Pomalé PC

[michalluso]

Dobrý den,
prosím o pomoc. PC je nějaké malinko zpomalené.




Logfile of random's system information tool 1.10 (written by random/random)
Run by Mysak at 2016-08-31 10:58:56
Microsoft Windows 10 Home
System drive C: has 171 GB (36%) free of 476 GB
Total RAM: 3789 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:59:04, on 31.8.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0545)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Users\Mysak\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Mysak\AppData\Roaming\BitTorrent\updates\7.9.8_42450\utorrentie.exe
C:\Users\Mysak\AppData\Roaming\BitTorrent\updates\7.9.8_42450\utorrentie.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\eM Client\MailClient.exe
C:\Program Files\trend micro\Mysak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O3 - Toolbar: MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Mysak\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [eM Client] "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: webVT.lnk = C:\ATEQ\webVT\webVT.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73888E2B-FF04-416C-8847-984D7FC4507F} (RtspVaPgCtrlNew2 Class) - http://10.0.0.102/RtspVaPgDecNew2.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Acronis Managed Machine Service Mini (mmsminisrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: StartImePrograms - Unknown owner - C:\Program Files (x86)\I+ME Actia GmbH\Virtual Keyboard\StartImePrograms.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem73.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13449 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\viakaraokesrv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe"
dashost.exe {4e2d649c-203c-4dd6-bfac65212fd44a14}
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Users\Mysak\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Users\Mysak\AppData\Roaming\BitTorrent\updates\7.9.8_42450\utorrentie.exe" BitTorrent_5880_00B7E000_930069712 BT4823DF041B09 BitTorrent
"C:\Users\Mysak\AppData\Roaming\BitTorrent\updates\7.9.8_42450\utorrentie.exe" BitTorrent_5880_00B7E390_1901605795 BT4823DF041B09 BitTorrent
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"fontdrvhost.exe"
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x1b4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2500.0.822836813\521227101" --mojo-application-channel-token=95F0A0EC5AB7580AF672C76A5C7ABB08 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,27,47,55 --gpu-vendor-id=0x8086 --gpu-device-id=0x0152 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.4276 --gpu-driver-date=8-17-2015 --mojo-platform-channel-handle=1584 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=B38F41E8D0D3743B7149F64893C9FBD7 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=FA1D644CEEAC5E84084065FDB6C9B0A3 --mojo-application-channel-token=27FA90E6DB62CAA57C0EF787D74F50BD --channel="2500.6.810573086\792761476" --mojo-platform-channel-handle=4612 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=8983DF4A460053FB53CE2AAB67AA2721 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2F54024E8F4228F4E3D86358BEDBF04F --mojo-application-channel-token=2582B9714525467F85AB2B1F3CB4AD63 --channel="2500.8.1120641368\1929548535" --mojo-platform-channel-handle=2296 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=7058A2A8B4D3F1528F2C30780D509C66 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=DD76E812566A9E2F53C1CCC53F1A24CC --mojo-application-channel-token=A61A8E728BCE9FF9CC1FFC7C65095C07 --channel="2500.10.1192791611\2139699896" --mojo-platform-channel-handle=5420 /prefetch:1
C:\WINDOWS\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=6C7E9CD6336EB9F3B9331A8D49A17A09 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=A4FFABFC6AFE0EBA5C89ED05DDF6E011 --mojo-application-channel-token=33C1B3F8AF53DBFC5C4AE38AB2AA6CB1 --channel="2500.37.1566175977\993012418" --mojo-platform-channel-handle=3908 /prefetch:1
C:\WINDOWS\splwow64.exe 8192
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=5E38B2D017EA1E37A5EB957AA5D687BC --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=EB56A0E262F474297541E52DB88CBCFC --mojo-application-channel-token=745CE9258A6CF235D18204C2D7A27416 --channel="2500.69.628623568\33793253" --mojo-platform-channel-handle=10156 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=C3E9B826F3C8EC437505A1234BD2C07D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BCF3E05044252786ED5D5A9AF1E2F847 --mojo-application-channel-token=F2E49FF9210787255F8F42A4335B4A62 --channel="2500.79.1545037733\73048027" --mojo-platform-channel-handle=9936 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=2294741454CA6250B5A237D59C5294A9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=AFBB308AFA53A3CA656C4B15B9B449FB --mojo-application-channel-token=AA5A08952D3FEB97A4BE470A576DABC6 --channel="2500.80.368776027\2036671086" --mojo-platform-channel-handle=3664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=00138D4C3F6A5C0AEADD152AD0D51B6D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=C0F6D4304D9F210FE13EA480DF05230C --mojo-application-channel-token=CBCC43A4D1325A1552C9C827B209282F --channel="2500.83.1342596778\349197317" --mojo-platform-channel-handle=7404 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=AE9F2128E2506118F3F905A77275724A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=345DF1C62472AE46BAA57BE7DF97E7C3 --mojo-application-channel-token=A47A5DBF65EF1E007EC00074DDDBDA7F --channel="2500.87.1163886718\1703630095" --mojo-platform-channel-handle=10196 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=E7FA4EC25DF504AA846E0187EE35A78D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=7536A8F55BA53386DFF38E71109A51C4 --mojo-application-channel-token=3C79470B7B6F68586EEAC87AEDBEB37C --channel="2500.88.174325339\1075226627" --mojo-platform-channel-handle=8204 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=374576162414619516560808F88217C7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=439E310E8C3516DAE09585ADCDCF1E89 --mojo-application-channel-token=7123B24E4F61EF0619215BFBF4862BDA --channel="2500.93.1940193412\1460772928" --mojo-platform-channel-handle=10856 /prefetch:1
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/*PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentB/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/Checks/ --primordial-pipe-token=0FECD29B3AF65A347C16F7C44CEC9B1E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=25863355D237398FE8097015A82FCEC3 --mojo-application-channel-token=312E4563B106E1B4CE412E65DC2466DE --channel="2500.123.441291186\1393035393" --mojo-platform-channel-handle=904 /prefetch:1
"C:\Program Files (x86)\eM Client\MailClient.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1744585618-2728888235-3045379412-100014_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1744585618-2728888235-3045379412-100014 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 592 596 604 8192 600
taskeng.exe {2F37B4BC-6F45-4782-8615-EA905C6B9F5C}
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Mysak\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-24 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}]
MyStart Toolbar - C:\Program Files (x86)\mystarttb\mystartDx64.dll [2015-12-11 131096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-23 461888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-24 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}]
MyStart Toolbar - C:\Program Files (x86)\mystarttb\mystartDx.dll [2015-12-11 115224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-23 173120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ccb24e92-62c4-4c53-95d2-65f9eed476bc} - MyStart Toolbar - C:\Program Files (x86)\mystarttb\mystartDx64.dll [2015-12-11 131096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{ccb24e92-62c4-4c53-95d2-65f9eed476bc} - MyStart Toolbar - C:\Program Files (x86)\mystarttb\mystartDx.dll [2015-12-11 115224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2016-04-26 562544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Mysak\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-25 633024]
"eM Client"=C:\Program Files (x86)\eM Client\MailClient.exe [2016-02-29 15698792]
"BitTorrent"=C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe [2016-08-15 2140680]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-07-13 8891608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-23 7139256]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-08-24 23889496]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2016-04-25 421768]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2016-04-26 7377424]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20 595992]
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2014-02-12 330040]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
webVT.lnk - C:\ATEQ\webVT\webVT.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-31 10:58:56 ----D---- C:\rsit
2016-08-31 10:58:56 ----D---- C:\Program Files\trend micro
