Pomalý internet

Zpráva

out_of_space · #1 Příspěvek od **out_of_space** » 02 zář 2016 23:35

Zdravím,
přijel jsem k rodičům a mají podivně pomalý internet. Můžete zkouknout log, jestli tam něco nemají?
Díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by strakaz at 2016-09-03 00:26:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (28%) free of 99 GB
Total RAM: 8159 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:26:39, on 3.9.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18427)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\strakaz\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Users\strakaz\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
D:\programy\adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\strakaz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Qualys BrowserCheck IE Helper - {7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5} - C:\Windows\Downloaded Program Files\qbc_bho.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\programy\adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\programy\adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKCU\..\Run: [BingSvc] C:\Users\strakaz\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\strakaz\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\strakaz\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ZoneAlarm Windows 10 Upgrader] "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\hry\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Consumer Service (WTabletServiceCon) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe

--
End of file - 12807 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
/QuitInfo:0000000000000258;0000000000000270; /AddRef;
"C:\Program Files\Tablet\Pen\WTabletServiceCon.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
/QuitInfo:0000000000000150;00000000000001EC; /AddRef;
/QuitInfo:00000000000001D0;000000000000018C;
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
/loadhooks /Parent:000000000000064C
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Tablet\Pen\WacomHost.exe" "C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Users\strakaz\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
szndesktop.exe default start
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Users\strakaz\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1668432497-1806650458-853074043-808597542-2123309015-1573293704-5798959941852542428
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"D:\programy\adobe\Acrobat 10.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
C:\Windows\splwow64.exe 12288
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"d:\Users\strakaz\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d08fa52ef2b40e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fa52f8b9aec.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.4]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\programy\adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=D:\programy\adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.5.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=D:\programy\adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\extensions\
bingsearch.full@microsoft.com
pavel.sherbakov@gmail.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\searchplugins\
hrycz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5}]
Qualys BrowserCheck IE Helper - C:\Windows\Downloaded Program Files\qbc_bho.dll [2012-11-29 173480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24 343456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-19 11613288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-13 617120]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-13 379552]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-10 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-10 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-10 441888]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2011-03-14 2779024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\strakaz\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-11 144008]
"cz.seznam.software.autoupdate"=C:\Users\strakaz\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\strakaz\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^strakaz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.9u3.lnk]
D:\programy\FREERA~1.9U3\frd.exe [2013-09-15 35840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-07-16 56128]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2015-11-07 134792]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2011-08-04 1612920]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-12-06 766208]
""= []
"Adobe Acrobat Speed Launcher"=D:\programy\adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2015-09-24 41360]
"Acrobat Assistant 8.0"=D:\programy\adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2015-09-24 840592]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-08-24 23889496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-10 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2009-10-02 134656]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.x264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.MLCY"=mlc.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-30 17:22:17 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-08-17 11:02:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-08-17 11:02:58 ----A---- C:\Windows\system32\tzres.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-08-10 19:00:29 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\wdigest.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\TSpkg.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\sspisrv.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\sspicli.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\schannel.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\secur32.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\rpchttp.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\rpcrt4.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\ncrypt.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\msv1_0.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\msobjs.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\msaudite.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\lsass.exe
2016-08-10 19:00:29 ----A---- C:\Windows\system32\lsasrv.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\kerberos.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-08-10 19:00:29 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-08-10 19:00:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-08-10 19:00:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-08-10 19:00:29 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-08-10 19:00:29 ----A---- C:\Windows\system32\cryptbase.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\credssp.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\certcli.dll
2016-08-10 19:00:29 ----A---- C:\Windows\system32\auditpol.exe
2016-08-10 19:00:29 ----A---- C:\Windows\system32\adtschema.dll
2016-08-10 19:00:25 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-08-10 19:00:25 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-08-10 19:00:25 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-08-10 19:00:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-08-10 19:00:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-08-10 19:00:25 ----A---- C:\Windows\system32\iernonce.dll
2016-08-10 19:00:25 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-08-10 19:00:25 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-08-10 19:00:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-08-10 19:00:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-08-10 19:00:24 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-08-10 19:00:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-08-10 19:00:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-08-10 19:00:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-08-10 19:00:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-08-10 19:00:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-08-10 19:00:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-10 19:00:24 ----A---- C:\Windows\system32\inseng.dll
