Logfile of random's system information tool 1.10 (written by random/random)
Run by Fanda vykus at 2016-10-05 20:57:52
Microsoft Windows 10 Home
System drive C: has 257 GB (89%) free of 289 GB
Total RAM: 1738 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:58:51, on 05.10.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0545)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
C:\Program Files (x86)\MPC Cleaner\AdCleaner.exe
C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe
C:\Program Files (x86)\MPC Cleaner\AdxEngine.exe
C:\Users\Fanda vykus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ContentPush\app\bin\nw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\Public\MxUp\MxUp.exe
C:\Program Files\AVAST Software\Avast\avBugReport.exe
C:\Program Files\trend micro\Fanda vykus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5WtmvUhSurwd_HTlEN-H8G4gcw9Rwq3Iq_ikmtulQChG8d_JdXO14o0eJ1RRzhM00fonmJlN5VAd9Yls1G7aACspRJ2QSNT1yAwdpyq-hdGjI9VBKKKY_wi1cvQ8mz9q6yN_bzS5tX9p3Da-kFE7OBl9DgkY4w,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5WtmvUhSurwd_HTlEN-H8G4gcw9Rwq3Iq_ikmtulQChG8d_JdXO14o0eJ1RRzhM00fonmJlN5VAd9Yls1G7aACspRJ2QSNT1yAwdpyq-hdGjI9VBKKKY_wi1cvQ8mz9q6yN_bzS5tX9p3Da-kFE7OBl9DgkY4w,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5WtmvUhSurwd_HTlEN-H8G4gcw9Rwq3Iq_ikmtulQChG8d_JdXO14o0eJ1RRzhM00fonmJlN5VAd9Yls1G7aACspRJ2QSNT1yAwdpyq-hdGjI9VBKKKY_wi1cvQ8mz9q6yN_bzS5tX9p3Da-kFE7OBl9DgkY4w,,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHoTG1nEZQLY5WtmvUhSurwd_HTlEN-H8G4gcw9Rwq3Iq_ikmtulQChG8d_JdXO14o0eJ1RRzhM00fonmJlN5VAd9Yls1G7aACspRJ2QSNT1yAwdpyq-hdGjI9VBKKKY_wi1cvQ8mz9q6yN_bzS5tX9p3Da-kFE7OBl9DgkY4w,,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:18159
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=wscript C:\WINDOWS\run.vbs,
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Fanda vykus\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Fanda vykus\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Fanda vykus\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MaohaWiFiService (MaohaWifiSvr) - ???? ???? - C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe
O23 - Service: MPC Core Protect Service (MPCProtectService) - DotC United Inc - C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: saiyi technology limit (saiyitechnology) - YahooChrome - C:\ProgramData\yahoochrome_D\desktop307.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9319 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
atieclxx
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe"
"C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k usbmonitorsvcs
C:\ProgramData\yahoochrome_D\desktop307.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\SysWOW64\svchost.exe -k zipsvcs
dashost.exe {97ec945f-dd0b-4aad-ba79a2f369facd4a}
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\MPC Cleaner\MPCTray.exe"
"C:\Program Files (x86)\MPC Cleaner\AdCleaner.exe" /autostart
"C:\Program Files (x86)\MPC Cleaner\MPCDesktop.exe" /nopopuppre:1
"C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe"
"C:\Program Files (x86)\MPC Cleaner\AdxEngine.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Users\Fanda vykus\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\AVAST Software\SZBrowser\launcher.exe" --scheduledautoupdate $(Arg0)
taskhostw.exe
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" "C:\Program Files (x86)\ContentPush\app\app"
C:\Windows\System32\InstallAgent.exe -Embedding
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=cs --extension-process --nodejs --working-directory="C:\Program Files (x86)\ContentPush\app\app" --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4660.1.1757039508\1909480908" /prefetch:673131151
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=cs --extension-process --nodejs --working-directory="C:\Program Files (x86)\ContentPush\app\app" --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4660 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="4660.2.1816307903\1850423070" /prefetch:673131151
"C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53\SZBrowser_autoupdate.exe" --host --pipeid=oauc_task_piped97c5153f3602eb1fdb77254528dce68 --version=1.51.2220.53 --lang=cs --producttype --requesttype=automatic --downloaddir="C:\Program Files\AVAST Software\SZBrowser\Temp" --operadir="C:\Program Files\AVAST Software\SZBrowser\1.51.2220.53" --installdir="C:\Program Files\AVAST Software\SZBrowser" --profile="C:\Program Files\AVAST Software\SZBrowser\Temp" --nometrics --scheduledtask
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.startgo123.com/search/index
