\system32\drivers\cpuidlep.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-27 6659072]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2015-02-06 21712]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2008-09-26 133632]
S3 FaxLffv2;Companion Suite Pro LL2 Modem Driver; C:\Windows\System32\Drivers\FaxLffv2.sys [2008-06-19 31232]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2014-09-10 98160]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2012-04-13 85384]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-04-03 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-04-03 27760]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-08-06 14136]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 115328]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2013-11-17 164736]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2014-03-19 77592]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2014-03-19 13080]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2014-03-19 76568]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2011-08-02 22528]
S3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-25 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys [2015-03-24 19952]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2013-12-02 250984]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 204568]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2010-11-11 50864]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 26472]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2010-04-26 63488]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-12-25 57856]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-02-25 140576]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-17 171600]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-26 202752]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 chromoting;Služba Vzdálené plochy Chrome; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [2015-03-08 56648]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-03 268824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2012-09-05 66560]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-09-24 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-09-24 107832]
R2 SplashtopRemoteService;Splashtop® Remote Service; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2014-03-24 790880]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-03-30 5448464]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-10-26 124368]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2011-04-01 198064]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-08 569024]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 489384]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20 268464]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#21 Příspěvek od Sainzik »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015 01
Ran by XDANCUMP (administrator) on DANDY on 29-05-2015 19:07:37
Running from C:\Users\XDANCUMP\Desktop
Loaded Profiles: XDANCUMP (Available Profiles: XDANCUMP & Mcx1-XDANCUMP-PC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtAvAC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [521272 2010-03-22] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-04-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [LegalNoticeText] Tvůj život je jen čas, čas který můsíš využít do maxima, tak pokud tento PC nepoužiješ na vydělávání penez nebo na film pro lepší usínání, tak ho ani nezapínej!!!
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
AppInit_DLLs: C:\Windows\System32\guard64.dll => C:\Windows\System32\guard64.dll [390392 2012-11-08] (COMODO)
AppInit_DLLs-x32: c:\Windows\SysWOW64\guard32.dll => c:\Windows\SysWOW64\guard32.dll [301264 2012-11-08] (COMODO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2015-04-25]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng1.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Monitor.lnk [2015-04-25]
ShortcutTarget: Bluetooth Monitor.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe (TOSHIBA CORPORATION)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000 -> DefaultScope {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = https://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-16] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19] (<TOSHIBA>)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1E6F3810-D2B4-4B9A-8E92-734326B3914C}: [NameServer] 195.27.1.1,10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-06] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-16] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1553764949-2249715022-3334135275-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

