Zdravím,
dostal se mi pod ruku počítač přítelkyně, který je napadený nějakou havětí. Při brouzdání po internetu se při kliknutích kamkoliv (třeba při posutí stránky) se otevře nový panel s nějakou stránkou.
Dále pak se na flashce místo souborů objevují jen jejich zástupci. Tento problém jsem tu již jednou řesil v předchozím příspěvku (http://forum.viry.cz/viewtopic.php?f=13&t=150049), jednalo se o červa. Log je se zapojenu flashkou v PC. Za pomoc s vyčištěním předem děkuji.
Šmíďák
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lucis at 2016-10-08 10:20:31
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 400 GB (92%) free of 435 GB
Total RAM: 3979 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:20:36, on 8. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lucis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 8930 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {19529794-a576-4b6a-89387c999e8ab361}
"C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss adeda1e8-0d04-40fb-8af8-a567592efe1c 1
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe 0x4
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\Explorer.EXE
taskhostex.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
igfxEM.exe
igfxHK.exe
C:\windows\system32\SearchIndexer.exe /Embedding
igfxTray.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
szndesktop.exe default start
"C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\windows\syswow64\wwahost.exe" -ServerName:App.wwa
C:\Windows\System32\UserAccountBroker.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
C:\windows\system32\WLANExt.exe 64871304384
\??\C:\windows\system32\conhost.exe 0x4
"C:\windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
taskhost.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ade9e2ed-fc87-4a6a-a56f-aa582443cf23 -SystemEventPortName:HostProcess-8b4aea30-1e10-457a-93c8-4132aaebcfcc -IoCancelEventPortName:HostProcess-81764140-f88e-4af9-9b82-8e1509815250 -NonStateChangingEventPortName:HostProcess-a2b47833-cac2-48f9-89b4-9a561e43b6c1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8c3246ae-cc06-4bf8-971c-6523a5889d79 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x14c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7628.0.734548992\2071297309" --mojo-application-channel-token=E304719A8BDD586A569AA52C662F3EEA --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --gpu-driver-date=3-11-2014 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1140 --mojo-platform-channel-handle=1240 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=C422138B1675936231ACDD256AAD8F06 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=ECD257D0F097E71695B3EE6B1CB83AAB --mojo-application-channel-token=C422138B1675936231ACDD256AAD8F06 --channel="7628.3.240601072\1245612706" --mojo-platform-channel-handle=2648 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=3CA311804872C520B4384C8034350570 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=789F725B6DDB8A5664A766EB5C363DAC --mojo-application-channel-token=3CA311804872C520B4384C8034350570 --channel="7628.5.1585766110\1141632245" --mojo-platform-channel-handle=2636 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=68413DB9366981DF147DC2B023F77748 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=C6378B74D99E4CBC5AA853AE7415FD60 --mojo-application-channel-token=68413DB9366981DF147DC2B023F77748 --channel="7628.7.420253771\572549116" --mojo-platform-channel-handle=6480 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=6E88A4CD313D35A2125D0380F6F27037 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=52DFCA63DEE232CDB7652A54264761A7 --mojo-application-channel-token=6E88A4CD313D35A2125D0380F6F27037 --channel="7628.8.1477163634\1290236175" --mojo-platform-channel-handle=4956 /prefetch:1
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe154_ Global\UsGthrCtrlFltPipeMssGthrPipe154 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\Lucis\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-12 948792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-12 713440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-16 2403104]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-07-16 1283136]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [2016-07-18 9571552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-09-15 18:46:27 ----A---- C:\windows\system32\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2016-09-15 18:46:25 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv2.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv.sys
2016-09-15 18:46:24 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\schannel.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\lsasrv.dll
2016-09-15 18:46:23 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-09-15 18:46:17 ----A---- C:\windows\system32\mshtml.dll
2016-09-15 18:46:16 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\jscript9.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\system32\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\system32\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\urlmon.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\msfeeds.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\inetcomm.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\iertutil.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\ieapfltr.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\certcli.dll
2016-09-15 18:45:43 ----A---- C:\windows\system32\ntoskrnl.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winresume.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winload.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\ntdll.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanmm.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanconn.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\pnidui.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\csrsrv.dll
2016-09-15 18:45:40 ----A---- C:\windows\SYSWOW64\user32.dll
2016-09-15 18:45:40 ----A---- C:\windows\system32\win32k.sys
2016-09-15 18:45:40 ----A---- C:\windows\system32\user32.dll
2016-09-14 10:50:35 ----D---- C:\Users\Lucis\AppData\Roaming\Lavasoft
2016-09-14 10:26:26 ----D---- C:\Users\Lucis\AppData\Roaming\LavasoftStatistics
2016-09-14 10:25:16 ----D---- C:\Program Files\Lavasoft
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files\Lavasoft
2016-09-14 10:21:45 ----D---- C:\ProgramData\Lavasoft
2016-09-12 21:21:28 ----A---- C:\windows\system32\aswBoot.exe
2016-09-12 21:21:18 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2016-10-08 10:20:33 ----D---- C:\Program Files\trend micro
2016-10-08 10:17:45 ----RAD---- C:\windows\System32
2016-10-08 10:17:45 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-10-08 10:17:44 ----D---- C:\windows\Inf
2016-10-08 10:09:51 ----D---- C:\windows\Temp
2016-10-08 10:06:14 ----D---- C:\windows\Prefetch
2016-10-08 10:04:35 ----D---- C:\windows\system32\drivers
2016-10-08 10:03:47 ----D---- C:\windows\system32\sru
2016-10-04 21:30:45 ----HD---- C:\ProgramData
2016-10-04 20:37:45 ----D---- C:\windows\system32\config
2016-10-04 20:36:23 ----D---- C:\windows\system32\Tasks
2016-10-04 20:33:22 ----SHD---- C:\windows\Installer
2016-09-29 18:14:21 ----SHD---- C:\System Volume Information
2016-09-29 18:10:00 ----D---- C:\windows\Microsoft.NET
2016-09-26 21:01:57 ----D---- C:\windows\WinSxS
2016-09-26 20:20:50 ----D---- C:\windows\rescache
2016-09-23 00:01:46 ----D---- C:\windows\system32\NDF
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\en-US
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-22 07:10:19 ----D---- C:\windows\system32\en-US
2016-09-22 07:10:19 ----D---- C:\windows\system32\cs-CZ
2016-09-22 07:09:46 ----D---- C:\windows\CbsTemp
2016-09-18 16:47:01 ----D---- C:\windows\debug
2016-09-18 16:22:27 ----D---- C:\Users\Lucis\AppData\Roaming\Seznam.cz
2016-09-18 16:16:10 ----AD---- C:\Windows
2016-09-18 01:30:30 ----D---- C:\windows\SysWOW64
2016-09-18 01:30:29 ----D---- C:\Program Files\Internet Explorer
2016-09-18 01:30:29 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-17 19:56:52 ----D---- C:\windows\SoftwareDistribution
2016-09-17 19:52:33 ----D---- C:\Users\Lucis\AppData\Roaming\vlc
2016-09-15 20:54:36 ----D---- C:\windows\system32\MRT
2016-09-15 20:54:31 ----AC---- C:\windows\system32\MRT.exe
2016-09-15 18:44:42 ----D---- C:\windows\system32\catroot2
2016-09-14 10:25:16 ----RD---- C:\Program Files
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-09-12 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-09-12 292704]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2016-09-12 37144]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-09-12 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-09-12 108816]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-09-12 163416]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2011-03-18 11576]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmaux;@oem17.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 CnxtHdAudService;@oem13.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ibtusb;@oem18.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 NETwNb64;@oem19.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-06-01 3443680]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2014-07-23 12732248]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-16 19288]
R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 SNP2UVC;@oem22.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-16 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S1 oykwrbue;oykwrbue; \??\C:\windows\system32\drivers\oykwrbue.sys []
S3 ACPIVPC;@oem25.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-06 35576]
S3 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-09-12 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 KMWDFILTER;HIDServiceDesc; C:\windows\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys []
S3 Trufos;Trufos; C:\windows\system32\DRIVERS\Trufos.sys [2016-04-28 485512]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 WDC_SAM;@oem29.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\windows\System32\drivers\wdcsam64.sys [2015-11-12 26880]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-12 197128]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-01-22 130008]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [2016-07-18 732056]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-06 198192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-16 1719640]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-16 18954072]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-07-23 931288]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavirovaný PC a fleshka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný PC a fleshka
Zdravím!
Nejprve flešku připojte a pusťte na ni USBFix:
Nejprve flešku připojte a pusťte na ni USBFix:
Stahnete a spustte http://www.fosshub.com/UsbFix.html
kliknete na Clean, vlozte nakazenou flashku do PC a kliknete na OK
pri dotazu na asistenci kliknete na No
upozorneni na ukonceni procesu - OK
obsah prave vytvoreneho logu vlozte do pristiho prispevku
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný PC a fleshka
Spustit USBfix byl dost porod. Po stažení chtěl stále aktualizovat, když jsem klikl na přeskočit aktualizaci, tak se USBfix zavřel a otevřela se mi stránka na stažení USBfixu, kde ovšem nikde stáhnout nešel. To stejné se dělo i když jsem dal aktualizovat. Nicméně, abych to zkrátil, jsem pak ve fóru našel tento odkaz https://www.sosvirus.net/en/download/usbfix/ kde stáhnout již šel a dokonce nechtěl aktualizaci.
Po proběhnutí čištění jsem musel restartovat počítač, protože zmizela plocha i hlavní panel. Jinak na flešce již ikony nejsou, pouze normální soubory.