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Fanda vykus\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0x1b0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6348.0.1465709488\969716791" --mojo-application-channel-token=AA3B6BCF24FC31A3A62335C59F48A1B0 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillEnabled/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/NoChecks/ --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,10,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x980a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.0 --gpu-driver-date=8-21-2015 --mojo-platform-channel-handle=1388 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillEnabled/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=516CAD774E0234E1F724A2EA9DDF5DC6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=F6380BA77AD7400FD0EA571786C82498 --mojo-application-channel-token=E51DC38A4A970461CB831C055A999379 --channel="6348.6.719841598\865128278" --mojo-platform-channel-handle=4276 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillEnabled/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=AFE4B31247E01531D0667FDEF40A4018 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=695F35BA66C4D2EB5BBE9436B939FA6D --mojo-application-channel-token=AEF5CAFDD9C155F4D27782542A5A6BF3 --channel="6348.11.283288233\932395170" --mojo-platform-channel-handle=4844 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillEnabled/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=75F023C50F9560476352A7EF9CB26A85 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=20C38916F5E22E5013A2093CB50CF234 --mojo-application-channel-token=5C646375C26E64CB967B3C525CCE87CA --channel="6348.14.2013416109\349032366" --mojo-platform-channel-handle=2376 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillEnabled/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=DAD64E71BF45E060ED80733E1810EB7D --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=FC86955C384E0A631781D965DEF65A60 --mojo-application-channel-token=7298F9BA318C6F2408A83E022FBEEDFB --channel="6348.16.1613346387\1971238762" --mojo-platform-channel-handle=5316 /prefetch:1
"C:\Program Files\AVAST Software\SZBrowser\Temp\CProgram FilesAVAST SoftwareSZBrowser\3740_1736\SafeZone_1.51.2220.62_Autoupdate.exe"
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.486_none_7640e086266ea227\TiWorker.exe -Embedding
"C:\Program Files (x86)\ContentPush\app\bin\nw.exe" --type=gpu-process --channel="4660.3.1790655346\1181575248" --no-sandbox --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40,43 --gpu-vendor-id=0x1002 --gpu-device-id=0x980a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.0 /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillEnabled/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20160627/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_84/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/*UMA_CheckStates/NoChecks/ --primordial-pipe-token=15279E46C9B7B6FF4EDD9CDDF13655D3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true,fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=A4862F31A0C6C89C05721F8389B919C4 --mojo-application-channel-token=E487810D07FA50440899ED3CADD4F1E1 --channel="6348.19.2073836871\1648517538" --mojo-platform-channel-handle=6348 /prefetch:1
taskeng.exe {D96AE03A-CFA8-4960-957E-5DB8E54D668A}
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" "http://www.xmediaserve.com/apu.php?n=&z ... 2=WACOp3s3"
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -RunResMgr -MainFrmIpc:"IPC_M_R_00000CD0" -UsersFolder:"C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\Users\" -UserName:"guest" -AppDataPath:"C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\" -ProductType:"intl" -LangIni:"C:\Program Files (x86)\Maxthon\Bin\Locales\cs-cz.lng" /prefetch:A9C14CE7
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -PID:"3280" -RunMxAddonsMgr -UsersFolder:"C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\Users\" -UserName:"guest" -AppDataPath:"C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\" -LangIni:"C:\Program Files (x86)\Maxthon\Bin\Locales\cs-cz.lng" /prefetch:87E4E14A
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" --type=gpu-process --channel="3280.0.2010341920\72386010" --no-sandbox --stable-release-mode --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x980a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.0 --stable-release-mode --mx-child-process /prefetch:822062411
"C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=cs-CZ --stable-release-mode --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="3280.1.1869918551\836663782" --mx-child-process /prefetch:673131151
"C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\Public\MxUp\MxUp.exe" -ProductID:"mx3" -ProductPn -ProductType:"intl" -Lang:"cs-cz" -UpdateType:"auto_update" -AppPath:"C:\Program Files (x86)\Maxthon\" -NotifyFileName:"C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\Temp\MxUp\mxup.dat" -CurMainModuleVer:"4.9.3.1000" -MxUpTempFolder:"C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\Temp\MxUp\" -DataPath:"C:\Users\Fanda vykus\AppData\Roaming\Maxthon3\"
"C:\Program Files\AVAST Software\Avast\avBugReport.exe" --send dumps|report
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 620 624 632 8192 628
"C:\Users\Fanda vykus\Downloads\RSITx64.exe"
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-14 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-14 234560]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-07-10 3233976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Fanda vykus\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-30 633024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Fanda vykus\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-29 9107616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{6710C780-E20E-4C49-A87D-321850ED3D7C}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=181