Chrome:
=======
CHR Profile: C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-05-23]
CHR Extension: (WOT) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-05-23]
CHR Extension: (YouTube) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-23]
CHR Extension: (Google Search) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-23]
CHR Extension: (Gmail Offline) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-05-23]
CHR Extension: (Full Page Screen Capture) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2015-05-23]
CHR Extension: (Chrome Remote Desktop) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-05-23]
CHR Extension: (AdBlock) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-23]
CHR Extension: (Bookmark Manager) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Google Maps) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-05-23]
CHR Extension: (Google Wallet) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-29]
CHR Extension: (Black Black Chrome Theme Neon Green Highlight) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\phpbpckgofmlhfpbakbfbkiopngnpigh [2015-03-26]
CHR Extension: (Gmail) - C:\Users\XDANCUMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [56648 2015-03-08] (Google Inc.)
S3 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-09-05] (Nalpeiron Ltd.) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-09-24] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-09-24] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
S3 PassThru Service; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S3 CnxtHdmiAudService; C:\Windows\System32\drivers\CHDMI64.sys [720952 2010-03-05] (Conexant Systems Inc.)
S1 cpuidlep; C:\Windows\SysWow64\Drivers\cpuidlep.sys [4484 2015-02-07] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-28] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [133632 2008-09-26] (Huawei Technologies Co., Ltd.)
S3 FaxLffv2; C:\Windows\System32\Drivers\FaxLffv2.sys [31232 2008-06-19] (OEM)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-25] (Intel Corporation)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [164736 2013-11-17] (ITE )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2013-08-25] (Qualcomm Atheros Co., Ltd.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys [19952 2015-03-24] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2013-12-02] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-06-20] () [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 XMLDIUSB; C:\Windows\System32\Drivers\XMLDIUSB.sys [55808 2010-01-30] (OEM)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 19:07 - 2015-05-29 19:08 - 00026002 _____ () C:\Users\XDANCUMP\Desktop\FRST.txt
2015-05-29 19:07 - 2015-05-29 19:07 - 00112640 _____ (forum.viry.cz) C:\Users\XDANCUMP\Desktop\FRSTLauncher.exe
2015-05-29 19:07 - 2015-05-29 19:07 - 00000000 ____D () C:\FRST
2015-05-29 19:07 - 2015-05-29 19:04 - 02108928 _____ (Farbar) C:\Users\XDANCUMP\Desktop\FRST64.exe
2015-05-29 19:02 - 2015-05-27 15:47 - 01222144 _____ () C:\Users\XDANCUMP\Desktop\RSITx64.exe
2015-05-29 18:41 - 2015-05-29 18:41 - 00001094 _____ () C:\Windows\PFRO.log
2015-05-29 18:41 - 2015-05-29 18:41 - 00000056 _____ () C:\Windows\setupact.log
2015-05-29 18:41 - 2015-05-29 18:41 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-29 18:32 - 2015-05-29 18:40 - 00000000 ____D () C:\AdwCleaner
2015-05-27 20:13 - 2015-05-28 12:48 - 00000512 _____ () C:\PhysicalMBR.bin
2015-05-27 15:52 - 2015-05-29 19:03 - 00000000 ____D () C:\Program Files\trend micro
2015-05-27 15:52 - 2015-05-27 15:52 - 00000000 ____D () C:\rsit
2015-05-24 03:24 - 2015-05-24 03:24 - 00036569 _____ () C:\ComboFix.txt
2015-05-24 03:05 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-23 04:03 - 2015-05-23 04:08 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\Seznam.cz
2015-05-23 04:03 - 2015-05-23 04:08 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-05-23 04:03 - 2015-05-23 04:03 - 00002259 _____ () C:\Users\Default\Desktop\Google Chrome.lnk
2015-05-23 04:03 - 2015-05-23 04:03 - 00002259 _____ () C:\Users\Default User\Desktop\Google Chrome.lnk
2015-05-23 04:03 - 2015-05-23 04:03 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\Mozilla
2015-05-23 04:03 - 2015-05-23 04:03 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Local\Geckofx
2015-05-23 04:01 - 2015-05-23 04:09 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\SSN
2015-05-20 18:36 - 2015-05-24 01:02 - 00000892 _____ () C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-05-20 18:36 - 2015-05-20 18:36 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-05-19 00:40 - 2015-05-19 00:40 - 00000000 ____D () C:\ProgramData\goodasnew
2015-05-19 00:40 - 2015-05-19 00:40 - 00000000 ____D () C:\Program Files (x86)\Red Giant Link
2015-05-14 00:58 - 2015-05-14 00:58 - 00000796 _____ () C:\Users\XDANCUMP\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-05-09 16:12 - 2015-05-29 18:45 - 00113505 _____ () C:\Windows\WindowsUpdate.log
2015-05-09 16:07 - 2015-05-09 16:07 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\Apple Computer
2015-05-09 16:04 - 2015-05-09 16:04 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Local\CANON_INC
2015-05-09 16:00 - 2015-05-09 16:00 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\Canon_Inc_IC
2015-05-09 15:59 - 2015-05-09 15:59 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2015-05-08 21:43 - 2015-05-08 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-05-08 21:42 - 2015-05-08 21:43 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-05-08 21:41 - 2015-05-08 21:41 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-08 21:41 - 2015-05-08 21:41 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-05-08 21:41 - 2015-05-08 21:41 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Local\Apple
2015-05-08 21:41 - 2015-05-08 21:41 - 00000000 ____D () C:\ProgramData\Apple
2015-05-08 21:41 - 2015-05-08 21:41 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-08 02:33 - 2015-05-08 02:35 - 00000000 ____D () C:\Twixtor5AE
2015-05-08 02:33 - 2015-05-08 02:33 - 00000000 ____D () C:\Twixtor5AEManual
2015-05-08 00:39 - 2015-05-08 00:39 - 00003660 _____ () C:\Windows\System32\Tasks\Red Giant Link
2015-05-08 00:39 - 2015-05-08 00:39 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\Red Giant
2015-05-08 00:39 - 2015-05-08 00:39 - 00000000 ____D () C:\ProgramData\Red Giant
2015-05-08 00:39 - 2015-05-08 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2015-05-08 00:39 - 2015-05-08 00:39 - 00000000 ____D () C:\Program Files (x86)\Red Giant
2015-05-08 00:38 - 2015-05-08 00:38 - 00000000 ____D () C:\ProgramData\RedGiant
2015-05-08 00:34 - 2015-05-08 00:36 - 61477668 _____ () C:\Users\XDANCUMP\Downloads\TCSuite_Win_Full.zip
2015-05-01 19:17 - 2015-05-24 03:24 - 00000000 ____D () C:\Qoobox
2015-05-01 19:17 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-01 19:17 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-01 19:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-01 19:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-01 19:17 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-01 19:17 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-01 19:17 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-29 18:50 - 2013-09-03 19:59 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 18:48 - 2009-07-26 20:41 - 00671140 _____ () C:\Windows\system32\perfh005.dat
2015-05-29 18:48 - 2009-07-26 20:41 - 00142222 _____ () C:\Windows\system32\perfc005.dat
2015-05-29 18:48 - 2009-07-14 07:13 - 01589570 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-29 18:47 - 2009-07-14 06:45 - 00019904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-29 18:47 - 2009-07-14 06:45 - 00019904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-29 18:41 - 2013-09-03 19:59 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 18:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 18:20 - 2012-04-23 04:02 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-28 13:24 - 2012-04-23 19:10 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\uTorrent
2015-05-28 12:49 - 2014-10-07 10:43 - 00000000 ____D () C:\TipCars
2015-05-27 12:20 - 2015-03-17 15:35 - 00000000 ____D () C:\WarThunder
2015-05-24 03:18 - 2014-05-22 10:57 - 00000000 ____D () C:\Windows\erdnt
2015-05-24 03:18 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-23 05:15 - 2014-08-23 21:33 - 00000000 ____D () C:\Windows\AutoKMS
2015-05-23 04:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2015-05-23 04:45 - 2012-04-26 10:21 - 00000000 ___RD () C:\Users\XDANCUMP\Desktop\Programy
2015-05-23 04:08 - 2012-04-26 23:39 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2015-05-23 01:13 - 2013-05-24 20:35 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Local\CrashDumps
2015-05-21 22:33 - 2014-11-19 23:22 - 00000132 _____ () C:\Users\XDANCUMP\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-05-20 18:36 - 2012-04-23 04:02 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-20 18:36 - 2012-04-23 04:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-20 18:36 - 2012-04-23 04:02 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-20 18:36 - 2012-04-23 04:02 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Local\Adobe
2015-05-19 04:27 - 2014-11-21 22:01 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\FileZilla
2015-05-18 21:26 - 2013-04-02 02:54 - 00000000 ___RD () C:\Users\XDANCUMP\Documents\Koš na dokumenty
2015-05-15 16:45 - 2013-09-03 19:59 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 16:45 - 2013-09-03 19:59 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 21:17 - 2012-04-26 23:04 - 00000000 ___RD () C:\Users\XDANCUMP\Desktop\Hry
2015-05-14 20:43 - 2013-12-15 01:11 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-13 21:55 - 2015-02-16 18:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 02:19 - 2013-11-09 05:07 - 00000000 ____D () C:\Program Files (x86)\Shutdown Timer
2015-05-09 16:53 - 2014-10-06 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-05-09 16:53 - 2014-10-06 21:10 - 00000000 ____D () C:\Program Files (x86)\Canon
2015-05-08 04:33 - 2013-11-20 20:05 - 00003168 _____ () C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2015-05-08 04:31 - 2012-07-10 23:30 - 00000000 ___RD () C:\Users\XDANCUMP\Dropbox
2015-05-08 04:26 - 2012-04-23 02:43 - 00000000 ____D () C:\Users\XDANCUMP
2015-05-08 04:19 - 2012-12-22 04:05 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio
2015-05-08 04:11 - 2012-04-24 01:33 - 00000000 ____D () C:\Users\XDANCUMP\AppData\Local\Zoner
2015-05-08 00:37 - 2012-04-23 02:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-07 17:55 - 2012-05-06 20:44 - 00000195 _____ () C:\Users\XDANCUMP\AppData\default.pls
2015-04-30 15:06 - 2009-07-14 06:45 - 06913920 _____ () C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2014-11-19 23:22 - 2015-05-21 22:33 - 0000132 _____ () C:\Users\XDANCUMP\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-12-26 06:21 - 2012-12-31 03:38 - 0000565 _____ () C:\Users\XDANCUMP\AppData\Roaming\myMPQ.ini
2013-09-27 11:22 - 2013-11-18 03:26 - 0000000 _____ () C:\Users\XDANCUMP\AppData\Roaming\programs
2013-05-15 22:42 - 2013-11-18 03:35 - 0000000 _____ () C:\Users\XDANCUMP\AppData\Roaming\Screen Saver
2013-05-15 22:42 - 2013-11-18 03:35 - 0000000 _____ () C:\Users\XDANCUMP\AppData\Roaming\Scripts Menu
2013-05-15 22:41 - 2013-11-18 03:28 - 0000000 _____ () C:\Users\XDANCUMP\AppData\Roaming\Speech Enhancer
2014-06-19 13:33 - 2014-06-19 13:33 - 0000024 _____ () C:\Users\XDANCUMP\AppData\Roaming\temp.ini
2013-11-01 22:40 - 2013-11-01 22:40 - 0000037 ___SH () C:\Users\XDANCUMP\AppData\Local\70149b02515b3bb20dd492.47983420
2012-11-16 03:22 - 2013-01-20 00:20 - 0000546 _____ () C:\Users\XDANCUMP\AppData\Local\CastleLinkProps.dat
2013-11-02 03:05 - 2013-11-02 03:05 - 0000017 _____ () C:\Users\XDANCUMP\AppData\Local\resmon.resmoncfg
2013-11-18 03:26 - 2013-11-18 03:26 - 0000000 _____ () C:\ProgramData\manual
2013-09-27 00:32 - 2013-11-18 03:26 - 0000000 ____H () C:\ProgramData\PKP_DLbx.DAT
2013-05-15 22:41 - 2013-11-18 03:28 - 0000000 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-05-15 22:43 - 2013-11-18 03:28 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2013-05-15 22:42 - 2013-11-18 03:35 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2013-05-15 22:42 - 2013-11-18 03:35 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2013-11-18 03:35 - 2013-11-18 03:35 - 0000000 _____ () C:\ProgramData\Sci-Fi
2013-11-18 03:35 - 2013-11-18 03:35 - 0000000 _____ () C:\ProgramData\Screen Savers
2013-11-18 03:35 - 2013-11-18 03:35 - 0000000 _____ () C:\ProgramData\StartupItems

Some files in TEMP:
====================
C:\Users\XDANCUMP\AppData\Local\Temp\Quarantine.exe
C:\Users\XDANCUMP\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-15 00:41