2016-08-29 15:16:14 ----D---- C:\Program Files\HP
2016-08-25 07:39:56 ----D---- C:\Users\Mysak\AppData\Roaming\Skype
2016-08-22 09:47:29 ----D---- C:\Users\Mysak\AppData\Roaming\Hewlett-Packard Company
2016-08-22 09:45:41 ----D---- C:\WINDOWS\LastGood.Tmp
2016-08-22 09:34:30 ----A---- C:\WINDOWS\system32\hpzjcd01.dll
2016-08-22 09:34:30 ----A---- C:\WINDOWS\system32\hpwia2_lj225226.dll
2016-08-22 09:34:30 ----A---- C:\WINDOWS\system32\hpptsplj225226_x64.dll
2016-08-22 09:34:29 ----A---- C:\WINDOWS\SYSWOW64\hpptsplj225226.dll
2016-08-22 09:34:12 ----A---- C:\WINDOWS\system32\hpcpn165.dll
2016-08-22 09:34:08 ----A---- C:\WINDOWS\SYSWOW64\hpcc3165.dll
2016-08-10 08:09:15 ----A---- C:\WINDOWS\system32\wmp.dll
2016-08-10 08:09:15 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 08:09:14 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2016-08-10 08:09:14 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 08:09:13 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-08-10 08:09:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2016-08-10 08:09:12 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-08-10 08:09:12 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-08-10 08:09:11 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-08-10 08:09:11 ----A---- C:\WINDOWS\system32\wevtutil.exe
2016-08-10 08:09:11 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-08-10 08:09:10 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 08:09:10 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 08:09:10 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-10 08:09:10 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-10 08:09:10 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-10 08:09:09 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2016-08-10 08:09:09 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-08-10 08:09:09 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-08-10 08:09:09 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-08-10 08:09:09 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 08:09:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2016-08-10 08:09:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 08:09:06 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 08:09:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 08:09:04 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-10 08:09:04 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-08-10 08:09:03 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-08-10 08:09:03 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-08-10 08:09:02 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-08-10 08:09:02 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-08-10 08:09:02 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-10 08:09:02 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 08:09:01 ----A---- C:\WINDOWS\SYSWOW64\tdlrecover.exe
2016-08-10 08:09:01 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-08-10 08:09:01 ----A---- C:\WINDOWS\system32\usocore.dll
2016-08-10 08:09:01 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-08-10 08:09:00 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-08-10 08:09:00 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 08:09:00 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 08:08:59 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 08:08:59 ----A---- C:\WINDOWS\system32\cdd.dll
2016-08-10 08:08:58 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-08-10 08:08:58 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-08-10 08:08:58 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 08:08:58 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 08:08:57 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-08-10 08:08:57 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 08:08:57 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-08-10 08:08:57 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-08-10 08:08:56 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-08-10 08:08:56 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll
2016-08-10 08:08:56 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-08-10 08:08:56 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 08:08:55 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-10 08:08:55 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-10 08:08:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-10 08:08:54 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-10 08:08:54 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-10 08:08:53 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-10 08:08:53 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-10 08:08:53 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-08-10 08:08:52 ----A---- C:\WINDOWS\SYSWOW64\wevtutil.exe
2016-08-10 08:08:52 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-10 08:08:52 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-08-10 08:08:52 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-08-10 08:08:51 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-08-10 08:08:51 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-08-10 08:08:51 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 08:08:50 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-10 08:08:49 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 08:08:49 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 08:08:49 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-08-10 08:08:49 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-08-10 08:08:48 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 08:08:48 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 08:08:47 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 08:08:47 ----A---- C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 08:08:47 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 08:08:46 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 08:08:46 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 08:08:45 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-10 08:08:45 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 08:08:44 ----A---- C:\WINDOWS\system32\wldp.dll
2016-08-10 08:08:44 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 08:08:44 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 08:08:44 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 08:08:44 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 08:08:43 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-08-10 08:08:42 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-10 08:08:41 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-10 08:08:40 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-10 08:08:38 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-10 08:08:37 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-10 08:08:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-10 08:08:36 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-10 08:08:35 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-10 08:08:35 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-08-10 08:08:34 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-10 08:08:34 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-08-10 08:08:33 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-10 08:08:33 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-08-10 08:08:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-08-10 08:08:32 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2016-08-10 08:08:32 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 08:08:32 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-10 08:08:31 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-10 08:08:31 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-10 08:08:31 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-08-10 08:08:31 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 08:08:31 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-10 08:08:31 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-08-10 08:08:30 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-08-10 08:08:30 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-08-10 08:08:29 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-08-10 08:08:29 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 08:08:29 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-08-10 08:08:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 08:08:28 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-10 08:08:27 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 08:08:27 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-08-10 08:08:27 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2016-08-10 08:08:27 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 08:08:27 ----A---- C:\WINDOWS\system32\bthserv.dll
2016-08-10 08:08:26 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-08-10 08:08:26 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 08:08:26 ----A---- C:\WINDOWS\system32\Chakradiag.dll