2016-08-10 19:00:24 ----A---- C:\Windows\system32\ie4uinit.exe
2016-08-10 19:00:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-08-10 19:00:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-08-10 19:00:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-08-10 19:00:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-08-10 19:00:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-08-10 19:00:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-08-10 19:00:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-08-10 19:00:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-08-10 19:00:23 ----A---- C:\Windows\system32\urlmon.dll
2016-08-10 19:00:23 ----A---- C:\Windows\system32\occache.dll
2016-08-10 19:00:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-10 19:00:23 ----A---- C:\Windows\system32\msfeeds.dll
2016-08-10 19:00:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-08-10 19:00:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-08-10 19:00:23 ----A---- C:\Windows\system32\dxtrans.dll
2016-08-10 19:00:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-08-10 19:00:22 ----A---- C:\Windows\system32\iesetup.dll
2016-08-10 19:00:22 ----A---- C:\Windows\system32\iertutil.dll
2016-08-10 19:00:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-08-10 19:00:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-08-10 19:00:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-08-10 19:00:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-08-10 19:00:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-08-10 19:00:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-08-10 19:00:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-08-10 19:00:21 ----A---- C:\Windows\system32\vbscript.dll
2016-08-10 19:00:21 ----A---- C:\Windows\system32\jsproxy.dll
2016-08-10 19:00:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-08-10 19:00:20 ----A---- C:\Windows\system32\mshtmled.dll
2016-08-10 19:00:20 ----A---- C:\Windows\system32\ieui.dll
2016-08-10 19:00:20 ----A---- C:\Windows\system32\ieframe.dll
2016-08-10 19:00:20 ----A---- C:\Windows\system32\dxtmsft.dll
2016-08-10 19:00:19 ----A---- C:\Windows\system32\wininet.dll
2016-08-10 19:00:19 ----A---- C:\Windows\system32\webcheck.dll
2016-08-10 19:00:19 ----A---- C:\Windows\system32\jscript9diag.dll
2016-08-10 19:00:19 ----A---- C:\Windows\system32\jscript9.dll
2016-08-10 19:00:19 ----A---- C:\Windows\system32\jscript.dll
2016-08-10 19:00:19 ----A---- C:\Windows\system32\ieUnatt.exe
2016-08-10 19:00:18 ----A---- C:\Windows\system32\msrating.dll
2016-08-10 19:00:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-08-10 19:00:18 ----A---- C:\Windows\system32\mshtml.dll
2016-08-10 18:59:56 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2016-09-03 00:26:38 ----D---- C:\Program Files\trend micro
2016-09-03 00:26:34 ----D---- C:\Windows\Temp
2016-09-03 00:22:43 ----D---- C:\Users\strakaz\AppData\Roaming\Seznam.cz
2016-09-03 00:21:14 ----D---- C:\Windows\SoftwareDistribution
2016-09-03 00:20:27 ----D---- C:\Windows
2016-09-03 00:20:12 ----A---- C:\Windows\SYSWOW64\log.txt
2016-09-03 00:18:36 ----D---- C:\Windows\inf
2016-09-03 00:18:14 ----D---- C:\Windows\system32\config
2016-09-02 18:50:14 ----RSD---- C:\Windows\Fonts
2016-09-02 13:27:58 ----D---- C:\ProgramData\CanonIJPLM
2016-09-01 08:57:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-31 13:30:00 ----D---- C:\Windows\system32\Tasks
2016-08-31 09:18:50 ----SHD---- C:\System Volume Information
2016-08-31 08:49:05 ----RD---- C:\Program Files (x86)
2016-08-30 10:35:15 ----D---- C:\Windows\SysWOW64
2016-08-30 10:35:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-08-30 09:35:02 ----D---- C:\Windows\system32\Macromed
2016-08-30 09:34:58 ----D---- C:\Windows\SYSWOW64\Macromed
2016-08-30 09:27:22 ----D---- C:\Windows\Prefetch
2016-08-30 09:23:25 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-08-28 13:22:38 ----D---- C:\Windows\system32\DriverStore
2016-08-24 19:42:19 ----D---- C:\Program Files (x86)\Dropbox
2016-08-23 22:01:14 ----SHD---- C:\Windows\Installer
2016-08-23 22:01:13 ----D---- C:\ProgramData\Microsoft Help
2016-08-22 17:46:42 ----D---- C:\Windows\rescache
2016-08-18 01:08:46 ----D---- C:\Windows\winsxs
2016-08-18 01:08:35 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-08-18 01:08:35 ----D---- C:\Windows\system32\cs-CZ
2016-08-18 01:08:35 ----D---- C:\Windows\System32
2016-08-11 06:36:36 ----D---- C:\Windows\debug
2016-08-11 06:32:58 ----D---- C:\Windows\SYSWOW64\en-US
2016-08-11 06:32:58 ----D---- C:\Windows\system32\drivers
2016-08-11 06:32:58 ----D---- C:\Program Files\Internet Explorer
2016-08-11 06:32:57 ----D---- C:\Windows\system32\en-US
2016-08-11 06:32:57 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-10 21:09:21 ----D---- C:\Windows\system32\MRT
2016-08-10 20:58:36 ----AC---- C:\Windows\system32\MRT.exe
2016-08-10 18:59:25 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-07-09 645952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-07-09 27456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-08-28 263296]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2016-08-28 197288]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2015-11-07 462304]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-12-30 314016]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-08-28 181416]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-12-30 43680]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 626176]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-09-14 129000]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-09-14 394216]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-09-24 94208]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2012-08-11 482128]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-08-06 14136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-23 2565736]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-11-10 60184]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2014-08-06 102200]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2014-08-06 15160]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-03-13 51872]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-12-25 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2014-12-25 30424]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 239616]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-08-28 2780160]
R2 IAStorDataMgrSvc;Úložná technologie Intel® Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-07-09 7168]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2011-02-07 138192]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2012-07-27 170824]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-05-10 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-05-15 277784]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-10-01 76152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-05-15 363800]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2015-11-07 3722912]
R2 WTabletServiceCon;Wacom Consumer Service; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2014-08-19 656664]
R2 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2015-10-19 96272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-25 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-30 270016]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-25 143144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-08-02 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-08-24 146888]
S3 Origin Client Service;Origin Client Service; D:\hry\Origin\OriginClientService.exe [2015-12-24 2104840]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 03 zář 2016 02:53