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 1596|ParentID: 1596|Lucis)
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 2500|ParentID: 2500|Lucis)
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 2788|ParentID: 2788|Lucis)
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 6552|ParentID: 6552|Lucis)
[HIDDEN] C:\Windows\SysWOW64\dllhost.exe (ID: 6620|ParentID: 6620|Lucis)
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 7424|ParentID: 7424|Lucis)
[HIDDEN] C:\Program Files (x86)\Internet Explorer\iexplore.exe (ID: 7700|ParentID: 7700|Lucis)
############################## | UsbFix V 8.283 | [Clean]
User: Lucis (Administrator) # LENOVO-LUCIS
Updated 07/10/2016 by SOSVirus
Started at 11:17:28 | 09/10/2016
Website : https://www.usb-antivirus.com/
Tutorial : https://www.usb-antivirus.com/tutorial/
Support : https://www.sosvirus.org/
Live detection : http://www.sosmalware.com/usbfix/
Contact : https://www.usb-antivirus.com/contact/
################## | System information |
MB: LENOVO (Lancer 5A6)
CPU: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
GC: Intel(R) HD Graphics
RAM -> [Total : 3979 Mo | Free : 1194 Mo]
Bios: LENOVO
Boot: Normal boot
OS: Microsoft™ Windows 8.1 Connected (6.3.9600 64-Bit)
WB: Internet Explorer : 11.00.9600.16384
WB: Google Chrome : 53.0.2785.143
################## | Security Information |
AV: Windows Defender [(!) Disabled |Updated]
AV: Avast Antivirus [(!) Disabled |Updated]
AS: Windows Defender [(!) Disabled |Updated]
AS: Avast Antivirus [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
################## | Disk Information |
C:\ (%SystemDrive%) -> Fixed disk # 425 Gb (392 Gb free - 92%) [Windows8_OS] # NTFS
D:\ -> Fixed disk # 25 Gb (22 Gb free - 86%) [LENOVO] # NTFS
G:\ -> Removable disk # 7 Gb (7 Gb free - 97%) [KINGSTON] # FAT32
################## | Generic Research |
Deleted! G:\obrazky.lnk
Deleted! G:\~$DOMINY_komplet-nemecko1.lnk
Deleted! G:\Odhad-vizual-poster.lnk
Deleted! G:\DOMINY_komplet-nemecko1.lnk
Deleted! G:\Syntax_Kontingencky12.lnk
Deleted! G:\Output_Kontingencky_oba_podsoubory12.lnk
Deleted! G:\DataSet_kontingencky_oba_podsoubory12.lnk
Deleted! G:\Kontingeencka-identita.lnk
Deleted! G:\Kontingencka-photos.lnk
Deleted! G:\DataSet_kontingencky_oba_podsoubory13.lnk
Deleted! G:\POSTER-TEXT-13.lnk
Deleted! G:\Adaware_Installer.lnk
Deleted! G:\cmd_fw_installer.lnk
Deleted! G:\konting-spravne-identity.lnk
Deleted! G:\konting-spravne-photos.lnk
Deleted! G:\Luci_v3.lnk
Deleted! G:\e_sexualni_variace.lnk
Deleted! G:\Output-1.lnk
Deleted! G:\Syntax-1.lnk
Deleted! G:\eurocrim-abstract.lnk
Deleted! G:\System Volume Information.lnk
Deleted! G:\AJ-zk-phd.lnk
Deleted! G:\PROFINY SAMOTNÉ.lnk
Deleted! G:\KOMUNITKY SAMOTNÉ.lnk
Deleted! G:\smycWTeXSeDFCWU.wSf
Restored! [N] G:\~$DOMINY_komplet-nemecko1.9..xlsx
Restored! [N] G:\Odhad-vizual-poster.jpg
Restored! [D] G:\obrazky
Restored! [N] G:\DOMINY_komplet-nemecko1.9..xlsx
Restored! [N] G:\Output_Kontingencky_oba_podsoubory12.9..spv
Restored! [N] G:\Syntax_Kontingencky12.9..sps
Restored! [N] G:\DataSet_kontingencky_oba_podsoubory12.9..sav
Restored! [N] G:\Kontingeencka-identita.png
Restored! [N] G:\Kontingencka-photos.png
Restored! [N] G:\DataSet_kontingencky_oba_podsoubory13.9..sav
Restored! [N] G:\POSTER-TEXT-13.9..docx
Restored! [N] G:\Adaware_Installer.exe
Restored! [N] G:\cmd_fw_installer.exe
Restored! [N] G:\konting-spravne-identity.png
Restored! [N] G:\konting-spravne-photos.png
Restored! [N] G:\Luci_v3.png
Restored! [D] G:\AJ-zk-phd
Restored! [N] G:\Luci_v3.pdf
Restored! [N] G:\Luci_v3.psd
Restored! [N] G:\Luci_v3.tif
Restored! [N] G:\e_sexualni_variace.pdf
Restored! [N] G:\Output-1.9..spv
Restored! [N] G:\Syntax-1.9..sps
Restored! [D] G:\PROFINY SAMOTNÉ
Restored! [D] G:\KOMUNITKY SAMOTNÉ
Restored! [N] G:\eurocrim-abstract.docx
(!) Temporary files deleted. (63.5088653564453 MB)
################## | Startup |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
04 - HKCU\..\Run : [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - [x64] HKLM\..\Run : [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
04 - [x64] HKLM\..\Run : [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
04 - [x64] HKLM\..\Run : [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
04 - [x64] HKLM\..\Run : [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
04 - [x64] HKLM\..\Run : [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe"
04 - HKU\S-1-5-21-940599705-2722358779-2826560887-1001\..\Run : [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
04 - HKU\S-1-5-21-940599705-2722358779-2826560887-1001\..\Run : [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
04 - HKU\S-1-5-21-940599705-2722358779-2826560887-1001\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
################## | C:\ %SystemDrive% - Fixed drive (NTFS) |
[18/09/2016 - 16:15:30 | ASH | 3259764 Ko] - C:\hiberfil.sys
[18/09/2016 - 16:15:34 | ASH | 262144 Ko] - C:\swapfile.sys
[08/10/2016 - 23:47:19 | ASH | 1349504 Ko] - C:\pagefile.sys
[02/09/2015 - 18:33:38 | SHD] - C:\$Recycle.Bin
[18/06/2013 - 14:18:29 | N | 0 Ko] - C:\BOOTNXT
[22/08/2013 - 16:45:52 | SHD] - C:\Documents and Settings
[22/08/2013 - 17:22:35 | D] - C:\PerfLogs
[18/03/2014 - 11:54:54 | RASH | 389 Ko] - C:\bootmgr
[02/04/2014 - 19:03:58 | SHD] - C:\Recovery
[02/04/2014 - 19:33:50 | SHD] - C:\Boot
[06/11/2014 - 02:13:25 | D] - C:\Intel
[01/09/2015 - 21:56:39 | AD] - C:\Users
[02/09/2015 - 18:08:38 | RHD] - C:\MSOCache
[24/06/2016 - 10:52:39 | D] - C:\rsit
[25/06/2016 - 11:59:39 | D] - C:\AdwCleaner
[29/07/2016 - 02:21:33 | RD] - C:\Program Files (x86)
[14/09/2016 - 10:25:16 | RD] - C:\Program Files
[18/09/2016 - 16:16:10 | AD] - C:\Windows
[04/10/2016 - 21:30:45 | HD] - C:\ProgramData
[09/10/2016 - 11:14:53 | D] - C:\UsbFix
################## | D:\ - Fixed drive (NTFS) |
[02/09/2015 - 18:33:38 | SHD] - D:\$RECYCLE.BIN
[06/11/2014 - 03:23:27 | D] - D:\Drivers
[06/11/2014 - 03:23:27 | D] - D:\Applications
################## | G:\ - Removable drive (FAT32) |
[12/09/2016 - 22:22:18 | N | 0 Ko] - G:\~$DOMINY_komplet-nemecko1.9..xlsx
[13/09/2016 - 00:00:28 | N | 1491 Ko] - G:\Odhad-vizual-poster.jpg
[12/09/2016 - 22:20:20 | D] - G:\obrazky
[18/09/2016 - 16:15:38 | N | 140 Ko] - G:\DOMINY_komplet-nemecko1.9..xlsx
[13/09/2016 - 15:49:20 | N | 26 Ko] - G:\Output_Kontingencky_oba_podsoubory12.9..spv
[13/09/2016 - 15:49:06 | N | 0 Ko] - G:\Syntax_Kontingencky12.9..sps
[12/09/2016 - 23:58:58 | N | 14 Ko] - G:\DataSet_kontingencky_oba_podsoubory12.9..sav
[13/09/2016 - 13:28:06 | N | 19 Ko] - G:\Kontingeencka-identita.png
[13/09/2016 - 13:34:30 | N | 19 Ko] - G:\Kontingencka-photos.png
[13/09/2016 - 15:49:38 | N | 14 Ko] - G:\DataSet_kontingencky_oba_podsoubory13.9..sav
[18/09/2016 - 16:15:46 | N | 205 Ko] - G:\POSTER-TEXT-13.9..docx
[10/09/2016 - 10:21:34 | N | 2100 Ko] - G:\Adaware_Installer.exe
[10/09/2016 - 10:22:08 | N | 169529 Ko] - G:\cmd_fw_installer.exe
[17/09/2016 - 18:36:10 | N | 18 Ko] - G:\konting-spravne-identity.png
[17/09/2016 - 18:37:50 | N | 20 Ko] - G:\konting-spravne-photos.png
[18/09/2016 - 16:42:30 | N | 1814 Ko] - G:\Luci_v3.png
[31/08/2016 - 09:12:26 | D] - G:\AJ-zk-phd
[19/09/2016 - 17:55:56 | N | 1707 Ko] - G:\Luci_v3.pdf
[19/09/2016 - 17:46:02 | N | 10606 Ko] - G:\Luci_v3.psd
[19/09/2016 - 17:15:48 | N | 32014 Ko] - G:\Luci_v3.tif
[01/09/2016 - 15:59:34 | N | 285 Ko] - G:\e_sexualni_variace.pdf
[01/09/2016 - 16:25:38 | N | 45 Ko] - G:\Output-1.9..spv
[01/09/2016 - 16:26:44 | N | 1 Ko] - G:\Syntax-1.9..sps
[10/09/2016 - 15:29:14 | D] - G:\PROFINY SAMOTNÉ
[10/09/2016 - 16:09:50 | D] - G:\KOMUNITKY SAMOTNÉ
[24/08/2016 - 15:35:46 | N | 13 Ko] - G:\eurocrim-abstract.docx
[12/09/2016 - 10:23:42 | A | 55 Ko] - G:\obrazky\tumblr_mek8h9XfI51qg7xwvo1_500.jpg
[10/09/2016 - 15:19:28 | A | 137 Ko] - G:\obrazky\Mapa-JEDNOTLIVE.jpg
[12/09/2016 - 10:36:08 | A | 207 Ko] - G:\obrazky\tumblr_merrogYLNp1r44tsuo1_1280.jpg
[12/09/2016 - 10:29:46 | A | 36 Ko] - G:\obrazky\klecici-u-nohou-pani.webnote.cz.jpg
[12/09/2016 - 10:28:00 | A | 20 Ko] - G:\obrazky\femina.cz.jpg
[12/09/2016 - 10:23:12 | A | 27 Ko] - G:\obrazky\pinterest.com
[12/09/2016 - 10:28:38 | A | 283 Ko] - G:\obrazky\vibratory.net.jpg
[01/09/2016 - 15:43:10 | A | 106 Ko] - G:\obrazky\Mapa-polotovar.gif
[01/09/2016 - 16:16:40 | A | 50 Ko] - G:\obrazky\wallpaper-weird-man-slave-of-woman.jpg
[01/09/2016 - 16:08:46 | A | 54 Ko] - G:\obrazky\nasenovinky.sk.d156f13aa6cd2e6339dd0a93fc24dcaa-crop-0-0-302x400-resize-580
[01/09/2016 - 16:10:34 | A | 10 Ko] - G:\obrazky\www.cosmiq.de.jpg
[01/09/2016 - 15:43:26 | A | 172 Ko] - G:\obrazky\Mapa hotová.jpg
[22/08/2016 - 18:21:34 | A | 18 Ko] - G:\AJ-zk-phd\Sprachalova-CV.docx
[19/08/2016 - 19:02:44 | A | 11 Ko] - G:\AJ-zk-phd\PROJEKT-AJ-GOOGLE.docx.docx
[12/08/2016 - 10:33:12 | A | 22 Ko] - G:\AJ-zk-phd\PROJEKT-oficiální-verze.docx
[22/08/2016 - 18:18:38 | A | 18 Ko] - G:\AJ-zk-phd\CV-AKTUALIZACE.docx.docx
[10/09/2016 - 10:32:02 | A | 35 Ko] - G:\AJ-zk-phd\PhD_Sprachalova_AJ_OPRAVA.docx
[16/09/2016 - 00:02:10 | A | 13 Ko] - G:\AJ-zk-phd\Notes.docx
[16/09/2016 - 01:03:38 | A | 23 Ko] - G:\AJ-zk-phd\PhD. zkrácená verze.docx
[10/09/2016 - 15:28:44 | A | 161 Ko] - G:\PROFINY SAMOTNÉ\Mapa-PROFINY.jpg
[10/09/2016 - 14:55:22 | A | 6 Ko] - G:\PROFINY SAMOTNÉ\PROFINY-soubor.sav
[10/09/2016 - 14:55:06 | A | 1 Ko] - G:\PROFINY SAMOTNÉ\Syntax-Profiny.sps
[10/09/2016 - 14:55:00 | A | 45 Ko] - G:\PROFINY SAMOTNÉ\Output-profiny.spv
[10/09/2016 - 16:08:46 | A | 0 Ko] - G:\KOMUNITKY SAMOTNÉ\Syntax-komunitky.sps
[10/09/2016 - 16:08:28 | A | 34 Ko] - G:\KOMUNITKY SAMOTNÉ\Output-komunitky.spv
[10/09/2016 - 16:25:50 | A | 170 Ko] - G:\KOMUNITKY SAMOTNÉ\Mapa-KOMUNITKY.jpg
[12/09/2016 - 22:39:36 | A | 16 Ko] - G:\KOMUNITKY SAMOTNÉ\Output-komunitky-age.spv
[12/09/2016 - 22:40:02 | A | 1 Ko] - G:\KOMUNITKY SAMOTNÉ\Syntax-komunitky-age.sps
[12/09/2016 - 22:40:20 | A | 21 Ko] - G:\KOMUNITKY SAMOTNÉ\Dataset-komunitky.sav
Analysed in 316.7 seconds
################## | E.O.F | https://www.sosvirus.net/ | https://www.usb-antivirus.com/ |