======List of files/folders modified in the last 1 month======

2016-08-31 10:59:04 ----D---- C:\WINDOWS\prefetch
2016-08-31 10:58:56 ----RD---- C:\Program Files
2016-08-31 10:58:02 ----D---- C:\Users\Mysak\AppData\Roaming\BitTorrent
2016-08-31 10:55:50 ----D---- C:\Users\Mysak\AppData\Roaming\eM Client
2016-08-31 10:38:16 ----D---- C:\WINDOWS\Temp
2016-08-31 10:26:00 ----D---- C:\WINDOWS\system32\sru
2016-08-31 10:12:51 ----D---- C:\zaloha PC
2016-08-31 09:28:15 ----SHD---- C:\System Volume Information
2016-08-31 08:04:14 ----HD---- C:\Program Files\WindowsApps
2016-08-31 08:04:04 ----D---- C:\WINDOWS\AppReadiness
2016-08-31 07:35:27 ----D---- C:\WINDOWS\system32\drivers
2016-08-31 07:28:44 ----D---- C:\WINDOWS\system32\config
2016-08-29 16:39:23 ----D---- C:\WINDOWS\system32\Tasks
2016-08-29 16:39:23 ----AD---- C:\Program Files (x86)\TeamViewer
2016-08-29 15:18:24 ----SHD---- C:\WINDOWS\Installer
2016-08-29 15:18:23 ----AD---- C:\Program Files (x86)\HP
2016-08-29 15:17:17 ----D---- C:\WINDOWS\twain_32
2016-08-29 15:16:24 ----D---- C:\ProgramData\HP
2016-08-29 15:15:58 ----D---- C:\WINDOWS\INF
2016-08-29 15:15:42 ----D---- C:\WINDOWS\syswow64
2016-08-29 15:14:24 ----D---- C:\WINDOWS\System32
2016-08-29 15:14:24 ----A---- C:\WINDOWS\system32\AddPort.ini
2016-08-29 15:13:32 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-29 15:13:32 ----D---- C:\WINDOWS\system32\CatRoot
2016-08-29 09:21:15 ----D---- C:\WINDOWS\Microsoft.NET
2016-08-24 07:46:33 ----D---- C:\ProgramData\Microsoft Help
2016-08-24 07:45:19 ----D---- C:\WINDOWS\system32\catroot2
2016-08-24 07:29:50 ----D---- C:\Windows
2016-08-24 04:01:24 ----D---- C:\Program Files (x86)\Dropbox
2016-08-22 09:47:29 ----D---- C:\ProgramData\Hewlett-Packard
2016-08-16 13:34:56 ----HD---- C:\ProgramData
2016-08-16 10:19:11 ----D---- C:\WINDOWS\Logs
2016-08-12 14:52:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-12 10:21:45 ----D---- C:\WINDOWS\rescache
2016-08-11 10:13:27 ----D---- C:\WINDOWS\WinSxS
2016-08-11 00:50:49 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-11 00:50:49 ----D---- C:\WINDOWS\system32\en-US
2016-08-11 00:50:49 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-11 00:50:49 ----D---- C:\WINDOWS\system32\appraiser
2016-08-11 00:50:47 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-11 00:50:47 ----D---- C:\Program Files\Windows Journal
2016-08-11 00:50:47 ----D---- C:\Program Files\Internet Explorer
2016-08-11 00:50:47 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-10 08:40:37 ----D---- C:\WINDOWS\CbsTemp
2016-08-10 08:40:35 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 08:40:29 ----D---- C:\WINDOWS\system32\MRT
2016-08-10 08:31:54 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-08-06 11:54:53 ----AD---- C:\Program Files (x86)\Opera
2016-08-04 17:09:11 ----D---- C:\Users\Mysak\AppData\Roaming\TeamViewer
2016-08-01 07:56:27 ----D---- C:\WINDOWS\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-02-24 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-05 292704]
R0 file_tracker;Acronis File Tracker Driver; C:\WINDOWS\system32\DRIVERS\file_tracker.sys [2016-05-03 339800]
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2016-05-03 163160]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2016-05-03 340312]
R0 tib;Acronis TIB Manager; C:\WINDOWS\system32\DRIVERS\tib.sys [2016-05-03 1267552]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-03-23 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-02-24 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-03-09 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-02-24 463744]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-02-24 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-03-09 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-02-24 165344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tib_mounter;Acronis TIB Mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [2016-05-03 193376]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-08-27 3797424]
R3 iwdbus;@oem67.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 MEIx64;@oem15.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2015-10-30 12800]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 asmthub3;@oem13.inf,%asmthub3_ServiceDescription%;ASMedia USB3 Hub Service; C:\WINDOWS\System32\drivers\asmthub3.sys [2011-11-03 130536]
S3 asmtxhci;@oem20.inf,%asmtxhci_ServiceDescription%;ASMEDIA XHCI Service; C:\WINDOWS\System32\drivers\asmtxhci.sys [2011-11-03 395752]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 dg_ssudbus;@oem3.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudbus.sys [2014-10-13 110336]
S3 dtsoftbus01;@oem57.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-12-11 283064]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 FlashUSB;FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [2014-04-11 19968]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HPFXBULKLEDM;HPFXBULKLEDM; C:\WINDOWS\system32\drivers\hppdbulkio.sys [2009-02-26 22040]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 intaud_WaveExtensible;@oem49.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 shspusb;@oem44.inf,%HSP_Usb_DriverDesc.SvcDesc%;Samsung High Speed USB Driver disks; C:\WINDOWS\System32\drivers\HSPUSB.sys [2014-04-11 24064]
S3 ss_bbus;@oem8.inf,%Samsung.Service.Desc%;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\System32\drivers\ss_bbus.sys [2014-04-11 127488]
S3 ss_bserd;@oem70.inf,%Samsung.Service.Name%;SAMSUNG USB Mobile Logging Driver; C:\WINDOWS\System32\drivers\ss_bserd.sys [2014-04-11 128000]
S3 ss_bus;@oem55.inf,%SAMSUNG.Service.Desc%;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\System32\drivers\ss_bus.sys [2014-04-11 127488]
S3 ss_conn_usb_driver;@oem1.inf,%ssud.SvcDesc%;SAMSUNG Mobile USB Connectivity Device Driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [2014-10-13 26368]
S3 ssadbus;@oem51.inf,%SAMSUNG.Service.Desc%;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\ssadbus.sys [2014-04-11 169288]
S3 ssadserd;@oem12.inf,%Samsung.Service.Name%;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\System32\drivers\ssadserd.sys [2014-04-11 158024]
S3 sscdbus;@oem34.inf,%SAMSUNG.Service.Desc%;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\System32\drivers\sscdbus.sys [2014-04-11 169288]
S3 sscdserd;@oem30.inf,%Samsung.Service.Name%;SAMSUNG Mobile Modem Diagnostic Serial Port (WDM); C:\WINDOWS\System32\drivers\sscdserd.sys [2014-04-11 158024]
S3 sscebus;@oem62.inf,%SAMSUNG.Service.Desc%;SAMSUNG USB Composite Device V2 driver (WDM); C:\WINDOWS\System32\drivers\sscebus.sys [2014-04-11 169288]
S3 ssceserd;@oem74.inf,%Samsung.Service.Name%;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM); C:\WINDOWS\System32\drivers\ssceserd.sys [2014-04-11 158024]
S3 ssdudfu;@oem40.inf,%SvcDesc%;SAMSUNG Mobile USB DFU2 Device; C:\WINDOWS\System32\drivers\ssdudfu.sys [2014-04-11 101960]
S3 ssm_bus;@oem48.inf,%Samsung.Service.Desc%;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\System32\drivers\ssm_bus.sys [2014-04-11 136192]
S3 ssm_mdm;@oem27.inf,%Samsung.Service.Name%;SAMSUNG Mobile USB Port II 1.0 Drivers; C:\WINDOWS\System32\drivers\ssm_mdm.sys [2014-04-11 172032]
S3 ssuddmgr;@oem38.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Device Management Serial Port(DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssuddmgr.sys [2014-10-13 206080]
S3 ssudobex;@oem4.inf,%ssud.Service.Name%;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudobex.sys [2014-10-13 206080]
S3 ssudrmnet;@oem19.inf,%ssud.Service.Name%;SAMSUNG Mobile USB RMNET Drivers; C:\WINDOWS\System32\drivers\ssudrmnet.sys [2014-10-13 70400]
S3 ssudserd;@oem26.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudserd.sys [2014-10-13 206080]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2016-04-26 1195840]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2016-05-03 4463592]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-02-24 237096]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2014-06-25 176128]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-08-27 330136]
R2 mmsminisrv;Acronis Managed Machine Service Mini; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [2015-08-11 4884064]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 OneSyncSvc_31b0b;Hostitel synchronizace_31b0b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2016-04-16 9698296]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-08-25 7534864]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PimIndexMaintenanceSvc_31b0b;Data kontaktů_31b0b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_103171c;Hostitel synchronizace_103171c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2523e;Hostitel synchronizace_2523e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_26e6f;Hostitel synchronizace_26e6f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_29586;Hostitel synchronizace_29586; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3e45a74;Hostitel synchronizace_3e45a74; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_a58838e;Hostitel synchronizace_a58838e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_f2a81f;Hostitel synchronizace_f2a81f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_fd9941;Hostitel synchronizace_fd9941; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 StartImePrograms;StartImePrograms; C:\Program Files (x86)\I+ME Actia GmbH\Virtual Keyboard\StartImePrograms.exe [2011-09-30 143360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-24 143144]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_103171c;Služba zasílání zpráv_103171c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2523e;Služba zasílání zpráv_2523e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_26e6f;Služba zasílání zpráv_26e6f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_29586;Služba zasílání zpráv_29586; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_31b0b;Služba zasílání zpráv_31b0b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3e45a74;Služba zasílání zpráv_3e45a74; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_a58838e;Služba zasílání zpráv_a58838e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_f2a81f;Služba zasílání zpráv_f2a81f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_fd9941;Služba zasílání zpráv_fd9941; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_103171c;Data kontaktů_103171c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2523e;Data kontaktů_2523e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_26e6f;Data kontaktů_26e6f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_29586;Data kontaktů_29586; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3e45a74;Data kontaktů_3e45a74; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_a58838e;Data kontaktů_a58838e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_f2a81f;Data kontaktů_f2a81f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_fd9941;Data kontaktů_fd9941; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[michalluso]