Zdravim

Pokud nepouzivate, odinstalujte Seznam Software.

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

out_of_space · #3 Příspěvek od **out_of_space** » 03 zář 2016 20:08

Seznam jsem smazal. Zde je log z ADW:

# AdwCleaner v6.010 - Log soubor vytvořen 03/09/2016 na 10:06:37
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-03.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : strakaz - STRAKAZ-PC
# Beží od : d:\Users\strakaz\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\strakaz\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
[-] Adresář smazán:C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Klíč smazán:[x64] HKLM\SOFTWARE\CheckPoint\ISW
[-] Klíč smazán:HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Check Point Software Technologies LTD
[-] Klíč smazán:HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[#] Klíč smazán po restartování:HKCU\Software\Check Point Software Technologies LTD
[-] Klíč smazán:HKLM\SOFTWARE\Check Point Software Technologies LTD
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Klíč smazán:HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd

***** [ Prohlížeče ] *****

[-] [C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2463 Bajtů] - [03/09/2016 10:06:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [2828 Bajtů] - [03/09/2016 10:05:30]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2611 Bajtů] ##########

out_of_space · #4 Příspěvek od **out_of_space** » 03 zář 2016 20:08

A z MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 3.9.2016
Čas skenování: 18:23
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.09.03.05
Databáze rootkitů: v2016.08.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: strakaz

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 695952
Uplynulý čas: 2 hod, 30 min, 14 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
RiskWare.Tool.CK, C:\FRST\Quarantine\C\Windows\KMService.exe.xBAD, Do karantény, [467b89e4c8d22e08684830d8709239c7],
PUP.Optional.DownTango, D:\Záloha 01-2013\Users\zdenek\Downloads\Borderlands.2.Captain.Scarlett.and.her.Pirates.Booty.DLC_SKIDROW.rar_downloader.exe, Do karantény, [18a93c31e3b76bcb9a32f93108f9a858],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#5 Příspěvek od **Márty84** » 03 zář 2016 20:32

Nalezy MBAM nechte odstranit.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

out_of_space · #6 Příspěvek od **out_of_space** » 03 zář 2016 21:46

Píše mi to, že se frst64.exe nenachází na ploše, i když tam je.