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.tscc"=C:\WINDOWS\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\WINDOWS\SysWOW64\tsc2_codec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-05 20:57:54 ----D---- C:\Program Files\trend micro
2016-10-05 20:57:52 ----D---- C:\rsit
2016-10-05 18:09:14 ----D---- C:\WINDOWS\system32\SleepStudy
2016-10-05 17:00:53 ----HD---- C:\$WINDOWS.~BT
2016-09-29 13:12:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-09-29 13:11:21 ----A---- C:\WINDOWS\avastSS.scr
2016-09-27 19:17:58 ----D---- C:\ProgramData\Skype
======List of files/folders modified in the last 1 month======
2016-10-05 20:57:54 ----RD---- C:\Program Files
2016-10-05 20:47:48 ----D---- C:\WINDOWS\system32\config
2016-10-05 20:45:07 ----D---- C:\WINDOWS\system32\sru
2016-10-05 20:33:48 ----D---- C:\WINDOWS\Temp
2016-10-05 20:24:48 ----D---- C:\WINDOWS\prefetch
2016-10-05 20:22:52 ----D---- C:\Program Files (x86)\MPC Cleaner
2016-10-05 20:20:51 ----D---- C:\WINDOWS\INF
2016-10-05 20:20:36 ----D---- C:\WINDOWS\system32\NDF
2016-10-05 19:51:58 ----D---- C:\WINDOWS\System32
2016-10-05 19:51:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-05 19:44:24 ----D---- C:\Windows
2016-10-05 19:40:02 ----DC---- C:\WINDOWS\Panther
2016-10-05 19:40:02 ----D---- C:\WINDOWS\system32\catroot2
2016-10-05 19:40:02 ----D---- C:\WINDOWS\debug
2016-10-05 19:02:24 ----D---- C:\WINDOWS\CbsTemp
2016-10-05 18:58:55 ----D---- C:\WINDOWS\AppReadiness
2016-10-05 18:46:12 ----HD---- C:\Program Files\WindowsApps
2016-10-05 18:31:38 ----D---- C:\WINDOWS\system32\drivers
2016-10-05 18:26:22 ----AD---- C:\Program Files (x86)\Opera
2016-10-05 18:25:37 ----D---- C:\Users\Fanda vykus\AppData\Roaming\Opera Software
2016-10-05 18:25:30 ----D---- C:\WINDOWS\system32\Tasks
2016-10-05 18:24:50 ----RD---- C:\Program Files (x86)
2016-10-05 18:10:56 ----SHD---- C:\System Volume Information
2016-10-05 18:10:35 ----D---- C:\WINDOWS\Logs
2016-10-05 18:07:26 ----D---- C:\WINDOWS\Microsoft.NET
2016-10-05 18:04:19 ----RSD---- C:\WINDOWS\assembly
2016-10-05 17:00:43 ----D---- C:\WINDOWS\WinSxS
2016-10-05 17:00:39 ----D---- C:\WINDOWS\system32\cs-CZ
2016-10-05 16:54:45 ----D---- C:\WINDOWS\system32\MRT
2016-10-05 16:37:33 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-10-05 16:33:01 ----D---- C:\WINDOWS\syswow64
2016-09-29 13:42:48 ----D---- C:\WINDOWS\Tasks
2016-09-29 13:41:37 ----D---- C:\Users\Fanda vykus\AppData\Roaming\Desktop
2016-09-29 13:36:30 ----D---- C:\WINDOWS\system32\DriverStore
2016-09-29 13:27:31 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-09-29 13:27:30 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-09-29 13:27:18 ----D---- C:\WINDOWS\system32\wbem
2016-09-29 13:27:17 ----D---- C:\WINDOWS\system32\oobe
2016-09-29 13:27:17 ----D---- C:\WINDOWS\system32\migration
2016-09-29 13:27:16 ----D---- C:\WINDOWS\system32\en-US
2016-09-29 13:27:16 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2016-09-29 13:27:16 ----D---- C:\WINDOWS\system32\appraiser
2016-09-29 13:26:58 ----D---- C:\WINDOWS\Provisioning
2016-09-29 13:26:57 ----RD---- C:\WINDOWS\PrintDialog
2016-09-29 13:26:57 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-09-29 13:26:57 ----RD---- C:\WINDOWS\DevicesFlow
2016-09-29 13:26:57 ----D---- C:\WINDOWS\PolicyDefinitions
2016-09-29 13:26:56 ----D---- C:\WINDOWS\bcastdvr
2016-09-29 13:26:56 ----D---- C:\WINDOWS\AppPatch
2016-09-29 13:26:56 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-09-29 13:26:56 ----D---- C:\Program Files (x86)\Windows Mail
2016-09-29 13:26:56 ----D---- C:\Program Files (x86)\Windows Defender
2016-09-29 13:26:56 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-29 13:26:55 ----D---- C:\Program Files\Windows Photo Viewer
2016-09-29 13:26:55 ----D---- C:\Program Files\Windows Mail
2016-09-29 13:26:55 ----D---- C:\Program Files\Windows Defender
2016-09-29 13:26:55 ----D---- C:\Program Files\Internet Explorer
2016-09-29 13:26:52 ----D---- C:\WINDOWS\system32\WDI
2016-09-29 13:17:43 ----HD---- C:\ProgramData
2016-09-27 19:21:56 ----SHD---- C:\WINDOWS\Installer
2016-09-27 19:21:53 ----D---- C:\Program Files (x86)\Common Files
2016-09-27 18:58:32 ----AD---- C:\Program Files\ZipTool
2016-09-07 03:00:59 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-29 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-09-29 292704]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-29 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-29 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-29 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-29 513632]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 MaohaWifiNetPro;MaohaWifiNetPro; \??\C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [2015-10-27 871152]
R1 MPCKpt;MPCKpt; C:\WINDOWS\system32\DRIVERS\MPCKpt.sys [2016-09-27 60136]