# AdwCleaner v6.010 - Log soubor vytvořen 02/09/2016 na 10:06:22
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-09-01.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Mysak - TETREV
# Beží od : C:\Users\Mysak\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Mysak\AppData\LocalLow\Conduit
[-] Adresář smazán:C:\Users\Mysak\AppData\LocalLow\mystarttb
[-] Adresář smazán:C:\Users\Mysak\AppData\Roaming\mystarttb
[-] Adresář smazán:C:\Users\user\AppData\LocalLow\AVG SafeGuard toolbar
[-] Adresář smazán:C:\Program Files (x86)\mystarttb
[-] Adresář smazán:C:\Users\Public\Documents\dmp
[-] Adresář smazán:C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi


***** [ Soubory ] *****

[-] Soubor smazán:C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Hodnota smazána:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCB24E92-62C4-4C53-95D2-65F9EED476BC}]
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{607B689F-7600-45E4-B8E5-887F72DAB15C}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCB24E92-62C4-4C53-95D2-65F9EED476BC}]
[-] Klíč smazán:HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\Software\mystarttb
[-] Klíč smazán:HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\Software\AppDataLow\Software\mystarttb
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1744585618-2728888235-3045379412-1000\Software\mystarttb
[#] Klíč smazán po restartování:HKCU\Software\mystarttb
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\mystarttb
[-] Klíč smazán:HKLM\SOFTWARE\mystarttb
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mystarttb
[-] Klíč smazán:HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystart.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.mystart.com


***** [ Prohlížeče ] *****

[-] [C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2] [extension] Smazání:lkadffjmnaiokkdncgdlecdegajoiemi


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4435 Bajtů] - [02/09/2016 10:06:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [4689 Bajtů] - [02/09/2016 10:04:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4583 Bajtů] ##########

[Rudy]

Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

[michalluso]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Mysak (administrator) on TETREV (05-09-2016 09:46:49)
Running from C:\Users\Mysak\Desktop
Loaded Profiles: Mysak (Available Profiles: Mysak & user)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(forum.viry.cz) C:\Users\Mysak\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [562544 2016-04-26] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [421768 2016-04-25] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7377424 2016-04-26] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-12] (Hewlett-Packard Company)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15698792 2016-02-29] (eM Client s.r.o.)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [BitTorrent] => C:\Users\Mysak\AppData\Roaming\BitTorrent\BitTorrent.exe [2140680 2016-08-15] (BitTorrent Inc.)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {4685d2b9-e504-11e5-b997-3085a93c5813} - "E:\Setup.exe"
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {6a965fd2-e778-11e5-b999-806e6f6e6963} - "D:\Autorun\ShelExec.exe" \UsingWizard.html
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {7d4da2ac-2c75-11e6-b9d7-3085a93c5813} - "F:\Autorun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-24] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-03-18] (Acronis)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\webVT.lnk [2016-02-24]
ShortcutTarget: webVT.lnk -> C:\ATEQ\webVT\webVT.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e16663ee-d4a4-4bfd-ac3e-493d203cc202}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE13&ocid=UE13DHP
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE13&ocid=UE13DHP
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-24] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-24] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-23] (Oracle Corporation)
DPF: HKLM-x32 {73888E2B-FF04-416C-8847-984D7FC4507F} hxxp://10.0.0.102/RtspVaPgDecNew2.cab