==================== End of log ============================
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#22 Příspěvek od Sainzik »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by XDANCUMP at 2015-05-29 19:08:26
Running from C:\Users\XDANCUMP\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1553764949-2249715022-3334135275-500 - Administrator - Disabled)
Guest (S-1-5-21-1553764949-2249715022-3334135275-501 - Limited - Disabled)
Mcx1-XDANCUMP-PC (S-1-5-21-1553764949-2249715022-3334135275-1001 - Limited - Enabled) => C:\Users\Mcx1-XDANCUMP-PC
XDANCUMP (S-1-5-21-1553764949-2249715022-3334135275-1000 - Administrator - Enabled) => C:\Users\XDANCUMP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{61D4B846-49F8-2639-A4EB-977875265F37}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Balíček ovladače systému Windows - FTDI USB Device Driver Package (03/30/2010 2.06.02) (HKLM\...\049CFE17644794A5F6E1EF943A516E1065F244E7) (Version: 03/30/2010 2.06.02 - FTDI)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Bluetooth Monitor 4 (HKLM-x32\...\{61539202-097E-487E-9237-B291AB56D54C}) (Version: 4.04.000 - TOSHIBA)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.12(T) - TOSHIBA CORPORATION)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Castle Link (HKLM-x32\...\{C7774A58-8B24-4E19-A92D-E887A8FD67A1}) (Version: 3.52.10 - Castle Creations)
ccc-core-static (x32 Version: 2010.0426.2136.36953 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Companion Suite Pro LL2 (HKLM-x32\...\{ABDB5A8F-A163-4FD7-A8AE-E2695ACFEA90}) (Version: 1.2.8 - )
Companion Suite Pro LL2 Drivers (HKLM-x32\...\{4ACE3E86-78B6-43A1-B104-E3F3006FC576}) (Version: 1.2.8 - )
Conexant Audio Driver For AMD HDMI Codec (HKLM\...\CNXT_AUDIO_HDA_HDMI) (Version: 4.98.26.0 - Conexant)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.61 - Conexant)
CorelDRAW Graphics Suite X3 (HKLM-x32\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crack Microsoft Office 2010 2.2.3 (HKLM-x32\...\Crack Microsoft Office 2010 2.2.3) (Version: 2.2.3 - Microsoft)
CZ (x32 Version: 13.0 - Corel Corporation) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Driver USBDEVICEDRV (1.00.009) (HKLM-x32\...\Driver USBDEVICEDRV (1.00.009)) (Version: - )
Dropbox (HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Název společnosti:) Hidden
Ema Config (HKLM-x32\...\Ema Config_is1) (Version: 1.0 - )
F300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Helicon Remote 3.2.7.0 (HKLM-x32\...\HeliconRemote_is1) (Version: - Helicon Soft Ltd.)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{A1A724F3-F1A6-479C-AE98-208946717E2B}) (Version: 42.0.2311.39 - Google Inc.)
Imagenomic Noiseware 5.0.2 Plug-in (build 5020) (HKLM\...\ImagenomicNoisewarePlugin) (Version: - )
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - )
Incomedia WebSite X5 v11 - Professional (HKLM-x32\...\{43A1DFB2-540E-46A6-B41E-B5099368BF75}_is1) (Version: 11.0.1.12 - Incomedia s.r.l.)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
IT9130 Driver v11.9.2.1 (HKLM-x32\...\IT9130 DriverInstaller_11.9.2.1) (Version: - )
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 10.1.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\SkyDriveSetup.exe) (Version: 16.4.6010.0727 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Migration System Updater RBP (HKLM-x32\...\Migration System Updater RBP) (Version: 1.2.0.0 - )
Movie maker pro Windows 7 cz version for Windows (HKLM-x32\...\{684A4D63-85B1-B566-381E-91C3F5F80E4B}_is1) (Version: for Windows - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301029}) (Version: 7.02.9753 - Nero AG)
Network Print Monitor for Windows 2000/XP/2003/Vista (HKLM-x32\...\Network Print Monitor) (Version: - )
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.8 - Google)
Noiseware Professional Plug-in (HKLM-x32\...\{7C515D87-2DCD-422B-B993-3FE8A71B3DDB}) (Version: 4.1.1.0 - Imagenomic)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
O2 Mobilni internet (HKLM-x32\...\O2 Mobilni internet) (Version: 11.300.05.00.445 - Huawei Technologies Co.,Ltd)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapture3D 2.3.22 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.2.19 - Red Giant, LLC)
rFactor (HKLM-x32\...\rFactor) (Version: 1255g - Image Space Incorporated)
RivaTuner v2.23 (HKLM-x32\...\RivaTuner) (Version: v2.23 - Alexey Nicolaychuk)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.78 (28.6.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.60.00(23.7.2013) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.10 (14.2.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.01.08.00 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.18 (1.7.2013) - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
ScanSoft PaperPort 11 (HKLM-x32\...\{D7659F54-7502-4312-AA24-F103C92C26F5}) (Version: 11.1.0000 - Nuance Communications, Inc.)
SIW version 2011.10.29 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2011.10.29 - Topala Software Solutions)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.5.5.4 - Splashtop Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TAudioConverter verze 0.9.7 (HKLM-x32\...\{35FC8349-C27B-4680-ABF1-88F7FE893586}_is1) (Version: 0.9.7 - ozok)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.0.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.0.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.0.0 - Topaz Labs, LLC)
Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{E0FAA369-B0E3-48B8-9447-4873103B0012}) (Version: 8.0.34 - TOSHIBA CORPORATION)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.06 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.10 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.09.0001 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation)
TOSHIBA TEMPRO (HKLM-x32\...\{3A9B3B6D-3C08-4283-AF50-FD82C49DD71E}) (Version: 3.34 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Trapcode Suite v12.1.7 (HKLM-x32\...\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1) (Version: 12.1.7 - Red Giant, LLC)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VBA (x32 Version: 6.2 - Corel Corporation) Hidden
Visual FoxPro ODBC Driver (HKLM-x32\...\{31821EFE-1B31-4744-9FB0-208F92BD7168}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Výstraha HDD/SSD TOSHIBA (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Výstraha HDD/SSD TOSHIBA (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Výstraha HDD/SSD TOSHIBA (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
War Thunder Launcher 1.0.1.502 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\1F64724E4D591A125651B4B68C84B9CCE9619004) (Version: 03/07/2012 - GoPro)
Windows Movie Maker (HKLM\...\Windows Movie Maker) (Version: 6.0.6002.18005 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - Ruiware)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Xilisoft HD Video Converter 6 (HKLM-x32\...\Xilisoft HD Video Converter 6) (Version: 6.0.12.0914 - Xilisoft)
XTuning Flash Tool verze 2015.1 (HKLM-x32\...\XTUNING_Flash_is1) (Version: 2015.1 - XTUNING s.r.o.)
Zobrazit uživatelskou příručku (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.8 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