out_of_space · #7 Příspěvek od **out_of_space** » 03 zář 2016 23:13

Zkusil jsem spustit přímo frst bez launcheru:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by strakaz (administrator) on STRAKAZ-PC (04-09-2016 00:04:23)
Running from d:\Users\strakaz\Desktop
Loaded Profiles: strakaz (Available Profiles: strakaz)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(© 2015 Microsoft Corporation) C:\Users\strakaz\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Inc.) D:\programy\adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134792 2015-11-07] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\programy\adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\programy\adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [BingSvc] => C:\Users\strakaz\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\MountPoints2: {6325da81-6c73-11e2-bbbd-002683398bf4} - G:\setup_divinity_original_sin_enhanced_edition_2.0.0.3.exe
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\MountPoints2: {8ec182d0-51f9-11e3-a882-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F5AF295F-5FF5-4960-BF88-B8F965996553}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKU\S-1-5-21-253393509-1660539166-1249913372-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-253393509-1660539166-1249913372-1000 -> {7B1EB349-2DA1-40AE-8B50-EA9270D6A772} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Qualys BrowserCheck IE Helper -> {7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5} -> C:\Windows\Downloaded Program Files\qbc_bho.dll => No File
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems Incorporated)

FireFox:
========
FF ProfilePath: C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default
FF NewTab: chrome://fvd.speeddial/content/fvd_about_blank.html
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxps://www.seznam.cz/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-30] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\Windows\system32\npDeployJava1.dll [2013-01-22] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> D:\programy\adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Acrobat -> D:\programy\adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> D:\programy\adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-253393509-1660539166-1249913372-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\strakaz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-253393509-1660539166-1249913372-1000: ubisoft.com/uplaypc -> D:\hry\trials\datapack\orbit\npuplaypc.dll [2013-03-18] (Ubisoft)
FF SearchPlugin: C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\searchplugins\hrycz.xml [2014-02-08]
FF Extension: (FastestFox) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\extensions\smarterwiki@wikiatic.com.xpi [2016-05-10]
FF Extension: (Disconnect) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\extensions\2.0@disconnect.me.xpi [2016-05-10]
FF Extension: (Google Translator for Firefox) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\extensions\translator@zoli.bod.xpi [2016-05-10]
FF Extension: (Greasemonkey) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-08-21]
FF Extension: (Speed Dial [FVD] - New Tab Page, Sync...) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\extensions\pavel.sherbakov@gmail.com [2016-08-25]
FF Extension: (Bing Search) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\Extensions\bingsearch.full@microsoft.com [2015-07-04] [not signed]
FF Extension: (Adblock Plus) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-08]
FF Extension: (Seznam lištička) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-07-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\programy\adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - D:\programy\adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2015-11-08] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-24]
CHR Extension: (Dokumenty Google) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Disk Google) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Seznam Lištička - Email) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-07-08]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-02-11]
CHR Extension: (YouTube) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Tampermonkey) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-07-27]
CHR Extension: (Tabulky Google) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Iomods) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2016-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-10-30]
CHR Extension: (Gmail) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\strakaz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-25] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-25] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2780160 2016-08-28] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
S3 Origin Client Service; D:\hry\Origin\OriginClientService.exe [2104840 2015-12-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-10-01] ()
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3722912 2015-11-07] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-12-30] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263296 2016-08-28] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197288 2016-08-28] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [181416 2016-08-28] (ESET)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-12-25] (Sony Mobile Communications)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2012-07-09] (Intel Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-12-30] ()
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462304 2015-11-07] (Check Point Software Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-03 20:57 - 2016-09-03 20:57 - 00000000 ___RD C:\Users\strakaz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-09-03 10:16 - 2016-09-03 20:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-03 10:16 - 2016-09-03 10:16 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-03 10:16 - 2016-09-03 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-03 10:16 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-09-03 10:16 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-03 10:16 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-09-03 10:15 - 2016-09-03 10:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-03 10:15 - 2016-09-03 10:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-03 10:04 - 2016-09-03 10:06 - 00000000 ____D C:\AdwCleaner
2016-09-03 01:23 - 2016-09-03 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-30 17:22 - 2016-08-31 08:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-08-17 11:02 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 11:02 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-10 19:00 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-10 19:00 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-10 19:00 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-10 19:00 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-10 19:00 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-10 19:00 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-10 19:00 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-10 19:00 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-10 19:00 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-10 19:00 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-10 19:00 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-10 19:00 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-10 19:00 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-10 19:00 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-10 19:00 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-10 19:00 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-10 19:00 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-10 19:00 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-10 19:00 