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-24]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://www.bing.com/?pc=U223","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-24]
CHR Extension: (SEO Profesional Toolbar) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\adecfhccdknoobplgempjhbojlbpahhn [2016-02-24]
CHR Extension: (Dokumenty Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-24]
CHR Extension: (Disk Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-24]
CHR Extension: (YouTube) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-24]
CHR Extension: (SEO SERP Workbench) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2016-02-24]
CHR Extension: (Tabulky Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Avast Online Security) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-23]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2016-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-24]
CHR Extension: (Chrome Media Router) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31]
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-24]
CHR Profile: C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-24]
CHR Extension: (Dokumenty Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-24]
CHR Extension: (Disk Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-24]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2016-02-24]
CHR Extension: (YouTube) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-24]
CHR Extension: (Tabulky Google) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Avast Online Security) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-20]
CHR Extension: (Bleaner) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2016-09-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-24]
CHR Extension: (Chrome Media Router) - C:\Users\Mysak\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31]
CHR HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dogdoihocdkadpalbghcpfafbojcfofa] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-24]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1195840 2016-04-26] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [4463592 2016-05-03] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-24] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-24] (Dropbox, Inc.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-25] (HP) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S2 StartImePrograms; C:\Program Files (x86)\I+ME Actia GmbH\Virtual Keyboard\StartImePrograms.exe [143360 2011-09-30] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9698296 2016-04-16] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-24] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-11] (Disc Soft Ltd)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [339800 2016-05-03] (Acronis International GmbH)
S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2014-04-11] (Intel Mobile Communications)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2014-04-11] (MobileTop)
S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2014-04-11] (MCCI Corporation)
S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2014-04-11] (MCCI Corporation)
S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2014-04-11] (MCCI)
S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2014-04-11] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2014-04-11] (MCCI Corporation)
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-10-13] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2014-04-11] (MCCI Corporation)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-10-13] (DEVGURU Co., LTD.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267552 2016-05-03] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [193376 2016-05-03] (Acronis International GmbH)
S3 TMUSB; C:\Windows\System32\drivers\TMUSB64.SYS [63096 2012-03-01] (Seiko Epson Corporation)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [601432 2016-05-03] (Acronis International GmbH)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-18] (Oracle Corporation)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [279392 2016-05-03] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-05 09:46 - 2016-09-05 09:47 - 00026254 _____ C:\Users\Mysak\Desktop\FRST.txt
2016-09-05 09:41 - 2016-09-05 09:46 - 00000000 ____D C:\FRST
2016-09-05 09:39 - 2016-09-05 09:41 - 00112640 _____ (forum.viry.cz) C:\Users\Mysak\Desktop\FRSTLauncher.exe
2016-09-05 09:39 - 2016-09-05 09:39 - 00112640 _____ (forum.viry.cz) C:\Users\Mysak\Downloads\Nepotvrzeno 955102.crdownload
2016-09-05 09:38 - 2016-09-05 09:38 - 00112640 _____ (forum.viry.cz) C:\Users\Mysak\Downloads\Nepotvrzeno 855093.crdownload
2016-09-05 09:34 - 2016-09-05 09:34 - 01747968 _____ (Farbar) C:\Users\Mysak\Downloads\FRST.exe
2016-09-05 09:00 - 2016-09-05 09:00 - 00101630 _____ C:\Users\Mysak\Downloads\web_manifest641429_20160905_090123_09.pdf
2016-09-05 09:00 - 2016-09-05 09:00 - 00061746 _____ C:\Users\Mysak\Downloads\web_label965866_20160905_090117_56.pdf
2016-09-05 08:01 - 2016-09-05 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-02 18:43 - 2016-09-02 18:43 - 02397696 _____ (Farbar) C:\Users\Mysak\Desktop\FRST64.exe
2016-09-02 12:16 - 2016-09-02 12:16 - 00062823 _____ C:\Users\Mysak\Downloads\web_label963276_20160902_121640_67.pdf
2016-09-02 12:16 - 2016-09-02 12:16 - 00051808 _____ C:\Users\Mysak\Downloads\web_manifest640030_20160902_121646_84.pdf
2016-09-02 10:02 - 2016-09-02 10:06 - 00000000 ____D C:\AdwCleaner
2016-09-02 10:01 - 2016-09-02 10:02 - 03826240 _____ C:\Users\Mysak\Desktop\adwcleaner_6.010.exe
2016-08-31 19:56 - 2016-08-31 20:11 - 1839173632 _____ C:\Users\Mysak\Downloads\Nebezpečné pokušení (2015) CZ-Dabing TOP KVALITA.avi
2016-08-31 18:34 - 2016-08-31 18:37 - 225389754 _____ C:\Users\Mysak\Downloads\Harem CZ Ep8 .mp4
2016-08-31 18:32 - 2016-08-31 18:40 - 833598328 _____ C:\Users\Mysak\Downloads\Celebrity s.r.o. (CZ filmy, 2015).avi
2016-08-31 17:22 - 2016-08-31 17:22 - 00100991 _____ C:\Users\Mysak\Downloads\web_manifest636777_20160831_172317_30.pdf
2016-08-31 17:22 - 2016-08-31 17:22 - 00062451 _____ C:\Users\Mysak\Downloads\web_label956342_20160831_172314_29.pdf
2016-08-31 10:58 - 2016-08-31 10:59 - 00000000 ____D C:\rsit
2016-08-31 10:58 - 2016-08-31 10:59 - 00000000 ____D C:\Program Files\trend micro
2016-08-31 10:58 - 2016-08-31 10:58 - 01222144 _____ C:\Users\Mysak\Downloads\RSITx64.exe
2016-08-31 09:15 - 2016-08-31 09:15 - 00102806 _____ C:\Users\Mysak\Downloads\web_manifest634769_20160831_091603_78.pdf
2016-08-31 09:15 - 2016-08-31 09:15 - 00083390 _____ C:\Users\Mysak\Downloads\web_label952626_20160831_091552_10.pdf
2016-08-31 07:26 - 2016-09-02 10:09 - 00000000 ____D C:\Users\Mysak\AppData\LocalLow\BitTorrent
2016-08-29 20:16 - 2016-08-29 20:29 - 2094312436 _____ C:\Users\Mysak\Downloads\Keanu - Kočičí gangsterka (2016) HD 720p CZ dabing.avi
2016-08-29 20:04 - 2016-08-29 20:14 - 1595160576 _____ C:\Users\Mysak\Downloads\Jeníček a Mařenka Lovci čarodějnic Hansel & Gretel (2013) CZdub.avi
2016-08-29 15:17 - 2016-08-29 15:17 - 00003566 _____ C:\WINDOWS\System32\Tasks\HPLJCustParticipation