08-05-2015 21:41:47 Installed QuickTime 7
15-05-2015 14:07:37 Windows Update
22-05-2015 15:23:50 Windows Update
24-05-2015 03:05:41 ComboFix created restore point
27-05-2015 20:13:13 OTL Restore Point - 27.5.2015 20:13:10
27-05-2015 20:58:18 OTL Restore Point - 27.5.2015 20:58:18
27-05-2015 21:42:32 OTL Restore Point - 27.5.2015 21:42:32
28-05-2015 12:48:16 OTL Restore Point - 28.5.2015 12:48:16
29-05-2015 13:13:58 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-12-03 17:37 - 2015-05-24 03:18 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {162D1D5A-CD90-4893-8C86-96376514EAC7} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-03] (TOSHIBA CORPORATION)
Task: {1D8E73CB-2431-4834-B4D8-ED4B5FC14228} - System32\Tasks\{0175F9AF-44FB-4969-87C8-DA3FA8611F3D} => pcalua.exe -a C:\PROGRA~2\VIRTUA~1\UNWISE.EXE -c C:\PROGRA~2\VIRTUA~1\INSTALL.LOG
Task: {2900F316-127E-465C-99E0-1A25DA3262AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: {2F9D7212-5ADB-4075-A494-866594689335} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-20] (Adobe Systems Incorporated)
Task: {2FE720A0-522C-45E9-AA36-EF406C5B1B9D} - System32\Tasks\{9529633C-E25F-4CFB-A556-CE6E5BE8B4F3} => pcalua.exe -a C:\Users\XDANCUMP\Desktop\StarCraftII_CZ.exe -d C:\Users\XDANCUMP\Desktop
Task: {3285C3A7-325F-429C-854A-0AF1D48DFFE5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3359DC03-CEFD-4930-81E2-EF7A0E453133} - System32\Tasks\{572922B4-D7A4-4121-B6D4-8331D953C733} => pcalua.exe -a "C:\Users\XDANCUMP\Desktop\SC 2 Skirmish cracked\SC2ALLin1_setup1033.exe" -d "C:\Users\XDANCUMP\Desktop\SC 2 Skirmish cracked"
Task: {39E13EE6-CF6C-4499-9406-A2AF27808AC0} - System32\Tasks\{6F0B4B40-D0FD-40DB-AEA9-3C7AB7A059B9} => pcalua.exe -a C:\Users\XDANCUMP\Desktop\SC2ALLin1_setup990.exe -d C:\Users\XDANCUMP\Desktop
Task: {3B82B419-9FB9-4C02-8D12-712B847A2841} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {3E684AD3-B47C-45C1-8700-F6A4244B7693} - System32\Tasks\{07BFB38B-EECB-42B5-A014-22E5CAA1C82C} => pcalua.exe -a C:\Users\XDANCUMP\Desktop\SC2ALLin1_setup1033.exe -d C:\Users\XDANCUMP\Desktop
Task: {3E6E0622-FC06-408D-8307-B5CADB1B2E5E} - System32\Tasks\{88777FFA-C35A-4A99-A098-DC219ACB99FD} => pcalua.exe -a C:\Users\XDANCUMP\Desktop\cispremium_installer_x86_50.exe -d C:\Users\XDANCUMP\Desktop
Task: {405DCFFF-F748-4718-92A8-E0A83A179933} - System32\Tasks\{05791C4A-A785-4905-AF91-BC9BC36130CE} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {41E2EB2D-D26E-4DC7-8081-26A05B315DF8} - System32\Tasks\{D411742B-BAFC-4089-88A1-A5409CCC0FB7} => pcalua.exe -a "H:\!!! CRACK !!!\Čeština\StarCraftII_CZ_1.13.exe" -d "H:\!!! CRACK !!!\Čeština"
Task: {426F3E6F-59A5-4E6C-A8A5-6CD7012E5AE9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {482F30FF-021B-495B-AEF3-133C47141155} - System32\Tasks\{8364930C-6709-4AA5-A5CC-56EC5FFE46B4} => pcalua.exe -a "C:\Program Files (x86)\StarCraft II\SC2ALLin1_setup1033.exe" -d "C:\Program Files (x86)\StarCraft II"
Task: {4A13F79E-567A-4B6C-9F7A-A86DADF4E827} - System32\Tasks\MigrationUpdateTask => C:\Users\XDANCUMP\AppData\Local\MigsUpdater\mupdater.exe [2013-05-05] ()
Task: {6A4887D9-61E4-40A8-BB66-64C61ED29366} - System32\Tasks\{317C2BD8-BDE9-4AE4-A56D-9B4B85F60408} => pcalua.exe -a "C:\Users\XDANCUMP\Desktop\Template Packs\Incomedia WebSite X5 Template Pack 901\setup\templatepack901.exe" -d "C:\Users\XDANCUMP\Desktop\Template Packs\Incomedia WebSite X5 Template Pack 901\setup"
Task: {74430000-6757-4868-819C-9449D78AA20C} - System32\Tasks\GoForFiles Installer Starter => C:\Users\XDANCUMP\AppData\Local\Temp\GoForFilesuiyG7CaIl3.exe <==== ATTENTION
Task: {81F43CC5-5812-43BF-BD39-6964EA3CA020} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20] (Adobe Systems Incorporated)
Task: {8A9644FF-6701-4219-B905-EB9AF83D18C2} - System32\Tasks\{0FDF15AB-4AA6-4E0F-B7CC-08271BB83543} => pcalua.exe -a "C:\Users\XDANCUMP\Desktop\BLAZE HDTV Player+driver(SN)\Drivers\setup.exe" -d "C:\Users\XDANCUMP\Desktop\BLAZE HDTV Player+driver(SN)\Drivers"
Task: {92A2E2EF-28B4-4A36-B199-25A63A216525} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {9D52459F-4607-4476-8F11-5E9D6D2A2CAB} - System32\Tasks\{C1E78153-5F60-418B-B1D5-981F0264B0B8} => pcalua.exe -a C:\Users\XDANCUMP\Desktop\pp14x0MFALLWin_110117\setup.exe -d C:\Users\XDANCUMP\Desktop\pp14x0MFALLWin_110117
Task: {ACDFE139-A004-462A-85F7-58782E7CDB38} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-XDANCUMP-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {B3025DE3-8E3B-4CD8-8DBF-7942AF3AE821} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {B5171C89-0815-44F4-BA54-37463E056521} - System32\Tasks\{2EDA5B83-76EC-4BD9-96BB-C6663C7FA9AD} => C:\Users\XDANCUMP\Desktop\OTL.exe
Task: {B5834E7F-8029-4586-B290-22E2E87E10E2} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2015-05-19] ()
Task: {E4F63701-C01C-4256-94FC-29FBCEBFCFCA} - System32\Tasks\{02E04A54-87E7-4F68-A672-2525FB3D1C29} => pcalua.exe -a "F:\Programy\Instalační balíček Březen 2011\Winrar 3.71 CZ + CRACK.exe" -d "F:\Programy\Instalační balíček Březen 2011"
Task: {ED820124-C377-4F97-A8AC-97B7E771AE7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-07-23 12:13 - 2010-01-29 23:57 - 00071680 _____ () C:\Windows\System32\LFOGRPJL.DLL
2013-06-28 10:12 - 2013-06-28 10:12 - 00034304 _____ () C:\Windows\System32\ssm1mlm.dll
2014-10-08 12:42 - 2014-01-23 11:00 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-04-23 02:47 - 2006-12-11 02:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-03-23 19:29 - 2014-08-19 21:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-09-24 21:37 - 2014-09-24 21:37 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-24 21:37 - 2014-09-24 21:38 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2010-04-07 16:07 - 2010-04-07 16:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 13:26 - 2009-11-03 13:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2012-04-23 02:54 - 2009-06-22 14:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2009-10-13 11:00 - 2009-10-13 11:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-12-03 03:27 - 2013-12-03 03:27 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-05 17:44 - 2010-02-05 17:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-03-02 22:30 - 2015-03-02 22:30 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-05-26 01:51 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 01:51 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-26 01:51 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:2B600C25
AlternateDataStreams: C:\ProgramData\TEMP:7980A5DB
AlternateDataStreams: C:\ProgramData\TEMP:B0177106
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:DB60730C

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\vodafone.cz -> hxxps://prm.vodafone.cz

IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4790 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XDANCUMP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.27.1.1 - 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\startupfolder: C:^Users^XDANCUMP^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: BambooCore => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: MFFSum_Pro_LL2 => c:\program files (x86)\companion suite pro ll2\mffsum.exe
MSCONFIG\startupreg: MFPrintServer_Pro_LL2 => c:\program files (x86)\companion suite pro ll2\mfprintserver.exe
MSCONFIG\startupreg: MobileConnect =>
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PPort11reminder => "c:\program files (x86)\scansoft\paperport\ereg\ereg.exe" -r "c:\programdata\scansoft\paperport\11\config\ereg\ereg.ini
MSCONFIG\startupreg: QuickTime Task =>
MSCONFIG\startupreg: SearchProtection => "c:\users\xdancump\appdata\roaming\search protection\searchprotection.exe" /autostart
MSCONFIG\startupreg: SSBkgdUpdate => "c:\program files (x86)\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe" -embedding -boot
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard =>
MSCONFIG\startupreg: Toshiba TEMPRO => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TPwrMain => %programfiles%\toshiba\power saver\tpwrmain.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => c:\program files\zoner\photo studio 15\program32\zpstray.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{150E9FD8-3F11-436A-BAA5-B0BC9FB1E47D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{5F3FF333-DB6E-43A6-897C-F610757ED583}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C610F4DB-2F1B-4CF7-B7B2-869EF7FC4F6D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{DBDA3EE4-0422-4279-AEE9-1DC15139B6E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{4B73E21A-2EF0-4F9A-9ED5-07AF7D9EB0E1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{C5350527-E7CB-42E0-8414-74A674A2CB88}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{54A06E40-67B8-4E79-A3C8-EB01878C5A25}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{6CC85781-6B88-42E5-B8A1-D6F8B043D770}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{2494D452-695D-482A-9BF0-044C5324F3D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{5CBD3502-143E-40E8-B9EB-5082C0187C9F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{73E315F7-128A-444A-9E31-A5092AE9A3F3}] => (Allow) C:\Users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{61D6353B-3C47-4B63-A253-4BC8DA769659}] => (Allow) C:\Users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{5BEDD907-FD4C-473F-B180-07F80705A113}] => (Allow) E:\setup\hpznui40.exe
FirewallRules: [{D3120641-C28C-4ED4-8C66-749970F59C00}] => (Allow) C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{57404B4E-54FA-4A08-804F-422D635F9F38}] => (Allow) C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8C470A5C-A9B7-4385-9E93-D2010FCF07A5}] => (Allow) C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{179C3327-1025-42D1-9DB5-9E03B9D35589}] => (Allow) C:\Users\XDANCUMP\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{662E2081-1076-4782-AD3C-97B5E614F567}] => (Allow) C:\Program Files (x86)\Companion Suite Pro LL2\MFServices.exe
FirewallRules: [{7E6A147D-9A53-4D60-8262-EC69CAD1E81D}] => (Allow) LPort=54010
FirewallRules: [{AEDF99BA-4D68-4CAA-B9DC-22CEB51209F2}] => (Allow) C:\Users\XDANCUMP\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{0496BDBC-82A6-49FE-9D74-BDF6821975B8}] => (Allow) C:\Users\XDANCUMP\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{0DD4A8AF-A9AD-4A5B-821C-F2A7DBCBC43F}] => (Allow) LPort=135
FirewallRules: [{55E91DC8-6655-4F3E-9028-E063DEDE14EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D6EE9376-F7B2-4513-87AB-AD1CACB56B87}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{AB0629EF-15A7-45E8-9142-9E654CF2C270}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{61E11B13-4C21-4C63-9885-9DEEE07CCDC2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{46C32E75-0CE0-43DC-A61E-E7CCF4539458}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
FirewallRules: [{46F42441-2E46-4B52-B746-26C20AF64256}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
FirewallRules: [{E9617761-F414-4E07-8D59-C5200B4ADE07}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\DataProxy.exe
FirewallRules: [{6B681A79-1552-4D10-BD46-F52111FA6E41}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{13D3016A-63E8-4F80-8774-D6611DE8DB74}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{F6E14EFA-35FF-465C-A5A3-0E1C3ECB8A1D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{78E75FE8-F4AF-4F62-83FF-C0D9D93C92A6}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{0B2C37EA-403A-4408-9187-E52691FE64D1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{20A575D4-A8F4-420A-BEF0-DF249C88BC3D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{C2572037-9DD2-444A-9C5D-FD50624FE30D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{38F062AE-AFCA-4FDD-8285-D92CA2432EE5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D3E5E7D2-EB99-4ABA-A46C-DD89833DBC96}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{4823DEF7-2D95-467F-8198-964C8159B6EB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{01E9A6C3-AAF9-43E1-8F20-D19DDC772B2E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{E3EC474D-DB26-413B-AE12-739330771E7A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{97B814DC-EC3F-40D3-81E3-910092DC8FA9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{BBE6FE52-5C7A-4BDB-85A2-14CB2325EE33}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{2EB071C2-F6C2-415B-B0B3-8CDBC344F479}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{E7FFC601-7FBE-4E12-A0BB-A92DD09CBF30}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{A53018DD-D64F-4E1F-9012-2D8A9288E939}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4242C5FF-08E9-4544-8D3F-9C6BFA5E5D07}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{1BEA4511-A3CD-4E2E-8F54-7D65AED01242}] => (Block) %ProgramFiles% (x86)\WebSite X5 v11 - Professional\imRegister.exe
FirewallRules: [{1052812F-4492-4D90-BC02-18D81DB861AE}] => (Block) %ProgramFiles% (x86)\WebSite X5 v11 - Professional\imUpdate.exe
FirewallRules: [{72643260-5992-4BE2-9C81-75CB1B48CE09}] => (Block) %ProgramFiles% (x86)\WebSite X5 v11 - Professional\WebSiteX5.exe
FirewallRules: [{25B48B6E-82E1-4B8C-86F8-36199694DFE3}] => (Block) %ProgramFiles% (x86)\WebSite X5 v11 - Professional\imRegister.exe
FirewallRules: [{9FC7C4E3-E0FC-43C1-A298-46ABDEA18614}] => (Block) %ProgramFiles% (x86)\WebSite X5 v11 - Professional\imUpdate.exe
FirewallRules: [{E2E780B3-3406-4AAB-B6B0-C7EE0FA3830E}] => (Block) %ProgramFiles% (x86)\WebSite X5 v11 - Professional\WebSiteX5.exe
FirewallRules: [TCP Query User{30B280A9-44B1-4AC9-A25C-7EAB3DA44317}D:\users\xdancump\documents\plocha\rfactor 2015\rfactor.exe] => (Allow) D:\users\xdancump\documents\plocha\rfactor 2015\rfactor.exe
FirewallRules: [UDP Query User{BC603776-8997-483E-B17E-A780CF5B2AD9}D:\users\xdancump\documents\plocha\rfactor 2015\rfactor.exe] => (Allow) D:\users\xdancump\documents\plocha\rfactor 2015\rfactor.exe
FirewallRules: [TCP Query User{6D9E7D1F-A5A7-41E3-8232-3CB526B5C3CF}C:\program files\java\jre7\launch4j-tmp\vracingdisplayserver.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vracingdisplayserver.exe
FirewallRules: [UDP Query User{C464C82C-767C-4954-A059-D29E6A7D7CDE}C:\program files\java\jre7\launch4j-tmp\vracingdisplayserver.exe] => (Allow) C:\program files\java\jre7\launch4j-tmp\vracingdisplayserver.exe
FirewallRules: [TCP Query User{6C06A2C4-8C6C-4D29-A6A0-2F426CCC05DB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{90CBCE91-C939-4C61-8B87-62DA694C9F54}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{CC71D63E-D60D-4402-9835-96F59D12C35D}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{E23FBAE1-9709-4289-BEAD-648780D33A84}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{59C1DAB8-6A2F-4A1A-AC34-95DC3B812CBA}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{74FA1DCB-05AC-4F53-96CD-FDD62A817C95}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{52029356-F446-44E5-9EBF-9FB4E07F9DFC}] => (Allow) LPort=80
FirewallRules: [{A9CADBA9-40E5-49A3-BD1C-98BA07C91BCA}] => (Allow) LPort=443
FirewallRules: [{AECC0A5C-EA69-43F0-ADDD-00D98E4D2A39}] => (Allow) LPort=20010
FirewallRules: [{CCF10071-1EC6-47EC-9CA2-BD0DD2612E68}] => (Allow) LPort=3478
FirewallRules: [{2719A66F-05D9-4329-BE1E-4748B6F44CBE}] => (Allow) LPort=7850
FirewallRules: [{FD33A3F4-2832-4B7D-843F-527A56B66D06}] => (Allow) LPort=7852
FirewallRules: [{9C003061-66FC-4282-8EDA-0DCEF40A4F12}] => (Allow) LPort=7853
FirewallRules: [{BE26391D-2F97-4BBE-81C4-D8A68592DE3B}] => (Allow) LPort=27022
FirewallRules: [{8D0B182A-176A-4B57-BB24-CA9CDEFF3279}] => (Allow) LPort=6881
FirewallRules: [{EFB2034C-C1A1-41A1-A041-FB19C0D66EF4}] => (Allow) LPort=33333
FirewallRules: [{E5C2D60F-F87F-4619-8E8C-4A644A9AFB10}] => (Allow) LPort=20443
FirewallRules: [{9E849814-238E-466B-9A6D-B8449BE0AE39}] => (Allow) LPort=8090
FirewallRules: [{0772F781-5059-462D-9092-0F919CB65C50}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe
FirewallRules: [{B6A00A0F-EF11-44D3-AE57-C3368D67B9C6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C95BFA65-A504-4CB9-97C5-BAB9B6EC700B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4161F051-0641-4C8C-B9C0-6CD4410C1DBF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{50E4E375-93B2-4657-8815-298EA4E978AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BDF1B465-41E5-4695-9E7F-751738EC53B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7120787E-B0E9-459C-9DC9-21EE38F7F0DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{41236672-60A1-4B93-8E16-7FAE02103D24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{230E7579-0A7A-44CC-B03E-24F797798B47}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6BDA7F36-6E35-4A5C-AE17-13B75A9E839B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{41429DCF-B913-4A0C-909C-D534E9377879}] => (Allow) C:\Users\XDANCUMP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{274426A6-04CA-4C9A-BDF1-C6DF07ABE313}] => (Allow) C:\Users\XDANCUMP\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC4DF7EA-AD3D-4E64-A75D-570306458496}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2015 03:25:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 0F069E.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.