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-10 19:00 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-10 19:00 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-10 19:00 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-10 19:00 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-10 19:00 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-10 19:00 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-10 19:00 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-10 19:00 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-10 19:00 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-10 19:00 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-10 19:00 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-10 19:00 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-10 19:00 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-10 19:00 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-10 19:00 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-10 19:00 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-10 19:00 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-10 19:00 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-10 19:00 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-10 19:00 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-10 19:00 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-10 19:00 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-10 19:00 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-10 19:00 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-10 19:00 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-10 19:00 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-10 19:00 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-10 19:00 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-10 19:00 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-10 19:00 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-10 19:00 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-10 19:00 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-10 19:00 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-10 19:00 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-10 19:00 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-10 19:00 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-10 19:00 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-10 19:00 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-10 19:00 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-10 19:00 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-10 19:00 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-10 19:00 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-10 19:00 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-10 19:00 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-10 19:00 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-10 19:00 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-10 19:00 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-10 19:00 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-10 19:00 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-10 19:00 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-10 19:00 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-10 19:00 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-10 19:00 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-10 19:00 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-10 19:00 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-10 19:00 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-10 19:00 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-10 19:00 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-10 19:00 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-10 19:00 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-10 19:00 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-10 18:59 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 00:04 - 2015-05-24 01:22 - 00000000 ____D C:\FRST
2016-09-03 23:35 - 2015-06-09 20:09 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-03 23:29 - 2016-02-25 12:24 - 00000910 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-03 23:05 - 2015-07-15 23:05 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fa52f8b9aec.job
2016-09-03 23:05 - 2015-07-15 23:05 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fa52ef2b40e.job
2016-09-03 22:38 - 2015-05-24 12:08 - 00029696 _____ C:\Users\strakaz\AppData\Local\MSGBOX.EXE
2016-09-03 21:09 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-03 21:09 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-03 20:58 - 2016-02-25 12:29 - 00000000 ___RD C:\Users\strakaz\Dropbox
2016-09-03 20:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-03 20:56 - 2016-02-25 12:24 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-03 20:56 - 2013-01-22 18:37 - 00000000 ____D C:\Windows\PCHEALTH
2016-09-03 20:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-03 10:06 - 2013-06-09 08:51 - 00000000 ____D C:\Users\strakaz\AppData\Roaming\CheckPoint
2016-09-03 10:03 - 2015-07-05 21:35 - 00000000 ____D C:\Users\strakaz\AppData\Roaming\Seznam.cz
2016-09-03 01:23 - 2016-02-25 12:24 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-03 00:27 - 2014-12-05 14:57 - 00000000 ____D C:\Users\strakaz\AppData\Local\Adobe
2016-09-03 00:26 - 2015-08-19 00:56 - 00000000 ____D C:\Program Files\trend micro
2016-09-03 00:19 - 2009-07-14 06:45 - 05505752 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-03 00:18 - 2013-02-02 09:42 - 00000000 ____D C:\Users\strakaz\AppData\Local\CrashDumps
2016-09-02 18:59 - 2013-01-22 17:13 - 00099760 _____ C:\Users\strakaz\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-02 13:27 - 2013-12-09 19:29 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-02 10:17 - 2014-12-07 19:17 - 00000132 _____ C:\Users\strakaz\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2016-09-01 08:57 - 2013-02-01 21:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-30 10:35 - 2013-01-22 18:44 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-08-30 10:35 - 2013-01-22 18:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-30 10:35 - 2013-01-22 18:44 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-08-30 09:35 - 2013-01-22 18:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-08-30 09:34 - 2013-01-22 18:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-08-30 09:23 - 2016-07-11 20:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-28 13:22 - 2015-03-10 17:24 - 00263296 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2016-08-28 13:22 - 2015-03-10 17:24 - 00197288 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2016-08-28 13:22 - 2015-03-10 17:24 - 00181416 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys
2016-08-27 14:52 - 2014-12-03 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-08-27 09:15 - 2013-02-01 21:15 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-27 09:15 - 2013-02-01 21:15 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-22 17:46 - 2016-07-16 03:08 - 00000000 ____D C:\Windows\rescache
2016-08-10 21:09 - 2013-09-07 11:06 - 00000000 ____D C:\Windows\system32\MRT
2016-08-10 20:58 - 2013-01-22 17:43 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-08 22:55 - 2013-03-14 00:29 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 22:55 - 2013-03-14 00:29 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2014-12-07 19:17 - 2016-09-02 10:17 - 0000132 _____ () C:\Users\strakaz\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-11-14 13:20 - 2016-03-04 18:14 - 0001480 _____ () C:\Users\strakaz\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-05-24 12:08 - 2016-09-03 22:38 - 0029696 _____ () C:\Users\strakaz\AppData\Local\MSGBOX.EXE
2013-02-25 20:09 - 2013-04-25 13:46 - 0007597 _____ () C:\Users\strakaz\AppData\Local\Resmon.ResmonCfg
2008-02-05 15:28 - 2008-02-05 15:28 - 0000051 _____ () C:\Users\strakaz\AppData\Local\setup.txt