2016-08-29 15:17 - 2016-08-29 15:17 - 00001355 _____ C:\Users\Public\Desktop\HP LaserJet Pro MFP M225-M226 - Centrum nápovědy a vzdělávání.lnk
2016-08-29 15:17 - 2016-08-29 15:17 - 00001322 _____ C:\Users\Public\Desktop\HP LJ M225M226 Scan.lnk
2016-08-29 15:16 - 2016-08-29 15:16 - 00000000 ____D C:\Users\Public\Desktop\HP
2016-08-29 15:16 - 2016-08-29 15:16 - 00000000 ____D C:\Program Files\HP
2016-08-29 15:15 - 2016-08-29 15:15 - 00000000 ____D C:\Users\Mysak\Desktop\HP
2016-08-29 14:35 - 2016-08-29 14:35 - 00063651 _____ C:\Users\Mysak\Downloads\web_label945686_20160829_143557_86.pdf
2016-08-29 13:43 - 2016-08-29 13:43 - 00102256 _____ C:\Users\Mysak\Downloads\web_manifest631250_20160829_134401_75.pdf
2016-08-29 13:42 - 2016-08-29 13:42 - 00063729 _____ C:\Users\Mysak\Downloads\web_label945192_20160829_134308_72.pdf
2016-08-29 13:40 - 2016-08-29 13:40 - 00000000 ____D C:\Users\Public\Documents\Hewlett-Packard
2016-08-29 12:53 - 2016-09-05 09:16 - 00000000 _____ C:\Users\Mysak\Documents\HPLJM225_M226_Fax_Port
2016-08-26 14:41 - 2016-08-26 14:41 - 00012739 _____ C:\Users\Mysak\Desktop\Mechanik formulář objednávka montérek zima 2016.xlsx
2016-08-26 11:52 - 2016-08-26 11:52 - 00100513 _____ C:\Users\Mysak\Downloads\web_manifest628597_20160826_115237_71.pdf
2016-08-26 11:52 - 2016-08-26 11:52 - 00062235 _____ C:\Users\Mysak\Downloads\web_label939916_20160826_115231_37.pdf
2016-08-25 07:41 - 2016-08-25 07:41 - 00003324 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-25 07:39 - 2016-08-25 07:39 - 00000000 ____D C:\Users\Mysak\AppData\Roaming\Skype
2016-08-24 14:59 - 2016-08-24 14:59 - 00051838 _____ C:\Users\Mysak\Downloads\web_manifest625182_20160824_145946_07.pdf
2016-08-24 14:58 - 2016-08-24 14:58 - 00062619 _____ C:\Users\Mysak\Downloads\web_label933019_20160824_145912_10.pdf
2016-08-24 13:21 - 2016-08-24 13:21 - 00154470 _____ C:\Users\Mysak\Downloads\eStatement_08042016.pdf
2016-08-23 19:47 - 2016-08-23 19:59 - 1167570944 _____ C:\Users\Mysak\Downloads\Novinka !! 50-50 Padesát na padesát padesat na padesat (2014) BDRiP CZ Dabing Top Kvalita.avi
2016-08-23 19:47 - 2016-08-23 19:57 - 782287580 _____ C:\Users\Mysak\Downloads\10_Ulice Cloverfield 10 CZ_Dabing (2016) NOVINKA.avi
2016-08-23 18:20 - 2016-08-23 18:28 - 1321207808 _____ C:\Users\Mysak\Downloads\Pád Londýna (2016,cz,dabing,HQ)ddd.avi
2016-08-23 12:14 - 2016-08-23 12:14 - 00170872 _____ C:\Users\Mysak\Downloads\395042299_0_MHMPXP4PSNGC.PDF
2016-08-23 11:10 - 2016-08-23 11:10 - 00073311 _____ C:\Users\Mysak\Downloads\395016599_0_00705003_dph_412e_1601618112.pdf
2016-08-23 10:28 - 2016-08-23 10:28 - 00101252 _____ C:\Users\Mysak\Downloads\web_manifest621752_20160823_102847_98.pdf
2016-08-23 10:27 - 2016-08-23 10:27 - 00148801 _____ C:\Users\Mysak\Downloads\web_label925953_20160823_102750_44.pdf
2016-08-22 20:43 - 2016-08-22 20:53 - 947210624 _____ C:\Users\Mysak\Downloads\Lovec - Zimní válka 2016 Cz dab..avi
2016-08-22 20:43 - 2016-08-22 20:52 - 794105624 _____ C:\Users\Mysak\Downloads\Temna strana dveri The Other Side of the Door(2016) CZ dabing NOVINKA.avi
2016-08-22 17:28 - 2016-08-22 17:34 - 725004134 _____ C:\Users\Mysak\Downloads\- Komedie - Tohle_je_valka-To_bude_boj2012-cz-dabing.avi
2016-08-22 15:54 - 2016-08-22 15:54 - 00666163 _____ C:\Users\Mysak\Desktop\petr david slovakovo.pdf
2016-08-22 15:39 - 2016-08-22 15:39 - 02238829 _____ C:\Users\Mysak\Desktop\Jura david staré.pdf
2016-08-22 15:35 - 2016-08-22 15:35 - 01545660 _____ C:\Users\Mysak\Desktop\petr david zlín plyn.pdf
2016-08-22 15:25 - 2016-08-22 15:25 - 01582307 _____ C:\Users\Mysak\Desktop\petr david zlín.pdf
2016-08-22 15:20 - 2016-08-22 15:20 - 02193237 _____ C:\Users\Mysak\Desktop\petr david doma.pdf
2016-08-22 15:16 - 2016-08-22 15:16 - 03379241 _____ C:\Users\Mysak\Desktop\petrek.pdf
2016-08-22 13:16 - 2016-08-22 13:16 - 00067438 _____ C:\Users\Mysak\Downloads\394697410_0_00705003_dph_4120_1601618062.pdf
2016-08-22 09:47 - 2016-08-22 09:47 - 00000000 ____D C:\Users\Mysak\AppData\Roaming\Hewlett-Packard Company
2016-08-22 09:34 - 2014-02-19 01:08 - 00447776 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpcpn165.dll
2016-08-22 09:34 - 2014-02-19 01:05 - 00446240 _____ (Hewlett Packard Corporation) C:\WINDOWS\SysWOW64\hpcc3165.dll
2016-08-22 09:34 - 2014-02-18 21:16 - 00959312 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpptsplj225226_x64.dll
2016-08-22 09:34 - 2014-02-18 21:16 - 00791376 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\hpptsplj225226.dll
2016-08-22 09:34 - 2014-01-21 18:50 - 00529416 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpwia2_lj225226.dll
2016-08-22 09:34 - 2013-04-05 15:31 - 00557088 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjcd01.dll
2016-08-18 20:43 - 2016-08-18 20:52 - 784558080 _____ C:\Users\Mysak\Downloads\URNA Útvar Rozhodně Neživých Agentů RIPD CZdabing (2013) NOVINKA.avi
2016-08-18 20:42 - 2016-08-18 20:52 - 910062170 _____ C:\Users\Mysak\Downloads\Já, pomsta (2016 CZ dabing).avi
2016-08-18 19:21 - 2016-08-18 19:38 - 1042073600 _____ C:\Users\Mysak\Downloads\Dovolená za trest [Blended] (2014) CZ dabing.avi
2016-08-18 11:36 - 2016-08-18 11:36 - 00100835 _____ C:\Users\Mysak\Downloads\web_manifest615496_20160818_113648_28.pdf
2016-08-18 11:36 - 2016-08-18 11:36 - 00062029 _____ C:\Users\Mysak\Downloads\web_label913628_20160818_113643_10.pdf
2016-08-17 11:19 - 2016-08-17 11:19 - 00100153 _____ C:\Users\Mysak\Downloads\web_manifest613172_20160817_111930_93.pdf
2016-08-17 11:19 - 2016-08-17 11:19 - 00062346 _____ C:\Users\Mysak\Downloads\web_label909019_20160817_111923_74.pdf
2016-08-15 11:18 - 2016-08-15 11:18 - 00105473 _____ C:\Users\Mysak\Downloads\web_manifest608695_20160815_111854_29.pdf
2016-08-15 11:14 - 2016-08-15 11:14 - 00171435 _____ C:\Users\Mysak\Downloads\web_label899683_20160815_111423_22.pdf
2016-08-12 16:40 - 2016-08-12 16:41 - 00119269 _____ C:\Users\Mysak\Desktop\servis.PDF
2016-08-12 13:36 - 2016-08-12 13:36 - 00101090 _____ C:\Users\Mysak\Downloads\web_manifest607135_20160812_133701_31.pdf
2016-08-12 13:36 - 2016-08-12 13:36 - 00062296 _____ C:\Users\Mysak\Downloads\web_label895814_20160812_133646_24.pdf
2016-08-11 14:51 - 2016-08-11 14:51 - 00333376 _____ C:\Users\Mysak\Desktop\mpm.pdf
2016-08-11 09:17 - 2016-08-11 09:17 - 00005632 _____ C:\Users\Mysak\Downloads\jkp1.xls
2016-08-11 09:17 - 2016-08-11 09:17 - 00005632 _____ C:\Users\Mysak\Desktop\jkp1.xls
2016-08-10 18:02 - 2016-08-10 18:16 - 1850453156 _____ C:\Users\Mysak\Downloads\Jak se zbavit nevěsty (CZ filmy, 720p, 2016) NOVINKA.avi
2016-08-10 15:48 - 2016-08-10 15:55 - 1033165226 _____ C:\Users\Mysak\Downloads\Batman v Superman-Batman vs Superman (2016,cz,dabing)ddd.avi
2016-08-10 15:31 - 2016-08-10 15:37 - 988036632 _____ C:\Users\Mysak\Downloads\Aliance (2016) CZ_Dabing_NOVINKA.avi
2016-08-10 10:25 - 2016-08-10 10:25 - 00061754 _____ C:\Users\Mysak\Downloads\web_label885791_20160810_102543_16.pdf
2016-08-10 10:25 - 2016-08-10 10:25 - 00050805 _____ C:\Users\Mysak\Downloads\web_manifest602088_20160810_102548_94.pdf