Error: (05/23/2015 04:04:21 AM) (Source: MsiInstaller) (EventID: 11309) (User: DANDY)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.

Error: (05/22/2015 02:30:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TosBtAvAC.exe, verze: 7.10.4820.1, časové razítko: 0x4bf4f85a
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea8e7
Kód výjimky: 0xc0000005
Posun chyby: 0x00032f24
ID chybujícího procesu: 0x1060
Čas spuštění chybující aplikace: 0xTosBtAvAC.exe0
Cesta k chybující aplikaci: TosBtAvAC.exe1
Cesta k chybujícímu modulu: TosBtAvAC.exe2
ID zprávy: TosBtAvAC.exe3

Error: (05/19/2015 02:12:54 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={E2D9070E-D2D9-423D-B78E-448B2DDAB919}: Uživatel DANDY\XDANCUMP vytočil připojení s názvem O2, které se nezdařilo. Kód chyby vrácený při selhání je 628.

Error: (05/19/2015 00:09:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_SysMain, verze: 6.1.7600.16385, časové razítko: 0x4a5bc3c1
Název chybujícího modulu: sysmain.dll, verze: 6.1.7601.17514, časové razítko: 0x4ce7c9db
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000055e99
ID chybujícího procesu: 0x8c0
Čas spuštění chybující aplikace: 0xsvchost.exe_SysMain0
Cesta k chybující aplikaci: svchost.exe_SysMain1
Cesta k chybujícímu modulu: svchost.exe_SysMain2
ID zprávy: svchost.exe_SysMain3

Error: (05/09/2015 00:39:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17514, časové razítko: 0x4ce7a144
Název chybujícího modulu: wpdshserviceobj.dll, verze: 6.1.7601.17514, časové razítko: 0x4ce7cab1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000ca75
ID chybujícího procesu: 0xacc
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3

Error: (05/04/2015 07:27:52 PM) (Source: chromoting) (EventID: 3) (User: )
Description: Přístup klienta zamítnut: dan.cumpelik@gmail.com/chromoting534D7EA7.

Error: (05/04/2015 07:27:44 PM) (Source: chromoting) (EventID: 3) (User: )
Description: Přístup klienta zamítnut: dan.cumpelik@gmail.com/chromotingB632FED1.

Error: (04/28/2015 04:35:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 6.1.7601.17514, časové razítko: 0x4ce7a144
Název chybujícího modulu: EXPLORERFRAME.dll, verze: 6.1.7601.17514, časové razítko: 0x4ce7c6a8
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000fa711
ID chybujícího procesu: 0xa38
Čas spuštění chybující aplikace: 0xexplorer.exe0
Cesta k chybující aplikaci: explorer.exe1
Cesta k chybujícímu modulu: explorer.exe2
ID zprávy: explorer.exe3

Error: (04/25/2015 00:14:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TosBtAvAC.exe, verze: 7.10.4820.1, časové razítko: 0x4bf4f85a
Název chybujícího modulu: TosBtAvAC.exe, verze: 7.10.4820.1, časové razítko: 0x4bf4f85a
Kód výjimky: 0xc0000005
Posun chyby: 0x0000778c
ID chybujícího procesu: 0xac8
Čas spuštění chybující aplikace: 0xTosBtAvAC.exe0
Cesta k chybující aplikaci: TosBtAvAC.exe1
Cesta k chybujícímu modulu: TosBtAvAC.exe2
ID zprávy: TosBtAvAC.exe3


System errors:
=============
Error: (05/29/2015 06:42:46 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80070422

Error: (05/29/2015 06:42:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cpuidlep

Error: (05/29/2015 06:41:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/29/2015 06:41:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\cpuidlep.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (05/29/2015 06:40:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (05/29/2015 06:40:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (05/29/2015 06:40:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (05/29/2015 06:40:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ConfigFree Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/29/2015 06:40:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Active File Monitor V11 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/29/2015 06:40:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management & Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Microsoft Office:
=========================
Error: (05/26/2015 03:25:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 9E.crtDaná operace se vrátila, protože vypršel časový limit.

Error: (05/23/2015 04:04:21 AM) (Source: MsiInstaller) (EventID: 11309) (User: DANDY)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (05/22/2015 02:30:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TosBtAvAC.exe7.10.4820.14bf4f85antdll.dll6.1.7601.18247521ea8e7c000000500032f24106001d091dba492f0e9C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exeC:\Windows\SysWOW64\ntdll.dll53af52fc-007e-11e5-aea6-00266c799531

Error: (05/19/2015 02:12:54 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {E2D9070E-D2D9-423D-B78E-448B2DDAB919}DANDY\XDANCUMPO2628

Error: (05/19/2015 00:09:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc00000050000000000055e998c001d091692932a3a5C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dll914a3db8-fdaa-11e4-8df9-00266c799531

Error: (05/09/2015 00:39:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175144ce7a144wpdshserviceobj.dll6.1.7601.175144ce7cab1c0000005000000000000ca75acc01d085a24da5cf01C:\Windows\Explorer.EXEC:\Windows\system32\wpdshserviceobj.dll0eb69e67-f5d3-11e4-b367-00266c799531

Error: (05/04/2015 07:27:52 PM) (Source: chromoting) (EventID: 3) (User: )
Description: dan.cumpelik@gmail.com/chromoting534D7EA7

Error: (05/04/2015 07:27:44 PM) (Source: chromoting) (EventID: 3) (User: )
Description: dan.cumpelik@gmail.com/chromotingB632FED1

Error: (04/28/2015 04:35:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175144ce7a144EXPLORERFRAME.dll6.1.7601.175144ce7c6a8c000000500000000000fa711a3801d0808435c44704C:\Windows\explorer.exeC:\Windows\system32\EXPLORERFRAME.dllc0c9fd27-edb3-11e4-acda-00266c799531

Error: (04/25/2015 00:14:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TosBtAvAC.exe7.10.4820.14bf4f85aTosBtAvAC.exe7.10.4820.14bf4f85ac00000050000778cac801d07e826aca7e94C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exeC:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe3f89e0d9-eacf-11e4-adc0-00266c799531


CodeIntegrity Errors:
===================================
Date: 2015-05-29 01:03:37.899
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 01:03:37.731
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 01:03:37.523
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 01:03:33.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 01:03:33.429
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 01:03:33.243
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 01:03:31.603
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 01:03:31.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 01:03:31.213
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-05-29 00:59:17.618
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.16385_none_5722666f137ae177\appid.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 31%
Total physical RAM: 8053.86 MB
Available physical RAM: 5556.22 MB
Total Pagefile: 20133.04 MB
Available Pagefile: 17188.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:228.52 GB) (Free:92.17 GB) NTFS
Drive d: () (Fixed) (Total:237.15 GB) (Free:100.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0E290B46)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=228.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=237.1 GB) - (Type=07 NTFS)

==================== End of log ============================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Sai

#23 Příspěvek od Márty84 »

:???: Muzete mi rict, co jste tam provadel s TDSSKillerem a hlavne s ComboFixem? Umite s nim zachazet?