Po proběhnutí čištění jsem musel restartovat počítač, protože zmizela plocha i hlavní panel. Jinak na flešce již ikony nejsou, pouze normální soubory.
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 1596|ParentID: 1596|Lucis)
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 2500|ParentID: 2500|Lucis)
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 2788|ParentID: 2788|Lucis)
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 6552|ParentID: 6552|Lucis)
[HIDDEN] C:\Windows\SysWOW64\dllhost.exe (ID: 6620|ParentID: 6620|Lucis)
[HIDDEN] C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe (ID: 7424|ParentID: 7424|Lucis)
[HIDDEN] C:\Program Files (x86)\Internet Explorer\iexplore.exe (ID: 7700|ParentID: 7700|Lucis)
############################## | UsbFix V 8.283 | [Clean]
User: Lucis (Administrator) # LENOVO-LUCIS
Updated 07/10/2016 by SOSVirus
Started at 11:17:28 | 09/10/2016
Website : https://www.usb-antivirus.com/
Tutorial : https://www.usb-antivirus.com/tutorial/
Support : https://www.sosvirus.org/
Live detection : http://www.sosmalware.com/usbfix/
Contact : https://www.usb-antivirus.com/contact/
################## | System information |
MB: LENOVO (Lancer 5A6)
CPU: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
GC: Intel(R) HD Graphics
RAM -> [Total : 3979 Mo | Free : 1194 Mo]
Bios: LENOVO
Boot: Normal boot
OS: Microsoft™ Windows 8.1 Connected (6.3.9600 64-Bit)
WB: Internet Explorer : 11.00.9600.16384
WB: Google Chrome : 53.0.2785.143
################## | Security Information |
AV: Windows Defender [(!) Disabled |Updated]
AV: Avast Antivirus [(!) Disabled |Updated]
AS: Windows Defender [(!) Disabled |Updated]
AS: Avast Antivirus [(!) Disabled |Updated]
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]
################## | Disk Information |
C:\ (%SystemDrive%) -> Fixed disk # 425 Gb (392 Gb free - 92%) [Windows8_OS] # NTFS
D:\ -> Fixed disk # 25 Gb (22 Gb free - 86%) [LENOVO] # NTFS
G:\ -> Removable disk # 7 Gb (7 Gb free - 97%) [KINGSTON] # FAT32
################## | Generic Research |
Deleted! G:\obrazky.lnk
Deleted! G:\~$DOMINY_komplet-nemecko1.lnk
Deleted! G:\Odhad-vizual-poster.lnk
Deleted! G:\DOMINY_komplet-nemecko1.lnk
Deleted! G:\Syntax_Kontingencky12.lnk
Deleted! G:\Output_Kontingencky_oba_podsoubory12.lnk
Deleted! G:\DataSet_kontingencky_oba_podsoubory12.lnk
Deleted! G:\Kontingeencka-identita.lnk
Deleted! G:\Kontingencka-photos.lnk
Deleted! G:\DataSet_kontingencky_oba_podsoubory13.lnk
Deleted! G:\POSTER-TEXT-13.lnk
Deleted! G:\Adaware_Installer.lnk
Deleted! G:\cmd_fw_installer.lnk
Deleted! G:\konting-spravne-identity.lnk
Deleted! G:\konting-spravne-photos.lnk
Deleted! G:\Luci_v3.lnk
Deleted! G:\e_sexualni_variace.lnk
Deleted! G:\Output-1.lnk
Deleted! G:\Syntax-1.lnk
Deleted! G:\eurocrim-abstract.lnk
Deleted! G:\System Volume Information.lnk
Deleted! G:\AJ-zk-phd.lnk
Deleted! G:\PROFINY SAMOTNÉ.lnk
Deleted! G:\KOMUNITKY SAMOTNÉ.lnk
Deleted! G:\smycWTeXSeDFCWU.wSf
Restored! [N] G:\~$DOMINY_komplet-nemecko1.9..xlsx
Restored! [N] G:\Odhad-vizual-poster.jpg
Restored! [D] G:\obrazky
Restored! [N] G:\DOMINY_komplet-nemecko1.9..xlsx
Restored! [N] G:\Output_Kontingencky_oba_podsoubory12.9..spv
Restored! [N] G:\Syntax_Kontingencky12.9..sps
Restored! [N] G:\DataSet_kontingencky_oba_podsoubory12.9..sav
Restored! [N] G:\Kontingeencka-identita.png
Restored! [N] G:\Kontingencka-photos.png
Restored! [N] G:\DataSet_kontingencky_oba_podsoubory13.9..sav
Restored! [N] G:\POSTER-TEXT-13.9..docx
Restored! [N] G:\Adaware_Installer.exe
Restored! [N] G:\cmd_fw_installer.exe
Restored! [N] G:\konting-spravne-identity.png
Restored! [N] G:\konting-spravne-photos.png
Restored! [N] G:\Luci_v3.png
Restored! [D] G:\AJ-zk-phd
Restored! [N] G:\Luci_v3.pdf
Restored! [N] G:\Luci_v3.psd
Restored! [N] G:\Luci_v3.tif
Restored! [N] G:\e_sexualni_variace.pdf
Restored! [N] G:\Output-1.9..spv
Restored! [N] G:\Syntax-1.9..sps
Restored! [D] G:\PROFINY SAMOTNÉ
Restored! [D] G:\KOMUNITKY SAMOTNÉ
Restored! [N] G:\eurocrim-abstract.docx
(!) Temporary files deleted. (63.5088653564453 MB)
################## | Startup |
F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
04 - HKCU\..\Run : [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - HKLM\..\Run : [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - [x64] HKLM\..\Run : [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
04 - [x64] HKLM\..\Run : [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
04 - [x64] HKLM\..\Run : [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe /t
04 - [x64] HKLM\..\Run : [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
04 - [x64] HKLM\..\Run : [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe"
04 - HKU\S-1-5-21-940599705-2722358779-2826560887-1001\..\Run : [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
04 - HKU\S-1-5-21-940599705-2722358779-2826560887-1001\..\Run : [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
04 - HKU\S-1-5-21-940599705-2722358779-2826560887-1001\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
################## | C:\ %SystemDrive% - Fixed drive (NTFS) |
[18/09/2016 - 16:15:30 | ASH | 3259764 Ko] - C:\hiberfil.sys
[18/09/2016 - 16:15:34 | ASH | 262144 Ko] - C:\swapfile.sys
[08/10/2016 - 23:47:19 | ASH | 1349504 Ko] - C:\pagefile.sys
[02/09/2015 - 18:33:38 | SHD] - C:\$Recycle.Bin
[18/06/2013 - 14:18:29 | N | 0 Ko] - C:\BOOTNXT
[22/08/2013 - 16:45:52 | SHD] - C:\Documents and Settings
[22/08/2013 - 17:22:35 | D] - C:\PerfLogs
[18/03/2014 - 11:54:54 | RASH | 389 Ko] - C:\bootmgr
[02/04/2014 - 19:03:58 | SHD] - C:\Recovery
[02/04/2014 - 19:33:50 | SHD] - C:\Boot
[06/11/2014 - 02:13:25 | D] - C:\Intel
[01/09/2015 - 21:56:39 | AD] - C:\Users
[02/09/2015 - 18:08:38 | RHD] - C:\MSOCache
[24/06/2016 - 10:52:39 | D] - C:\rsit
[25/06/2016 - 11:59:39 | D] - C:\AdwCleaner
[29/07/2016 - 02:21:33 | RD] - C:\Program Files (x86)
[14/09/2016 - 10:25:16 | RD] - C:\Program Files
[18/09/2016 - 16:16:10 | AD] - C:\Windows
[04/10/2016 - 21:30:45 | HD] - C:\ProgramData
[09/10/2016 - 11:14:53 | D] - C:\UsbFix
################## | D:\ - Fixed drive (NTFS) |
[02/09/2015 - 18:33:38 | SHD] - D:\$RECYCLE.BIN
[06/11/2014 - 03:23:27 | D] - D:\Drivers
[06/11/2014 - 03:23:27 | D] - D:\Applications
################## | G:\ - Removable drive (FAT32) |
[12/09/2016 - 22:22:18 | N | 0 Ko] - G:\~$DOMINY_komplet-nemecko1.9..xlsx
[13/09/2016 - 00:00:28 | N | 1491 Ko] - G:\Odhad-vizual-poster.jpg
[12/09/2016 - 22:20:20 | D] - G:\obrazky
[18/09/2016 - 16:15:38 | N | 140 Ko] - G:\DOMINY_komplet-nemecko1.9..xlsx
[13/09/2016 - 15:49:20 | N | 26 Ko] - G:\Output_Kontingencky_oba_podsoubory12.9..spv
[13/09/2016 - 15:49:06 | N | 0 Ko] - G:\Syntax_Kontingencky12.9..sps
[12/09/2016 - 23:58:58 | N | 14 Ko] - G:\DataSet_kontingencky_oba_podsoubory12.9..sav
[13/09/2016 - 13:28:06 | N | 19 Ko] - G:\Kontingeencka-identita.png
[13/09/2016 - 13:34:30 | N | 19 Ko] - G:\Kontingencka-photos.png
[13/09/2016 - 15:49:38 | N | 14 Ko] - G:\DataSet_kontingencky_oba_podsoubory13.9..sav
[18/09/2016 - 16:15:46 | N | 205 Ko] - G:\POSTER-TEXT-13.9..docx
[10/09/2016 - 10:21:34 | N | 2100 Ko] - G:\Adaware_Installer.exe
[10/09/2016 - 10:22:08 | N | 169529 Ko] - G:\cmd_fw_installer.exe
[17/09/2016 - 18:36:10 | N | 18 Ko] - G:\konting-spravne-identity.png
[17/09/2016 - 18:37:50 | N | 20 Ko] - G:\konting-spravne-photos.png
[18/09/2016 - 16:42:30 | N | 1814 Ko] - G:\Luci_v3.png
[31/08/2016 - 09:12:26 | D] - G:\AJ-zk-phd
[19/09/2016 - 17:55:56 | N | 1707 Ko] - G:\Luci_v3.pdf
[19/09/2016 - 17:46:02 | N | 10606 Ko] - G:\Luci_v3.psd
[19/09/2016 - 17:15:48 | N | 32014 Ko] - G:\Luci_v3.tif
[01/09/2016 - 15:59:34 | N | 285 Ko] - G:\e_sexualni_variace.pdf
[01/09/2016 - 16:25:38 | N | 45 Ko] - G:\Output-1.9..spv
[01/09/2016 - 16:26:44 | N | 1 Ko] - G:\Syntax-1.9..sps
[10/09/2016 - 15:29:14 | D] - G:\PROFINY SAMOTNÉ
[10/09/2016 - 16:09:50 | D] - G:\KOMUNITKY SAMOTNÉ
[24/08/2016 - 15:35:46 | N | 13 Ko] - G:\eurocrim-abstract.docx
[12/09/2016 - 10:23:42 | A | 55 Ko] - G:\obrazky\tumblr_mek8h9XfI51qg7xwvo1_500.jpg
[10/09/2016 - 15:19:28 | A | 137 Ko] - G:\obrazky\Mapa-JEDNOTLIVE.jpg
[12/09/2016 - 10:36:08 | A | 207 Ko] - G:\obrazky\tumblr_merrogYLNp1r44tsuo1_1280.jpg
[12/09/2016 - 10:29:46 | A | 36 Ko] - G:\obrazky\klecici-u-nohou-pani.webnote.cz.jpg
[12/09/2016 - 10:28:00 | A | 20 Ko] - G:\obrazky\femina.cz.jpg
[12/09/2016 - 10:23:12 | A | 27 Ko] - G:\obrazky\pinterest.com
[12/09/2016 - 10:28:38 | A | 283 Ko] - G:\obrazky\vibratory.net.jpg
[01/09/2016 - 15:43:10 | A | 106 Ko] - G:\obrazky\Mapa-polotovar.gif
[01/09/2016 - 16:16:40 | A | 50 Ko] - G:\obrazky\wallpaper-weird-man-slave-of-woman.jpg
[01/09/2016 - 16:08:46 | A | 54 Ko] - G:\obrazky\nasenovinky.sk.d156f13aa6cd2e6339dd0a93fc24dcaa-crop-0-0-302x400-resize-580
[01/09/2016 - 16:10:34 | A | 10 Ko] - G:\obrazky\www.cosmiq.de.jpg
[01/09/2016 - 15:43:26 | A | 172 Ko] - G:\obrazky\Mapa hotová.jpg
[22/08/2016 - 18:21:34 | A | 18 Ko] - G:\AJ-zk-phd\Sprachalova-CV.docx
[19/08/2016 - 19:02:44 | A | 11 Ko] - G:\AJ-zk-phd\PROJEKT-AJ-GOOGLE.docx.docx
[12/08/2016 - 10:33:12 | A | 22 Ko] - G:\AJ-zk-phd\PROJEKT-oficiální-verze.docx
[22/08/2016 - 18:18:38 | A | 18 Ko] - G:\AJ-zk-phd\CV-AKTUALIZACE.docx.docx
[10/09/2016 - 10:32:02 | A | 35 Ko] - G:\AJ-zk-phd\PhD_Sprachalova_AJ_OPRAVA.docx
[16/09/2016 - 00:02:10 | A | 13 Ko] - G:\AJ-zk-phd\Notes.docx
[16/09/2016 - 01:03:38 | A | 23 Ko] - G:\AJ-zk-phd\PhD. zkrácená verze.docx
[10/09/2016 - 15:28:44 | A | 161 Ko] - G:\PROFINY SAMOTNÉ\Mapa-PROFINY.jpg
[10/09/2016 - 14:55:22 | A | 6 Ko] - G:\PROFINY SAMOTNÉ\PROFINY-soubor.sav
[10/09/2016 - 14:55:06 | A | 1 Ko] - G:\PROFINY SAMOTNÉ\Syntax-Profiny.sps
[10/09/2016 - 14:55:00 | A | 45 Ko] - G:\PROFINY SAMOTNÉ\Output-profiny.spv
[10/09/2016 - 16:08:46 | A | 0 Ko] - G:\KOMUNITKY SAMOTNÉ\Syntax-komunitky.sps
[10/09/2016 - 16:08:28 | A | 34 Ko] - G:\KOMUNITKY SAMOTNÉ\Output-komunitky.spv
[10/09/2016 - 16:25:50 | A | 170 Ko] - G:\KOMUNITKY SAMOTNÉ\Mapa-KOMUNITKY.jpg
[12/09/2016 - 22:39:36 | A | 16 Ko] - G:\KOMUNITKY SAMOTNÉ\Output-komunitky-age.spv
[12/09/2016 - 22:40:02 | A | 1 Ko] - G:\KOMUNITKY SAMOTNÉ\Syntax-komunitky-age.sps
[12/09/2016 - 22:40:20 | A | 21 Ko] - G:\KOMUNITKY SAMOTNÉ\Dataset-komunitky.sav