2016-08-10 08:09 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-10 08:09 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-10 08:09 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-10 08:09 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 08:09 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 08:09 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 08:09 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 08:09 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-10 08:09 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-10 08:09 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 08:09 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-10 08:09 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-10 08:09 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-10 08:09 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-10 08:09 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-10 08:09 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-10 08:09 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-10 08:09 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 08:09 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-10 08:09 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-10 08:09 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 08:09 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 08:09 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-10 08:09 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 08:09 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-10 08:09 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 08:09 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-10 08:09 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-10 08:09 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-10 08:09 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-10 08:09 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 08:09 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-10 08:09 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-10 08:09 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-10 08:09 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-10 08:09 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-10 08:09 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-10 08:09 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-10 08:09 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-10 08:09 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-10 08:08 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-10 08:08 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 08:08 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-10 08:08 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-10 08:08 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-10 08:08 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-10 08:08 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 08:08 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-10 08:08 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 08:08 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 08:08 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-10 08:08 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-10 08:08 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 08:08 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 08:08 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-10 08:08 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 08:08 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 08:08 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 08:08 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 08:08 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-10 08:08 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 08:08 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-10 08:08 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-10 08:08 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-10 08:08 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-10 08:08 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-10 08:08 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-10 08:08 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 08:08 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 08:08 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-10 08:08 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-10 08:08 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-10 08:08 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 08:08 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-10 08:08 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 08:08 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-10 08:08 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 08:08 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-10 08:08 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-10 08:08 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-10 08:08 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-10 08:08 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 08:08 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 08:08 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 08:08 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 08:08 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 08:08 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-10 08:08 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 08:08 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 08:08 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-10 08:08 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 08:08 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-10 08:08 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-10 08:08 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-10 08:08 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 08:08 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 08:08 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 08:08 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 08:08 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 08:08 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-10 08:08 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 08:08 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 08:08 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-10 08:08 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-10 08:08 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-10 08:08 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 08:08 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-10 08:08 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-10 08:08 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 08:08 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 08:08 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-10 08:08 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-10 08:08 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-10 08:08 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 08:08 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-10 08:08 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 08:08 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 08:08 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 08:08 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 08:08 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 08:08 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 08:08 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 08:08 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 08:08 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 08:08 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 08:08 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-10 08:08 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 08:08 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 08:08 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-09 10:54 - 2016-08-09 10:54 - 00050592 _____ C:\Users\Mysak\Downloads\web_manifest599972_20160809_105449_60.pdf