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File

S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]

Task: {74430000-6757-4868-819C-9449D78AA20C} - System32\Tasks\GoForFiles Installer Starter => C:\Users\XDANCUMP\AppData\Local\Temp\GoForFilesuiyG7CaIl3.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:2B600C25
AlternateDataStreams: C:\ProgramData\TEMP:7980A5DB
AlternateDataStreams: C:\ProgramData\TEMP:B0177106
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:DB60730C

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#24 Příspěvek od Sainzik »

Bohuzel už jsem PC takto koupil. nechtel jsem ho zformátovat kvuli únavnému znovunastavování a instalování všech programů, tak jsem se zkusil obrátit sem. Combofix a TDSkiller neznám a používat radši ani nebudu :)
PC mám ode dne vložení prvního příspěvku sem na VIRY.cz a příjde mi že internet špatně funguje v porovnání s druhým notebooku mé přítelkyně, který je ještě slabší jak ten můj, ale internet a celková odezva je u něho mnohem lepší jak u mého. (např.: ve hře War Thunder u mého notebooku stále padá připojení a ztrácí se pakety, ale u jejího se to nikdy nestane na stejné wifi ve stejném dosahu se stejnou silou signálu. To samé pozoruji i na prohlížeči Chrome, který funguje s horší odezvou :(

Tak nevím jestli to má něco společného s tím co jste psal výše?
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#25 Příspěvek od Sainzik »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by XDANCUMP at 2015-05-29 21:31:55 Run:1
Running from C:\Users\XDANCUMP\Desktop
Loaded Profiles: XDANCUMP (Available Profiles: XDANCUMP & Mcx1-XDANCUMP-PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File

S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-03-11 136120]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]

Task: {74430000-6757-4868-819C-9449D78AA20C} - System32\Tasks\GoForFiles Installer Starter => C:\Users\XDANCUMP\AppData\Local\Temp\GoForFilesuiyG7CaIl3.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:2B600C25
AlternateDataStreams: C:\ProgramData\TEMP:7980A5DB
AlternateDataStreams: C:\ProgramData\TEMP:B0177106
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:DB60730C

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value Removed successfully
"HKLM\SOFTWARE\Policies\Google" => key Removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
"HKU\S-1-5-21-1553764949-2249715022-3334135275-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key Removed successfully
"HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key Removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin" => key Removed successfully
NMIndexingService => Service Removed successfully
SwitchBoard => Service Removed successfully
AdobeARMservice => Service Removed successfully
gupdate => Service Removed successfully
gupdatem => Service Removed successfully
gusvc => Service Removed successfully
NBService => Service Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74430000-6757-4868-819C-9449D78AA20C}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74430000-6757-4868-819C-9449D78AA20C}" => key Removed successfully
C:\Windows\System32\Tasks\GoForFiles Installer Starter => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoForFiles Installer Starter" => key Removed successfully
C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows => ":nlsPreferences" ADS Removed successfully.
C:\ProgramData\TEMP => ":2B600C25" ADS Removed successfully.
C:\ProgramData\TEMP => ":7980A5DB" ADS Removed successfully.
C:\ProgramData\TEMP => ":B0177106" ADS Removed successfully.
C:\ProgramData\TEMP => ":BF3D62E7" ADS Removed successfully.
C:\ProgramData\TEMP => ":DB60730C" ADS Removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileConnect" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts restored successfully.
EmptyTemp: => Removed 143 MB temporary data.


The system needed a reboot.

==== End of Fixlog 21:32:41 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Prosím o kontrolu - Sai

#26 Příspěvek od Márty84 »

Ohledne toho combofixu...

Kdyby si dotycny precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl by se mimo jine toto
2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.
CF smaze veskere stopy pripadne nakazy a ja ted muzu tak akorat varit z vody, jak se rika :x
Takze bez doporuceni ho rozhodne nepouzivejte, jinak muze byt pomoc odmitnuta.


:arrow: Dejte mi sem jeho log, najdete ho zde C:\ComboFix.txt

:arrow: Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#27 Příspěvek od Sainzik »

Muzu se zeptat jestli jeste nevite jak si zmenit uzivatelske jmeno XDANCUMP, ktere tam vsude mam? Je to asi zakladni nazev PC, který se da zmenit jen v prikazovem radku.


Jinak jdu na to
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#28 Příspěvek od Sainzik »