Analysed in 316.7 seconds
################## | E.O.F | https://www.sosvirus.net/ | https://www.usb-antivirus.com/ |
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný PC a fleshka
Flešku můžete odpojit a spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný PC a fleshka
# AdwCleaner v6.021 - Logfile created 09/10/2016 at 13:00:27
# Updated on 06/10/2016 by ToolsLib
# Database : 2016-10-07.1 [Server]
# Operating System : Windows 8.1 Connected (X64)
# Username : Lucis - LENOVO-LUCIS
# Running from : C:\Users\Lucis\Desktop\adwcleaner_6.021.exe
# Mode: Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKU\S-1-5-21-940599705-2722358779-2826560887-1001\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\adawarebp
***** [ Web browsers ] *****
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.ask.com
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: home.sweetim.com
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: >
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://home.sweetim.com/?barid={EEC1E9E0-BE11-11E2-AEB6-0015F2A01CA7}&crg=3.1010000.10039&st=23
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 883-88&t=4
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3603 Bytes] - [25/06/2016 11:59:39]
C:\AdwCleaner\AdwCleaner[C2].txt - [1769 Bytes] - [09/10/2016 13:00:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [4010 Bytes] - [25/06/2016 11:57:05]
C:\AdwCleaner\AdwCleaner[S2].txt - [2114 Bytes] - [09/10/2016 12:59:19]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1988 Bytes] ##########
# Updated on 06/10/2016 by ToolsLib
# Database : 2016-10-07.1 [Server]
# Operating System : Windows 8.1 Connected (X64)
# Username : Lucis - LENOVO-LUCIS
# Running from : C:\Users\Lucis\Desktop\adwcleaner_6.021.exe
# Mode: Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled Tasks ] *****
***** [ Registry ] *****
[-] Key deleted: HKU\S-1-5-21-940599705-2722358779-2826560887-1001\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\adawarebp
***** [ Web browsers ] *****
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.ask.com
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: home.sweetim.com
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: >
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://home.sweetim.com/?barid={EEC1E9E0-BE11-11E2-AEB6-0015F2A01CA7}&crg=3.1010000.10039&st=23
[-] [C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 883-88&t=4
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3603 Bytes] - [25/06/2016 11:59:39]
C:\AdwCleaner\AdwCleaner[C2].txt - [1769 Bytes] - [09/10/2016 13:00:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [4010 Bytes] - [25/06/2016 11:57:05]
C:\AdwCleaner\AdwCleaner[S2].txt - [2114 Bytes] - [09/10/2016 12:59:19]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1988 Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný PC a fleshka
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný PC a fleshka
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lucis at 2016-10-09 20:12:51
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 402 GB (92%) free of 435 GB
Total RAM: 3979 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:53, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lucis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 9019 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 1084657193616
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {fdc1ffd9-3802-4f16-8cf57b5083f9bc04}
"C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss adeda1e8-0d04-40fb-8af8-a567592efe1c 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe 0x4
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxHK.exe
igfxTray.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\windows\system32\igfxEM.exe" -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
szndesktop.exe default start
"C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C2].txt
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x144
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4348.0.1981756828\1184413248" --mojo-application-channel-token=17A4C13BAA9BD1C7423C2BF39AD834BB --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --gpu-driver-date=3-11-2014 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1140 --mojo-platform-channel-handle=1240 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=293610CCE7D3EB5DA9241417D5315658 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E04BAB18736CD81266B45EDA336E268A --mojo-application-channel-token=293610CCE7D3EB5DA9241417D5315658 --channel="4348.3.1476147911\1149374002" --mojo-platform-channel-handle=2904 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=30CA825467654BC611AF3510BCD168A5 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BD1BF0267A5FEDB3C2F8E6E18FB4A192 --mojo-application-channel-token=30CA825467654BC611AF3510BCD168A5 --channel="4348.4.1298742398\1469857130" --mojo-platform-channel-handle=2932 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7B0B47D4732B5AE5569727B8A203FF1B --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=AD4D608061213966D799F23CC213D7A5 --mojo-application-channel-token=7B0B47D4732B5AE5569727B8A203FF1B --channel="4348.5.1052123454\1872385340" --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=8DD915FEA005D7515353B9CCAFFBDDD4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=3392ED1D81C7DAE00F49CC762D3A541D --mojo-application-channel-token=8DD915FEA005D7515353B9CCAFFBDDD4 --channel="4348.9.1516723924\1924796023" --mojo-platform-channel-handle=7204 /prefetch:1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {63D29AC1-B8F1-4251-A147-297DBBEC26D0}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=8A721D7C714A47C19E9CDDFC6DCBDDFE --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=7B564F7A50B713AC67439E5B60E29EF8 --mojo-application-channel-token=8A721D7C714A47C19E9CDDFC6DCBDDFE --channel="4348.12.95380693\994317124" --mojo-platform-channel-handle=8136 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7B7CA822B7C3620FC9904DF1341AB054 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2BAA01844264C279F80AD6F048EFD45B --mojo-application-channel-token=7B7CA822B7C3620FC9904DF1341AB054 --channel="4348.13.104319510\363683364" --mojo-platform-channel-handle=3568 /prefetch:1
"C:\Users\Lucis\Desktop\RSITx64.exe"
C:\windows\System32\ThumbnailExtractionHost.exe -Embedding
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-12 948792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-12 713440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-16 2403104]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-07-16 1283136]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [2016-07-18 9571552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 10:56:16 ----D---- C:\UsbFix
2016-09-15 18:46:27 ----A---- C:\windows\system32\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2016-09-15 18:46:25 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv2.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv.sys
2016-09-15 18:46:24 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\schannel.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\lsasrv.dll
2016-09-15 18:46:23 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-09-15 18:46:17 ----A---- C:\windows\system32\mshtml.dll
2016-09-15 18:46:16 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\jscript9.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\system32\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\system32\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\urlmon.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\msfeeds.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\inetcomm.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\iertutil.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\ieapfltr.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\certcli.dll
2016-09-15 18:45:43 ----A---- C:\windows\system32\ntoskrnl.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winresume.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winload.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\ntdll.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanmm.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanconn.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\pnidui.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\csrsrv.dll
2016-09-15 18:45:40 ----A---- C:\windows\SYSWOW64\user32.dll
2016-09-15 18:45:40 ----A---- C:\windows\system32\win32k.sys
2016-09-15 18:45:40 ----A---- C:\windows\system32\user32.dll
2016-09-14 10:50:35 ----D---- C:\Users\Lucis\AppData\Roaming\Lavasoft
2016-09-14 10:26:26 ----D---- C:\Users\Lucis\AppData\Roaming\LavasoftStatistics
2016-09-14 10:25:16 ----D---- C:\Program Files\Lavasoft
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files\Lavasoft
2016-09-14 10:21:45 ----D---- C:\ProgramData\Lavasoft
2016-09-12 21:21:28 ----A---- C:\windows\system32\aswBoot.exe
2016-09-12 21:21:18 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2016-10-09 20:12:52 ----D---- C:\Program Files\trend micro
2016-10-09 20:12:29 ----D---- C:\windows\system32\sru
2016-10-09 13:14:06 ----D---- C:\windows\Temp
2016-10-09 13:11:00 ----D---- C:\windows\Prefetch
2016-10-09 13:08:18 ----RAD---- C:\windows\System32
2016-10-09 13:08:18 ----D---- C:\windows\Inf
2016-10-09 13:08:18 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-10-09 13:07:27 ----D---- C:\Users\Lucis\AppData\Roaming\Seznam.cz
2016-10-09 13:00:27 ----D---- C:\AdwCleaner
2016-10-09 11:25:02 ----D---- C:\windows\system32\drivers
2016-10-08 11:28:54 ----D---- C:\windows\Microsoft.NET
2016-10-08 11:12:04 ----SHD---- C:\System Volume Information
2016-10-04 21:30:45 ----HD---- C:\ProgramData
2016-10-04 20:37:45 ----D---- C:\windows\system32\config
2016-10-04 20:36:23 ----D---- C:\windows\system32\Tasks
2016-10-04 20:33:22 ----SHD---- C:\windows\Installer
2016-09-26 21:01:57 ----D---- C:\windows\WinSxS
2016-09-26 20:20:50 ----D---- C:\windows\rescache
2016-09-23 00:01:52 ----D---- C:\windows\system32\NDF