Some files in TEMP:
====================
C:\Users\strakaz\AppData\Local\Temp\libeay32.dll
C:\Users\strakaz\AppData\Local\Temp\msvcr120.dll
C:\Users\strakaz\AppData\Local\Temp\sqlite3.dll
C:\Users\strakaz\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-28 02:50

==================== End of FRST.txt ============================

#8 Příspěvek od **Márty84** » 04 zář 2016 08:50

Vypnete trvale Windows Defender

Napiste mi velikost adresare plochy (C:\Users\strakaz\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\programy\adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\programy\adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [BingSvc] => C:\Users\strakaz\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
BHO-x32: Qualys BrowserCheck IE Helper -> {7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5} -> C:\Windows\Downloaded Program Files\qbc_bho.dll => No File

FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Extension: (Bing Search) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\Extensions\bingsearch.full@microsoft.com [2015-07-04] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fa52ef2b40e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fa52f8b9aec.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

out_of_space · #9 Příspěvek od **out_of_space** » 04 zář 2016 09:37

Tak defender vypnut, velikost plochy je něco přes 900MB.

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by strakaz (04-09-2016 10:27:32) Run:2
Running from d:\Users\strakaz\Desktop
Loaded Profiles: strakaz (Available Profiles: strakaz)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\programy\adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\programy\adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems Inc.)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [BingSvc] => C:\Users\strakaz\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
BHO-x32: Qualys BrowserCheck IE Helper -> {7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5} -> C:\Windows\Downloaded Program Files\qbc_bho.dll => No File

FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Extension: (Bing Search) - C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\Extensions\bingsearch.full@microsoft.com [2015-07-04] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27 144200]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fa52ef2b40e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fa52f8b9aec.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Speed Launcher => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value removed successfully
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner => value removed successfully
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-253393509-1660539166-1249913372-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5}" => key removed successfully
Firefox SearchEngineOrder.3 removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox "Keyword.URL" removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.4" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.5.1" => key removed successfully
C:\Users\strakaz\AppData\Roaming\Mozilla\Firefox\Profiles\de5bk8x7.default\Extensions\bingsearch.full@microsoft.com => moved successfully
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
SwitchBoard => service removed successfully
AdobeARMservice => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
gupdatem => service removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08fa52ef2b40e.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08fa52f8b9aec.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0 => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5132434 B
Java, Flash, Steam htmlcache => 281180039 B
Windows/system/drivers => 2405770 B
Edge => 0 B
Chrome => 2954240 B
Firefox => 27332343 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 9304 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
strakaz => 5291386 B

RecycleBin => 0 B
EmptyTemp: => 317.3 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:27:53 ====

#10 Příspěvek od **Márty84** » 04 zář 2016 10:19

out_of_space píše:velikost plochy je něco přes 900MB

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

out_of_space · #11 Příspěvek od **out_of_space** » 04 zář 2016 20:47

Díky, vypadá to, že už je vše v pořádku.

#12 Příspěvek od **Márty84** » 05 zář 2016 03:35

To jsem rad

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Pomalý internet

Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet

Re: Pomalý internet