ComboFix 15-05-19.01 - XDANCUMP 24.05.2015 3:08.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8054.6360 [GMT 2:00]
Spuštěný z: c:\users\XDANCUMP\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
.
Nakažená kopie c:\windows\SysWow64\user32.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache86\user32.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-24 do 2015-05-24 )))))))))))))))))))))))))))))))
.
.
2015-05-24 01:17 . 2015-05-24 01:17 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-05-24 01:17 . 2015-05-24 01:17 -------- d-----w- c:\users\Mcx1-XDANCUMP-PC\AppData\Local\temp
2015-05-24 01:17 . 2015-05-24 01:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-23 02:03 . 2015-05-23 02:09 -------- d-----w- c:\program files (x86)\globalUpdate
2015-05-23 02:03 . 2015-05-23 02:03 -------- d-----w- c:\users\XDANCUMP\AppData\Local\globalUpdate
2015-05-23 02:03 . 2015-05-23 02:08 -------- d-----w- c:\program files (x86)\Seznam.cz
2015-05-23 02:03 . 2015-05-23 02:03 -------- d-----w- c:\users\XDANCUMP\AppData\Local\Geckofx
2015-05-23 02:03 . 2015-05-23 02:08 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\Seznam.cz
2015-05-23 02:01 . 2015-05-23 02:09 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\SSN
2015-05-22 13:24 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F2230FBA-6273-4BBE-8CC1-F32DB4A5956C}\mpengine.dll
2015-05-18 22:40 . 2015-05-18 22:40 -------- d-----w- c:\program files (x86)\Red Giant Link
2015-05-18 22:40 . 2015-05-18 22:40 -------- d-----w- c:\programdata\goodasnew
2015-05-09 14:07 . 2015-05-09 14:07 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\Apple Computer
2015-05-09 14:04 . 2015-05-09 14:04 -------- d-----w- c:\users\XDANCUMP\AppData\Local\CANON_INC
2015-05-09 14:00 . 2015-05-09 14:00 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\Canon_Inc_IC
2015-05-09 13:59 . 2015-05-09 13:59 -------- d-----w- c:\program files (x86)\Common Files\Canon_Inc_IC
2015-05-09 13:59 . 2015-05-09 13:59 -------- d-----w- c:\programdata\Canon_Inc_IC
2015-05-08 19:43 . 2015-05-08 19:43 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2015-05-08 19:43 . 2015-05-08 19:43 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2015-05-08 19:43 . 2015-05-08 19:43 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2015-05-08 19:43 . 2015-05-08 19:43 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2015-05-08 19:43 . 2015-05-08 19:43 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2015-05-08 19:42 . 2015-05-08 19:43 -------- d-----w- c:\program files (x86)\QuickTime
2015-05-08 19:41 . 2015-05-08 19:41 -------- d-----w- c:\program files (x86)\Common Files\Apple
2015-05-08 19:41 . 2015-05-08 19:41 -------- d-----w- c:\users\XDANCUMP\AppData\Local\Apple
2015-05-08 19:41 . 2015-05-08 19:41 -------- d-----w- c:\programdata\Apple
2015-05-08 19:41 . 2015-05-08 19:41 -------- d-----w- c:\program files (x86)\Apple Software Update
2015-05-08 00:33 . 2015-05-08 00:35 -------- d-----w- C:\Twixtor5AE
2015-05-07 22:39 . 2015-05-07 22:39 -------- d-----w- c:\users\XDANCUMP\AppData\Roaming\Red Giant
2015-05-07 22:39 . 2015-05-07 22:39 -------- d-----w- c:\programdata\Red Giant
2015-05-07 22:39 . 2015-05-07 22:39 -------- d-----w- c:\program files (x86)\Red Giant
2015-05-07 22:38 . 2015-05-07 22:38 -------- d-----w- c:\programdata\RedGiant
2015-05-01 18:10 . 2015-05-01 18:10 229608 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2015-04-28 12:01 . 2015-04-28 12:01 -------- d-----w- c:\programdata\Steam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-23 17:28 . 2015-02-06 15:24 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-20 16:36 . 2012-04-23 02:02 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-20 16:36 . 2012-04-23 02:02 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-16 00:42 . 2013-10-19 22:38 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-14 07:37 . 2015-02-06 15:24 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2015-02-06 15:24 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-14 07:37 . 2015-02-06 15:24 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-03-12 21:51 . 2015-03-12 22:27 358 ----a-w- c:\windows\Fonts\afchampfleury.pfm
2015-03-12 21:51 . 2015-03-12 22:17 808 ----a-w- c:\windows\Fonts\_p.pfm
2015-03-12 21:51 . 2015-03-12 22:43 1087 ----a-w- c:\windows\Fonts\doini.pfm
2015-03-12 21:45 . 2015-03-12 22:28 1348 ----a-w- c:\windows\Fonts\afr.pfm
2015-03-12 21:45 . 2015-03-12 22:45 1486 ----a-w- c:\windows\Fonts\gnl.pfm
2015-03-12 21:45 . 2015-03-12 22:28 1424 ----a-w- c:\windows\Fonts\agel.pfm
2015-03-12 21:45 . 2015-03-12 22:28 1445 ----a-w- c:\windows\Fonts\afi.pfm
2015-03-12 21:45 . 2015-03-12 22:27 1442 ----a-w- c:\windows\Fonts\afcarplates-bold.pfm
2015-03-12 21:45 . 2015-03-12 22:29 1584 ----a-w- c:\windows\Fonts\agm.pfm
2015-03-12 21:44 . 2015-03-12 22:26 1143 ----a-w- c:\windows\Fonts\aebl.pfm
2015-03-12 21:44 . 2015-03-12 22:22 1135 ----a-w- c:\windows\Fonts\acb.pfm
2015-03-12 21:44 . 2015-03-12 22:17 1134 ----a-w- c:\windows\Fonts\_n_0.pfm
2015-03-12 21:44 . 2015-03-12 22:16 1134 ----a-w- c:\windows\Fonts\_n.pfm
2015-03-12 21:44 . 2015-03-12 22:26 1150 ----a-w- c:\windows\Fonts\aeblo.pfm
2015-03-12 21:44 . 2015-03-12 22:45 1189 ----a-w- c:\windows\Fonts\gns.pfm
2015-03-06 20:45 . 2015-03-06 20:45 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2015-03-06 20:45 . 2015-03-06 20:45 61440 ----a-w- c:\windows\SysWow64\nvPhotoshopUtil.dll
2015-03-06 20:45 . 2015-03-06 20:45 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2015-02-24 02:17 . 2012-04-23 01:44 295552 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-17 07:51 220608 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-17 07:51 220608 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-17 07:51 220608 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-26 102400]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2009-8-6 439648]
Bluetooth Monitor.lnk - c:\program files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe [2015-4-25 91464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"="0"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDMI64.sys;c:\windows\SYSNATIVE\drivers\CHDMI64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FaxLffv2;Companion Suite Pro LL2 Modem Driver;c:\windows\system32\Drivers\FaxLffv2.sys;c:\windows\SYSNATIVE\Drivers\FaxLffv2.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 PassThru Service;Internet Pass-Through Service; [x]
R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.23\RivaTuner64.sys;c:\program files (x86)\RivaTuner v2.23\RivaTuner64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XMLDIUSB;XML USB Device Interface;c:\windows\system32\Drivers\XMLDIUSB.sys;c:\windows\SYSNATIVE\Drivers\XMLDIUSB.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 chromoting;Služba Vzdálené plochy Chrome;c:\program files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe;c:\program files (x86)\Google\Chrome Remote Desktop\42.0.2311.39\remoting_host.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys;c:\windows\SYSNATIVE\DRIVERS\FwLnk.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-20 23:51 986440 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.65\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-05-23 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-20 16:36]
.
2015-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 16:36]
.
2015-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 17:59]
.
2015-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-03 17:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-03-20 09:24 667808 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-03-20 09:24 667808 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-03-20 09:24 667808 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-17 07:51 244672 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-17 07:51 244672 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-17 07:51 244672 ----a-w- c:\users\XDANCUMP\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\XDANCUMP\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-03-22 521272]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2012-03-09 462712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
uDefault_Search_URL = www.google.com
mDefault_Search_URL = www.google.com
mDefault_Page_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
mSearch Page = www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: hola.org
Trusted Zone: vodafone.cz\prm
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1E6F3810-D2B4-4B9A-8E92-734326B3914C}: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{1E6F3810-D2B4-4B9A-8E92-734326B3914C}\94E6472716E65647: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{1E6F3810-D2B4-4B9A-8E92-734326B3914C}\94E66756D616: NameServer = 208.67.222.222,208.67.220.220
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1553764949-2249715022-3334135275-1000\>*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1553764949-2249715022-3334135275-1000\Ů*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Tablet\Pen\WacomHost.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtAvAC.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
.
**************************************************************************
.
Celkový čas: 2015-05-24 03:24:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-05-24 01:24
.
Před spuštěním: Volných bajtů: 101 625 573 376
Po spuštění: Volných bajtů: 101 390 651 392
.
- - End Of File - - F76B8C261E2AE68229270EA90138CD17
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#29 Příspěvek od Sainzik »

minulý týden mi kolega rikal ze mi ho jeste pred predanim nejak procisti (PC)
Nahoru
Sainzik
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 27 kvě 2015 14:49

Re: Prosím o kontrolu - Sai

#30 Příspěvek od Sainzik »

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate Edition SP1 [6.1 Build 7601] (x64)
Date : 2015/05/29 22:13:24

-- Controller Map ----------------------------------------------------------
+ Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
- Hitachi HTS545050B9A300 SCSI Disk Device
- MATSHITA DVD-RAM UJ890AS SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS545050B9A300 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS545050B9A300
----------------------------------------------------------------------------
Model : Hitachi HTS545050B9A300
Firmware : PB4OC64G
Serial Number : 100620PBN403B7HD6JDL
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 7208 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 19058 hod.
Power On Count : 4122 krát
Temparature : 35 C (95 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 143 143 _33 001500000002 Čas na roztočení ploten
04 _98 _98 __0 000000001027 Počet spuštění/zastavení
05 100 100 __5 000000000004 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _57 _57 __0 000000004A72 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _98 _98 __0 00000000101A Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000004D Počet vypnutí disku
C1 _74 _74 __0 000000040FB3 Počet cyklů načítání/vymazání
C2 157 157 __0 0031FFFC0023 Teplota
C4 100 100 __0 000000000004 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3130 3036 3230 5042 4E34 4237 4237 4844 364A 444C
020: 0003 3850 0004 5042 344F 3447 3447 4869 7461 6368
030: 6920 4854 5335 3435 3035 3941 3941 3330 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 005E 004C
080: 01FC 0028 746B 7F69 6163 BC49 BC49 6163 407F 004E
090: 004F 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 8848 5000 CCA5
110: F0D3 A477 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 000B
130: 0023 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 3454 0000 0000 8181 8181 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E5A5
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“