2016-09-22 07:10:28 ----D---- C:\windows\CbsTemp
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\en-US
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-22 07:10:19 ----D---- C:\windows\system32\en-US
2016-09-22 07:10:19 ----D---- C:\windows\system32\cs-CZ
2016-09-18 16:47:01 ----D---- C:\windows\debug
2016-09-18 16:16:10 ----AD---- C:\Windows
2016-09-18 01:30:30 ----D---- C:\windows\SysWOW64
2016-09-18 01:30:29 ----D---- C:\Program Files\Internet Explorer
2016-09-18 01:30:29 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-17 19:56:52 ----D---- C:\windows\SoftwareDistribution
2016-09-17 19:52:33 ----D---- C:\Users\Lucis\AppData\Roaming\vlc
2016-09-15 21:06:13 ----D---- C:\windows\system32\MRT
2016-09-15 20:54:31 ----AC---- C:\windows\system32\MRT.exe
2016-09-15 18:44:42 ----D---- C:\windows\system32\catroot2
2016-09-14 10:25:16 ----RD---- C:\Program Files
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-09-12 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-09-12 292704]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2016-09-12 37144]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-09-12 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-09-12 108816]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-09-12 163416]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2011-03-18 11576]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmaux;@oem17.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 CnxtHdAudService;@oem13.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ibtusb;@oem18.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 NETwNb64;@oem19.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-06-01 3443680]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2014-07-23 12732248]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-16 19288]
R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 SNP2UVC;@oem22.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-16 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S1 oykwrbue;oykwrbue; \??\C:\windows\system32\drivers\oykwrbue.sys []
S3 ACPIVPC;@oem25.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-06 35576]
S3 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-09-12 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 KMWDFILTER;HIDServiceDesc; C:\windows\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys []
S3 Trufos;Trufos; C:\windows\system32\DRIVERS\Trufos.sys [2016-04-28 485512]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 WDC_SAM;@oem29.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\windows\System32\drivers\wdcsam64.sys [2015-11-12 26880]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-12 197128]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-01-22 130008]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [2016-07-18 732056]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-06 198192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-16 1719640]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-16 18954072]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-07-23 931288]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Run by Lucis at 2016-10-09 20:12:51
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 402 GB (92%) free of 435 GB
Total RAM: 3979 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:53, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lucis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 9019 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 1084657193616
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {fdc1ffd9-3802-4f16-8cf57b5083f9bc04}
"C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss adeda1e8-0d04-40fb-8af8-a567592efe1c 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe 0x4
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxHK.exe
igfxTray.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\windows\system32\igfxEM.exe" -Embedding
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
szndesktop.exe default start
"C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C2].txt
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0x144
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4348.0.1981756828\1184413248" --mojo-application-channel-token=17A4C13BAA9BD1C7423C2BF39AD834BB --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --gpu-driver-date=3-11-2014 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1140 --mojo-platform-channel-handle=1240 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=293610CCE7D3EB5DA9241417D5315658 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=E04BAB18736CD81266B45EDA336E268A --mojo-application-channel-token=293610CCE7D3EB5DA9241417D5315658 --channel="4348.3.1476147911\1149374002" --mojo-platform-channel-handle=2904 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=30CA825467654BC611AF3510BCD168A5 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=BD1BF0267A5FEDB3C2F8E6E18FB4A192 --mojo-application-channel-token=30CA825467654BC611AF3510BCD168A5 --channel="4348.4.1298742398\1469857130" --mojo-platform-channel-handle=2932 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7B0B47D4732B5AE5569727B8A203FF1B --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=AD4D608061213966D799F23CC213D7A5 --mojo-application-channel-token=7B0B47D4732B5AE5569727B8A203FF1B --channel="4348.5.1052123454\1872385340" --mojo-platform-channel-handle=3052 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=8DD915FEA005D7515353B9CCAFFBDDD4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=3392ED1D81C7DAE00F49CC762D3A541D --mojo-application-channel-token=8DD915FEA005D7515353B9CCAFFBDDD4 --channel="4348.9.1516723924\1924796023" --mojo-platform-channel-handle=7204 /prefetch:1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskeng.exe {63D29AC1-B8F1-4251-A147-297DBBEC26D0}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=8A721D7C714A47C19E9CDDFC6DCBDDFE --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=7B564F7A50B713AC67439E5B60E29EF8 --mojo-application-channel-token=8A721D7C714A47C19E9CDDFC6DCBDDFE --channel="4348.12.95380693\994317124" --mojo-platform-channel-handle=8136 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/Default/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PluginPowerSaverTiny/Enabled/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/MonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_68/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=7B7CA822B7C3620FC9904DF1341AB054 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=2BAA01844264C279F80AD6F048EFD45B --mojo-application-channel-token=7B7CA822B7C3620FC9904DF1341AB054 --channel="4348.13.104319510\363683364" --mojo-platform-channel-handle=3568 /prefetch:1
"C:\Users\Lucis\Desktop\RSITx64.exe"
C:\windows\System32\ThumbnailExtractionHost.exe -Embedding
======Scheduled tasks folder======
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-12 948792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-12 713440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-16 2403104]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-07-16 1283136]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [2016-07-18 9571552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 10:56:16 ----D---- C:\UsbFix
2016-09-15 18:46:27 ----A---- C:\windows\system32\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2016-09-15 18:46:25 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv2.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv.sys
2016-09-15 18:46:24 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\schannel.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\lsasrv.dll
2016-09-15 18:46:23 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-09-15 18:46:17 ----A---- C:\windows\system32\mshtml.dll
2016-09-15 18:46:16 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\jscript9.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\system32\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\system32\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\urlmon.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\msfeeds.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\inetcomm.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\iertutil.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\ieapfltr.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\certcli.dll
2016-09-15 18:45:43 ----A---- C:\windows\system32\ntoskrnl.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winresume.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winload.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\ntdll.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanmm.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanconn.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\pnidui.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\csrsrv.dll
2016-09-15 18:45:40 ----A---- C:\windows\SYSWOW64\user32.dll
2016-09-15 18:45:40 ----A---- C:\windows\system32\win32k.sys
2016-09-15 18:45:40 ----A---- C:\windows\system32\user32.dll
2016-09-14 10:50:35 ----D---- C:\Users\Lucis\AppData\Roaming\Lavasoft
2016-09-14 10:26:26 ----D---- C:\Users\Lucis\AppData\Roaming\LavasoftStatistics
2016-09-14 10:25:16 ----D---- C:\Program Files\Lavasoft
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files\Lavasoft
2016-09-14 10:21:45 ----D---- C:\ProgramData\Lavasoft
2016-09-12 21:21:28 ----A---- C:\windows\system32\aswBoot.exe
2016-09-12 21:21:18 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2016-10-09 20:12:52 ----D---- C:\Program Files\trend micro
2016-10-09 20:12:29 ----D---- C:\windows\system32\sru
2016-10-09 13:14:06 ----D---- C:\windows\Temp
2016-10-09 13:11:00 ----D---- C:\windows\Prefetch
2016-10-09 13:08:18 ----RAD---- C:\windows\System32
2016-10-09 13:08:18 ----D---- C:\windows\Inf
2016-10-09 13:08:18 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-10-09 13:07:27 ----D---- C:\Users\Lucis\AppData\Roaming\Seznam.cz
2016-10-09 13:00:27 ----D---- C:\AdwCleaner
2016-10-09 11:25:02 ----D---- C:\windows\system32\drivers