R1 UCGuard;UCGuard; C:\WINDOWS\system32\DRIVERS\ucguard.sys [2016-04-25 80768]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-29 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-29 163416]
R2 KuaiZipDrive;KuaiZipDrive; \??\C:\WINDOWS\system32\drivers\KuaiZipDrive.sys [2016-07-08 92872]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-10-21 21648880]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-10-21 674288]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2015-10-30 4207104]
R3 AtiHDAudioService;@oem7.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdW86.sys [2012-08-21 91648]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\System32\drivers\ETD.sys [2015-07-10 428216]
R3 Ps2Kb2Hid;@oem4.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2013-01-22 26736]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 AmUStor;@oem11.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-09-11 100992]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-29 37656]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-02-13 117248]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys []
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 QRDCIO;@oem0.inf,%SERVICE_DISPLAY_NAME%;Quanta Generic IO Access; C:\WINDOWS\System32\drivers\QRDCIO.sys [2009-10-20 9728]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-05-28 258912]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-04-23 131424]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-10-21 255472]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-08-22 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-29 197128]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 MaohaWifiSvr;MaohaWiFiService; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [2014-12-18 170464]
R2 MPCProtectService;MPC Core Protect Service; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [2016-09-27 355808]
R2 OneSyncSvc_2e64a;Hostitel synchronizace_2e64a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 saiyitechnology;saiyi technology limit; C:\ProgramData\yahoochrome_D\desktop307.exe [2016-07-21 236768]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_120fb7a;Hostitel synchronizace_120fb7a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1b039;Hostitel synchronizace_1b039; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1ced3d;Hostitel synchronizace_1ced3d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_55924a;Hostitel synchronizace_55924a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_67aa8;Hostitel synchronizace_67aa8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_90f0c3;Hostitel synchronizace_90f0c3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_a850b5;Hostitel synchronizace_a850b5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-07-10 135352]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 KuaizipUpdateChecker;KuaizipUpdateChecker; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_120fb7a;Služba zasílání zpráv_120fb7a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1b039;Služba zasílání zpráv_1b039; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1ced3d;Služba zasílání zpráv_1ced3d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2e64a;Služba zasílání zpráv_2e64a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_55924a;Služba zasílání zpráv_55924a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_67aa8;Služba zasílání zpráv_67aa8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_90f0c3;Služba zasílání zpráv_90f0c3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_a850b5;Služba zasílání zpráv_a850b5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_120fb7a;Data kontaktů_120fb7a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1b039;Data kontaktů_1b039; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1ced3d;Data kontaktů_1ced3d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2e64a;Data kontaktů_2e64a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_55924a;Data kontaktů_55924a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_67aa8;Data kontaktů_67aa8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_90f0c3;Data kontaktů_90f0c3; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_a850b5;Data kontaktů_a850b5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S3 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_120fb7a;Úložiště uživatelských dat_120fb7a; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_1b039;Úložiště uživatelských dat_1b039; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_1ced3d;Úložiště uživatelských dat_1ced3d; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_2e64a;Úložiště uživatelských dat_2e64a; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_55924a;Úložiště uživatelských dat_55924a; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_67aa8;Úložiště uživatelských dat_67aa8; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomoc .... vyskakující reklamy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
davidnovak
- Návštěvník
- Příspěvky: 1
- Registrován: 05 říj 2016 21:28
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomoc .... vyskakující reklamy
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?