2016-08-09 10:49 - 2016-08-09 10:49 - 00140085 _____ C:\Users\Mysak\Downloads\web_label881652_20160809_104942_13.pdf
2016-08-08 12:50 - 2016-08-08 12:50 - 00100534 _____ C:\Users\Mysak\Downloads\web_manifest598275_20160808_125017_33.pdf
2016-08-08 12:49 - 2016-08-08 12:49 - 00062394 _____ C:\Users\Mysak\Downloads\web_label878356_20160808_124943_15.pdf
2016-08-08 09:18 - 2016-08-08 09:18 - 00101572 _____ C:\Users\Mysak\Downloads\web_manifest597433_20160808_091912_22.pdf
2016-08-08 09:18 - 2016-08-08 09:18 - 00063430 _____ C:\Users\Mysak\Downloads\web_label876331_20160808_091909_73.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-05 09:43 - 2016-02-24 11:08 - 00000000 ____D C:\Users\Mysak\AppData\Roaming\eM Client
2016-09-05 09:43 - 2015-09-10 17:06 - 00000000 ____D C:\Users\Mysak\Documents\telefony
2016-09-05 09:18 - 2015-04-01 15:55 - 00001246 _____ C:\Users\Mysak\advanced_ip_scanner_MAC.bin
2016-09-05 09:08 - 2016-02-24 09:47 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-05 08:58 - 2016-02-24 10:53 - 00000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-05 08:16 - 2016-05-11 19:02 - 00000000 ____D C:\Users\Mysak\AppData\Local\CrashDumps
2016-09-05 08:08 - 2016-02-24 09:47 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-05 08:02 - 2016-02-24 10:53 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-05 08:02 - 2014-12-11 23:38 - 00000000 ___RD C:\Users\Mysak\Dropbox
2016-09-05 07:33 - 2016-02-24 09:01 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-05 07:33 - 2016-02-24 09:01 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-05 07:28 - 2016-04-13 17:45 - 00004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0600D307-B4F2-4075-9B0E-169A60C5EDC8}
2016-09-05 07:24 - 2016-02-24 09:45 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-09-05 07:22 - 2015-11-30 22:34 - 00000000 __SHD C:\Users\Mysak\IntelGraphicsProfiles
2016-09-05 07:21 - 2016-02-24 10:53 - 00000916 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-05 07:21 - 2016-02-24 09:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-02 19:09 - 2016-06-16 11:08 - 00000000 ____D C:\Users\Mysak\AppData\Roaming\BitTorrent
2016-09-02 15:28 - 2013-09-17 16:21 - 00000000 ____D C:\Users\Mysak\Documents\podepsat
2016-09-02 10:07 - 2016-02-24 08:48 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-09-01 07:35 - 2016-02-24 09:01 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 07:35 - 2016-02-24 08:54 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 00:24 - 2016-04-11 16:19 - 00017550 _____ C:\Users\Mysak\Documents\pracovní hodiny 2016.xlsx
2016-08-31 12:26 - 2013-12-10 15:31 - 00000611 _____ C:\Users\Mysak\Desktop\Time Attendance Management.lnk
2016-08-31 10:42 - 2016-02-26 11:10 - 00046545 _____ C:\Users\Mysak\Desktop\auta.xlsx
2016-08-31 10:12 - 2016-03-15 20:40 - 00000000 ____D C:\zaloha PC
2016-08-29 16:39 - 2016-02-24 11:29 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-29 16:39 - 2016-02-24 11:29 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-29 16:39 - 2016-02-24 11:29 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-29 15:18 - 2016-02-24 14:49 - 00000000 ____D C:\Program Files (x86)\HP
2016-08-29 15:16 - 2016-02-24 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-29 15:16 - 2016-02-24 09:24 - 00000000 ____D C:\ProgramData\HP
2016-08-29 15:15 - 2016-02-24 09:00 - 00000000 ____D C:\WINDOWS\INF
2016-08-29 15:14 - 2016-02-24 14:51 - 00000167 _____ C:\WINDOWS\system32\AddPort.ini
2016-08-29 13:26 - 2016-02-24 14:54 - 00000000 ____D C:\Users\Mysak\AppData\Local\HP
2016-08-25 07:41 - 2016-02-24 09:31 - 00002391 _____ C:\Users\Mysak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-25 07:41 - 2015-07-30 14:16 - 00000000 ___RD C:\Users\Mysak\OneDrive
2016-08-24 18:07 - 2016-02-24 09:21 - 00000000 ____D C:\Users\Mysak
2016-08-22 09:47 - 2016-02-24 14:53 - 00000964 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace I.R.I.S. OCR.lnk
2016-08-22 09:47 - 2016-02-24 09:24 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-08-12 14:52 - 2016-02-24 09:27 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-12 14:52 - 2016-02-24 09:06 - 00750030 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-12 14:52 - 2016-02-24 09:06 - 00150654 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-12 10:21 - 2016-02-24 09:01 - 00000000 ____D C:\WINDOWS\rescache
2016-08-11 07:28 - 2015-11-30 22:34 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 00:50 - 2016-02-24 09:01 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-11 00:50 - 2016-02-24 09:01 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 08:40 - 2016-02-24 10:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 08:40 - 2016-02-24 09:01 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 08:31 - 2016-02-24 10:11 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 08:10 - 2016-02-24 09:48 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 08:10 - 2016-02-24 09:48 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-06 11:54 - 2016-02-24 19:19 - 00003942 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1456334353
2016-08-06 11:54 - 2016-02-24 19:19 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-06 11:54 - 2016-02-24 19:19 - 00000000 ____D C:\Program Files (x86)\Opera

==================== Files in the root of some directories =======


Some files in TEMP:
====================
C:\Users\Mysak\AppData\Local\Temp\libeay32.dll
C:\Users\Mysak\AppData\Local\Temp\msvcr120.dll
C:\Users\Mysak\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Mysak\Desktop" je 17610 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {4685d2b9-e504-11e5-b997-3085a93c5813} - "E:\Setup.exe"
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {6a965fd2-e778-11e5-b999-806e6f6e6963} - "D:\Autorun\ShelExec.exe" \UsingWizard.html
HKU\S-1-5-21-1744585618-2728888235-3045379412-1000\...\MountPoints2: {7d4da2ac-2c75-11e6-b9d7-3085a93c5813} - "F:\Autorun.exe"
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Mysak\AppData\Local\Temp
End

Z logu:

Velikost slozky "C:\Users\Mysak\Desktop" je 17610 MB.

To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Mysak novou složku a přesuňte do ní všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

[michalluso]

akorát nevím co mám dělat s tím Poznámkovým blokem?

[Rudy]

Pardon, zapoměl jsem zkopírovat:

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.