2016-10-08 11:28:54 ----D---- C:\windows\Microsoft.NET
2016-10-08 11:12:04 ----SHD---- C:\System Volume Information
2016-10-04 21:30:45 ----HD---- C:\ProgramData
2016-10-04 20:37:45 ----D---- C:\windows\system32\config
2016-10-04 20:36:23 ----D---- C:\windows\system32\Tasks
2016-10-04 20:33:22 ----SHD---- C:\windows\Installer
2016-09-26 21:01:57 ----D---- C:\windows\WinSxS
2016-09-26 20:20:50 ----D---- C:\windows\rescache
2016-09-23 00:01:52 ----D---- C:\windows\system32\NDF
2016-09-22 07:10:28 ----D---- C:\windows\CbsTemp
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\en-US
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-22 07:10:19 ----D---- C:\windows\system32\en-US
2016-09-22 07:10:19 ----D---- C:\windows\system32\cs-CZ
2016-09-18 16:47:01 ----D---- C:\windows\debug
2016-09-18 16:16:10 ----AD---- C:\Windows
2016-09-18 01:30:30 ----D---- C:\windows\SysWOW64
2016-09-18 01:30:29 ----D---- C:\Program Files\Internet Explorer
2016-09-18 01:30:29 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-17 19:56:52 ----D---- C:\windows\SoftwareDistribution
2016-09-17 19:52:33 ----D---- C:\Users\Lucis\AppData\Roaming\vlc
2016-09-15 21:06:13 ----D---- C:\windows\system32\MRT
2016-09-15 20:54:31 ----AC---- C:\windows\system32\MRT.exe
2016-09-15 18:44:42 ----D---- C:\windows\system32\catroot2
2016-09-14 10:25:16 ----RD---- C:\Program Files
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-09-12 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-09-12 292704]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2016-09-12 37144]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-09-12 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-09-12 108816]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-09-12 163416]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2011-03-18 11576]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmaux;@oem17.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 CnxtHdAudService;@oem13.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ibtusb;@oem18.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 NETwNb64;@oem19.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-06-01 3443680]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2014-07-23 12732248]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-16 19288]
R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 SNP2UVC;@oem22.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-16 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S1 oykwrbue;oykwrbue; \??\C:\windows\system32\drivers\oykwrbue.sys []
S3 ACPIVPC;@oem25.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-06 35576]
S3 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-09-12 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 KMWDFILTER;HIDServiceDesc; C:\windows\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys []
S3 Trufos;Trufos; C:\windows\system32\DRIVERS\Trufos.sys [2016-04-28 485512]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 WDC_SAM;@oem29.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\windows\System32\drivers\wdcsam64.sys [2015-11-12 26880]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-12 197128]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-01-22 130008]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [2016-07-18 732056]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-06 198192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-16 1719640]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-16 18954072]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-07-23 931288]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný PC a fleshka
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
:services
oykwrbue
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný PC a fleshka
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lucis at 2016-10-09 22:49:59
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 403 GB (93%) free of 435 GB
Total RAM: 3979 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:50:01, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Lucis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 8527 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 1066015850832
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {87319CBE-E1C2-48C9-BA5C-11D9BD4DE692}
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {7ceb1c97-9ec6-4265-ae8c92e8b0dcb5c4}
"C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss adeda1e8-0d04-40fb-8af8-a567592efe1c 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe 0x4
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
szndesktop.exe default start
"C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lucis\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-12 948792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-12 713440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-16 2403104]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-07-16 1283136]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [2016-07-18 9571552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 22:47:44 ----D---- C:\_OTM
2016-10-09 10:56:16 ----D---- C:\UsbFix
2016-09-15 18:46:27 ----A---- C:\windows\system32\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2016-09-15 18:46:25 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv2.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv.sys
2016-09-15 18:46:24 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\schannel.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\lsasrv.dll
2016-09-15 18:46:23 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-09-15 18:46:17 ----A---- C:\windows\system32\mshtml.dll
2016-09-15 18:46:16 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\jscript9.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\system32\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\system32\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\urlmon.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\msfeeds.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\inetcomm.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\iertutil.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\ieapfltr.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\certcli.dll
2016-09-15 18:45:43 ----A---- C:\windows\system32\ntoskrnl.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winresume.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winload.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\ntdll.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanmm.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanconn.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\pnidui.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\csrsrv.dll
2016-09-15 18:45:40 ----A---- C:\windows\SYSWOW64\user32.dll
2016-09-15 18:45:40 ----A---- C:\windows\system32\win32k.sys
2016-09-15 18:45:40 ----A---- C:\windows\system32\user32.dll
2016-09-14 10:50:35 ----D---- C:\Users\Lucis\AppData\Roaming\Lavasoft
2016-09-14 10:26:26 ----D---- C:\Users\Lucis\AppData\Roaming\LavasoftStatistics
2016-09-14 10:25:16 ----D---- C:\Program Files\Lavasoft
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files\Lavasoft
2016-09-14 10:21:45 ----D---- C:\ProgramData\Lavasoft
2016-09-12 21:21:28 ----A---- C:\windows\system32\aswBoot.exe
2016-09-12 21:21:18 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2016-10-09 22:50:00 ----D---- C:\Program Files\trend micro
2016-10-09 22:49:46 ----D---- C:\windows\Temp
2016-10-09 22:48:44 ----RAD---- C:\windows\System32
2016-10-09 22:48:44 ----D---- C:\windows\Inf
2016-10-09 22:48:44 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-10-09 22:47:44 ----D---- C:\windows\Tasks
2016-10-09 22:47:17 ----D---- C:\windows\Prefetch
2016-10-09 22:45:13 ----D---- C:\windows\system32\sru
2016-10-09 13:07:27 ----D---- C:\Users\Lucis\AppData\Roaming\Seznam.cz
2016-10-09 13:00:27 ----D---- C:\AdwCleaner
2016-10-09 11:25:02 ----D---- C:\windows\system32\drivers
2016-10-08 11:28:54 ----D---- C:\windows\Microsoft.NET
2016-10-08 11:12:04 ----SHD---- C:\System Volume Information
2016-10-04 21:30:45 ----HD---- C:\ProgramData
2016-10-04 20:37:45 ----D---- C:\windows\system32\config
2016-10-04 20:36:23 ----D---- C:\windows\system32\Tasks
2016-10-04 20:33:22 ----SHD---- C:\windows\Installer
2016-09-26 21:01:57 ----D---- C:\windows\WinSxS
2016-09-26 20:20:50 ----D---- C:\windows\rescache
2016-09-23 00:01:52 ----D---- C:\windows\system32\NDF
2016-09-22 07:10:28 ----D---- C:\windows\CbsTemp
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\en-US
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-22 07:10:19 ----D---- C:\windows\system32\en-US
2016-09-22 07:10:19 ----D---- C:\windows\system32\cs-CZ
2016-09-18 16:47:01 ----D---- C:\windows\debug
2016-09-18 16:16:10 ----AD---- C:\Windows
2016-09-18 01:30:30 ----D---- C:\windows\SysWOW64
2016-09-18 01:30:29 ----D---- C:\Program Files\Internet Explorer
2016-09-18 01:30:29 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-17 19:56:52 ----D---- C:\windows\SoftwareDistribution
2016-09-17 19:52:33 ----D---- C:\Users\Lucis\AppData\Roaming\vlc
2016-09-15 21:06:13 ----D---- C:\windows\system32\MRT
2016-09-15 20:54:31 ----AC---- C:\windows\system32\MRT.exe
2016-09-15 18:44:42 ----D---- C:\windows\system32\catroot2
2016-09-14 10:25:16 ----RD---- C:\Program Files
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-09-12 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-09-12 292704]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2016-09-12 37144]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-09-12 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-09-12 108816]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-09-12 163416]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2011-03-18 11576]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmaux;@oem17.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 CnxtHdAudService;@oem13.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ibtusb;@oem18.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 NETwNb64;@oem19.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-06-01 3443680]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2014-07-23 12732248]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-16 19288]
R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 SNP2UVC;@oem22.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-16 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 ACPIVPC;@oem25.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-06 35576]
S3 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-09-12 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 KMWDFILTER;HIDServiceDesc; C:\windows\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys []
S3 Trufos;Trufos; C:\windows\system32\DRIVERS\Trufos.sys [2016-04-28 485512]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 WDC_SAM;@oem29.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\windows\System32\drivers\wdcsam64.sys [2015-11-12 26880]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-12 197128]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-01-22 130008]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [2016-07-18 732056]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-06 198192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-16 1719640]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-16 18954072]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-07-23 931288]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Run by Lucis at 2016-10-09 22:49:59
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 403 GB (93%) free of 435 GB
Total RAM: 3979 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:50:01, on 9. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Lucis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 8527 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 1066015850832
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {87319CBE-E1C2-48C9-BA5C-11D9BD4DE692}
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {7ceb1c97-9ec6-4265-ae8c92e8b0dcb5c4}
"C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss adeda1e8-0d04-40fb-8af8-a567592efe1c 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe 0x4
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe" -c
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
szndesktop.exe default start
"C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe 0x4
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lucis\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-12 948792]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-12 713440]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-16 2403104]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-07-16 1283136]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]
""= []
"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe [2016-07-18 9571552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lucis\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LavasoftAdAwareService11]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-10-09 22:47:44 ----D---- C:\_OTM
2016-10-09 10:56:16 ----D---- C:\UsbFix
2016-09-15 18:46:27 ----A---- C:\windows\system32\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\Windows.Data.Pdf.dll
2016-09-15 18:46:26 ----A---- C:\windows\SYSWOW64\glcndFilter.dll
2016-09-15 18:46:26 ----A---- C:\windows\system32\Windows.Data.Pdf.dll
2016-09-15 18:46:25 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\oleaut32.dll
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srvnet.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv2.sys
2016-09-15 18:46:25 ----A---- C:\windows\system32\drivers\srv.sys
2016-09-15 18:46:24 ----A---- C:\windows\SYSWOW64\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\schannel.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\ncryptsslp.dll
2016-09-15 18:46:24 ----A---- C:\windows\system32\lsasrv.dll
2016-09-15 18:46:23 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-09-15 18:46:17 ----A---- C:\windows\system32\mshtml.dll
2016-09-15 18:46:16 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\jscript9.dll
2016-09-15 18:46:11 ----A---- C:\windows\system32\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-09-15 18:46:10 ----A---- C:\windows\system32\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-09-15 18:46:09 ----A---- C:\windows\SYSWOW64\actxprxy.dll
2016-09-15 18:46:09 ----A---- C:\windows\system32\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\vbscript.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\urlmon.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\msfeeds.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\inetcomm.dll
2016-09-15 18:46:08 ----A---- C:\windows\system32\iertutil.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2016-09-15 18:46:07 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\jscript.dll
2016-09-15 18:46:07 ----A---- C:\windows\system32\ieapfltr.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\sspicli.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\msv1_0.dll
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-09-15 18:45:47 ----A---- C:\windows\system32\certcli.dll
2016-09-15 18:45:43 ----A---- C:\windows\system32\ntoskrnl.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winresume.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\winload.exe
2016-09-15 18:45:42 ----A---- C:\windows\system32\ntdll.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanmm.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\wwanconn.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\pnidui.dll
2016-09-15 18:45:41 ----A---- C:\windows\system32\csrsrv.dll
2016-09-15 18:45:40 ----A---- C:\windows\SYSWOW64\user32.dll
2016-09-15 18:45:40 ----A---- C:\windows\system32\win32k.sys
2016-09-15 18:45:40 ----A---- C:\windows\system32\user32.dll
2016-09-14 10:50:35 ----D---- C:\Users\Lucis\AppData\Roaming\Lavasoft
2016-09-14 10:26:26 ----D---- C:\Users\Lucis\AppData\Roaming\LavasoftStatistics
2016-09-14 10:25:16 ----D---- C:\Program Files\Lavasoft
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files\Lavasoft
2016-09-14 10:21:45 ----D---- C:\ProgramData\Lavasoft
2016-09-12 21:21:28 ----A---- C:\windows\system32\aswBoot.exe
2016-09-12 21:21:18 ----A---- C:\windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2016-10-09 22:50:00 ----D---- C:\Program Files\trend micro
2016-10-09 22:49:46 ----D---- C:\windows\Temp
2016-10-09 22:48:44 ----RAD---- C:\windows\System32
2016-10-09 22:48:44 ----D---- C:\windows\Inf
2016-10-09 22:48:44 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-10-09 22:47:44 ----D---- C:\windows\Tasks
2016-10-09 22:47:17 ----D---- C:\windows\Prefetch
2016-10-09 22:45:13 ----D---- C:\windows\system32\sru
2016-10-09 13:07:27 ----D---- C:\Users\Lucis\AppData\Roaming\Seznam.cz
2016-10-09 13:00:27 ----D---- C:\AdwCleaner
2016-10-09 11:25:02 ----D---- C:\windows\system32\drivers
2016-10-08 11:28:54 ----D---- C:\windows\Microsoft.NET
2016-10-08 11:12:04 ----SHD---- C:\System Volume Information
2016-10-04 21:30:45 ----HD---- C:\ProgramData
2016-10-04 20:37:45 ----D---- C:\windows\system32\config
2016-10-04 20:36:23 ----D---- C:\windows\system32\Tasks
2016-10-04 20:33:22 ----SHD---- C:\windows\Installer
2016-09-26 21:01:57 ----D---- C:\windows\WinSxS
2016-09-26 20:20:50 ----D---- C:\windows\rescache
2016-09-23 00:01:52 ----D---- C:\windows\system32\NDF
2016-09-22 07:10:28 ----D---- C:\windows\CbsTemp
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\en-US
2016-09-22 07:10:19 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-09-22 07:10:19 ----D---- C:\windows\system32\en-US
2016-09-22 07:10:19 ----D---- C:\windows\system32\cs-CZ
2016-09-18 16:47:01 ----D---- C:\windows\debug
2016-09-18 16:16:10 ----AD---- C:\Windows
2016-09-18 01:30:30 ----D---- C:\windows\SysWOW64
2016-09-18 01:30:29 ----D---- C:\Program Files\Internet Explorer
2016-09-18 01:30:29 ----D---- C:\Program Files (x86)\Internet Explorer
2016-09-17 19:56:52 ----D---- C:\windows\SoftwareDistribution
2016-09-17 19:52:33 ----D---- C:\Users\Lucis\AppData\Roaming\vlc
2016-09-15 21:06:13 ----D---- C:\windows\system32\MRT
2016-09-15 20:54:31 ----AC---- C:\windows\system32\MRT.exe
2016-09-15 18:44:42 ----D---- C:\windows\system32\catroot2
2016-09-14 10:25:16 ----RD---- C:\Program Files
2016-09-14 10:23:34 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-09-12 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-09-12 292704]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2016-09-12 37144]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-09-12 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-09-13 969184]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-09-26 513632]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-09-12 108816]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-09-12 163416]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2011-03-18 11576]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmaux;@oem17.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 CnxtHdAudService;@oem13.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ibtusb;@oem18.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 NETwNb64;@oem19.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-06-01 3443680]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2014-07-23 12732248]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-16 19288]
R3 nvvad_WaveExtensible;@oem9.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSUSBVSTOR;@oem23.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 SNP2UVC;@oem22.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-16 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 ACPIVPC;@oem25.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-06 35576]
S3 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-09-12 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 KMWDFILTER;HIDServiceDesc; C:\windows\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys []
S3 Trufos;Trufos; C:\windows\system32\DRIVERS\Trufos.sys [2016-04-28 485512]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 WDC_SAM;@oem29.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\windows\System32\drivers\wdcsam64.sys [2015-11-12 26880]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-12 197128]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-01-22 130008]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe [2016-07-18 732056]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-06 198192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-16 1719640]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-16 18954072]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-07-23 931288]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-25 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný PC a fleshka
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný PC a fleshka
Dobrý večer,
omlouvám se, že jsem tak dlouho nic nenapsal, ale nebyl čas řešit tento problém. Bohužel problémy stále přetrvávají, samy se otvírají náhodné stránky a počítač běží pomalu.
omlouvám se, že jsem tak dlouho nic nenapsal, ale nebyl čas řešit tento problém. Bohužel problémy stále přetrvávají, samy se otvírají náhodné stránky a počítač běží pomalu.
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný PC a fleshka
Zkuste ještě následující skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný PC a fleshka
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Lucis on p 04. 11. 2016 at 22:34:28,10.
Microsoft Windows 8.1 s aplikací Bing 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lucis\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
4. 11. 2016 22:36:24 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Cyberlink deleted successfully
C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~3\Energy Manager deleted successfully
C:\PROGRA~3\Office2013 deleted successfully
C:\Users\Lucis\AppData\Local\EmieSiteList deleted successfully
C:\Users\Lucis\AppData\Local\EmieUserList deleted successfully
C:\Users\Lucis\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-940599705-2722358779-2826560887-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Cyberlink not found
C:\PROGRA~2\New Folder not found
C:\windows\sysWoW64\config\systemprofile\.android deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\windows\Installer\a429c3f5.msi" deleted
==== Orphaned Tasks deleted from Registry ======================
avast Emergency Update deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [12. 09. 2016 20:21]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [12. 09. 2016 20:21]
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
Tab Renamer - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\abcbihpomahklkagggfdflojebciibpk
Seznam Lištička - Email - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LištiÄŤka - SlovnĂk - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Avast SafePrice - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Seznam Lištička - Rychlá volba - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Fix ======================
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lookingforlyrics.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lookingforlyrics.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cs.reimageplus.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cs.reimageplus.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_msaver.ru_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_msaver.ru_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.sunmaker.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.sunmaker.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{15380D9A-98DC-4042-9334-08BE85410C82}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{15380D9A-98DC-4042-9334-08BE85410C82} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\Wow6432Node\SearchScopes\{15380D9A-98DC-4042-9334-08BE85410C82} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} - http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}
HKCU\SearchScopes\{15380D9A-98DC-4042-9334-08BE85410C82} - No_Url_Value
HKCU\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} - http://search.seznam.cz/?sourceid=quick ... earchTerms}
==== Reset Google Chrome ======================
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7286306383AF47A4383362CBE4CE3980 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{36036827-FA38-4A74-8333-26BC4EEC9308} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7286306383AF47A4383362CBE4CE3980 deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucis\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lucis\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=277 folders=137 117933965 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lucis\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Lucis\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 04. 11. 2016 at 23:01:04,96 ======================
Tool run by Lucis on p 04. 11. 2016 at 22:34:28,10.
Microsoft Windows 8.1 s aplikací Bing 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lucis\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
4. 11. 2016 22:36:24 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Cyberlink deleted successfully
C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~3\Energy Manager deleted successfully
C:\PROGRA~3\Office2013 deleted successfully
C:\Users\Lucis\AppData\Local\EmieSiteList deleted successfully
C:\Users\Lucis\AppData\Local\EmieUserList deleted successfully
C:\Users\Lucis\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-940599705-2722358779-2826560887-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Cyberlink not found
C:\PROGRA~2\New Folder not found
C:\windows\sysWoW64\config\systemprofile\.android deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\windows\Installer\a429c3f5.msi" deleted
==== Orphaned Tasks deleted from Registry ======================
avast Emergency Update deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [12. 09. 2016 20:21]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [12. 09. 2016 20:21]
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
Tab Renamer - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\abcbihpomahklkagggfdflojebciibpk
Seznam Lištička - Email - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LištiÄŤka - SlovnĂk - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Avast SafePrice - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Seznam Lištička - Rychlá volba - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Chrome Media Router - Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Fix ======================
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lookingforlyrics.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lookingforlyrics.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cs.reimageplus.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cs.reimageplus.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_msaver.ru_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_msaver.ru_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.sunmaker.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.sunmaker.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.williamhill.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.donation-tools.org_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.davebestdeals.com_0.localstorage-journal deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{15380D9A-98DC-4042-9334-08BE85410C82}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{15380D9A-98DC-4042-9334-08BE85410C82} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\Wow6432Node\SearchScopes\{15380D9A-98DC-4042-9334-08BE85410C82} - http://www.bing.com/search?q={searchTer ... TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} - http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}
HKCU\SearchScopes\{15380D9A-98DC-4042-9334-08BE85410C82} - No_Url_Value
HKCU\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} - http://search.seznam.cz/?sourceid=quick ... earchTerms}
==== Reset Google Chrome ======================
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7286306383AF47A4383362CBE4CE3980 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{36036827-FA38-4A74-8333-26BC4EEC9308} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7286306383AF47A4383362CBE4CE3980 deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lucis\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lucis\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=277 folders=137 117933965 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lucis\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Lucis\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 04. 11. 2016 at 23:01:04,96 ======================
Re: Zavirovaný PC a fleshka
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 8.1 Connected x64
Ran by Lucis (Administrator) on p 04. 11. 2016 at 23:02:25,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 6
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage-journal (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage-journal (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage (File)
Registry: 6
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15380D9A-98DC-4042-9334-08BE85410C82} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 04. 11. 2016 at 23:05:13,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 8.1 Connected x64
Ran by Lucis (Administrator) on p 04. 11. 2016 at 23:02:25,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 6
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage-journal (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage-journal (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal (File)
Successfully deleted: C:\Users\Lucis\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage (File)
Registry: 6
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15380D9A-98DC-4042-9334-08BE85410C82} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 04. 11. 2016 at 23:05:13,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný PC a fleshka
Zmenilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?
