Dobrý den,
na tátově počítači se objevilo policie varuje v prohlížeči Google Chrome. Po přeinstalaci Google Chrome se zdá vše OK. Eset nalezl JS/Mindspartk.C. Spybot nenalezl nic.
Logfile of random's system information tool 1.15 (written by random/random)
Run by Jarviness at 2017-03-02 19:06:52
Microsoft Windows 10 Home
System drive C: has 44 GB (39%) free of 114 GB
Total RAM: 4007 MB (54% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:06:56, on 2.3.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWoW64\DllHost.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Users\Jarviness\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\trend micro\Jarviness_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gfe_rd=cr&ei=sap ... gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll (file missing)
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Toolbar BHO - {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll (file missing)
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [RemoveNetSoftware] "C:\Program Files\NetSoftware\\rmNetSoftware.exe" /hst=logs.panelcz.gemius.com:80 /uid=2299671 /tck=1320741633 /rea=4 /ist=0
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jarviness\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [EEDSpeedLauncher] rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jarviness\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jarviness\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} (FormApps Plug-in) - https://eportal.cssz.cz/fas/page/active ... bff_cs.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Biometric and Context Agent Service (IntelBCAsvc) - Intel(R) Corporation - C:\Program Files\Intel\BCA\pabeSvc64.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12534 bytes
====== Enumerating Processes ======
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x2e4
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\BCA\pabeSvc64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\WINDOWS\system32\dashost.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=56.0.2924.87 --initial-client-data=0x250,0x254,0x258,0x24c,0x25c,0x72497598,0x724975bc,0x724975a4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=996 --on-initialized-event-handle=748 --parent-handle=752 /prefetch:6
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,PersistentHistograms<PersistentHistograms,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/*PersistentHistograms/NotEnabled/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,19,23,40,59,71 --gpu-vendor-id=0x8086 --gpu-device-id=0x0102 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4229 --gpu-driver-date=5-27-2015 --service-request-channel-token=9A72B24EEE7A50258855551E26666FDF --mojo-platform-channel-handle=1356 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,PersistentHistograms<PersistentHistograms,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/NotEnabled/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/WebFontsInterventionV2/Default/ --primordial-pipe-token=C273E0BB4D8BC0B4E1CACB38380A426E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.75 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=C273E0BB4D8BC0B4E1CACB38380A426E --renderer-client-id=8 --mojo-platform-channel-handle=2552 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,PersistentHistograms<PersistentHistograms,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/NotEnabled/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*WebFontsInterventionV2/Default/ --primordial-pipe-token=F4B9E603ADA22C5C5B26B8CC7CCF7A5F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.75 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=F4B9E603ADA22C5C5B26B8CC7CCF7A5F --renderer-client-id=7 --mojo-platform-channel-handle=4084 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,PersistentHistograms<PersistentHistograms,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/NotEnabled/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*WebFontsInterventionV2/Default/ --primordial-pipe-token=01C8212CBC05C4E56A7ADBF1E6CB366E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.75 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=01C8212CBC05C4E56A7ADBF1E6CB366E --renderer-client-id=6 --mojo-platform-channel-handle=4552 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,PersistentHistograms<PersistentHistograms,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/NotEnabled/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*WebFontsInterventionV2/Default/ --primordial-pipe-token=0718FAACAD6F3D1866B55EC75EFA29CB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.75 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=0718FAACAD6F3D1866B55EC75EFA29CB --renderer-client-id=5 --mojo-platform-channel-handle=4868 /prefetch:1
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutofillProfileCleanup<AutofillProfileCleanup,BlockSmallPluginContent<PluginPowerSaverTiny,*DefaultEnableGpuRasterization<DefaultEnableGpuRasterization,DisableFirstRunAutoImport<DisableFirstRunAutoImport,EnableSyncClientToServerCompression<EnableSyncClientToServerCompression,*ExpectCTReporting<ExpectCTReporting,*ExperimentalSwReporterEngine<SRTExperimentalEngineTrial,MediaFoundationH264Encoding<MediaFoundationH264Encoding,MetricsReporting<MetricsAndCrashSampling,*NegotiateTLS13<TLS13Negotiation,ParseHTMLOnMainThread<ParseHTMLOnMainThread,*PointerEvent<PointerEvent,PreferHtmlOverPlugins<Html5ByDefault,SecurityChip<SecurityChip,SubresourceFilter<SubresourceFilter,SwReporterExtendedSafeBrowsingFeature<SwReporterExtendedSafeBrowsingFeature,*TranslateRankerLogging<TranslateRankerLogging,*TranslateUI2016Q2<TranslateUI2016Q2 --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,PersistentHistograms<PersistentHistograms,SSLPostQuantumExperiment<SSLPostQuantum,SecurityWarningIconUpdate<SecurityWarningIconUpdate,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutofillProfileCleanup/Enabled/CaptivePortalInterstitial/Enabled/*ChromeChannelStable/Enabled/*ChromeSuggestionsTuning/Default/*ClientSideDetectionModel/Model0/DataReductionProxyUseQuic/Enabled10_NoControl/DefaultBrowserPromptStyle/ColoredIconOnWhiteInfoBar3/DefaultEnableGpuRasterization/Default/*DisallowFetchForDocWrittenScriptsInMainFrame/DocumentWriteScriptBlockGroup_20161208_Launch/EnableSyncClientToServerCompression/Enabled/ExpectCTReporting/ExpectCTReportingDisabled/ExtensionDeveloperModeWarning/Enabled/*Html5ByDefault/Enabled/*InstanceID/Enabled/MarkNonSecureAs/show-non-secure-passwords-cc-ui/*MediaFoundationH264Encoding/Enabled/MetricsAndCrashSampling/InReportingSample/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*ParseHTMLOnMainThread/Default/PasswordBranding/SmartLockBrandingSavePromptOnly/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/*PersistentHistograms/NotEnabled/PluginPowerSaverTiny/Enabled2/*QUIC/EnabledMaxBandwidthResumption/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/SRTExperimentalEngineTrial/Default/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingV4LocalDatabaseManagerEnabled/Default/*SecurityChip/Enabled/SecurityWarningIconUpdate/Control/SignInPasswordPromo/Enable3/*SiteIsolationExtensions/Enabled_100/*StrictSecureCookies/Enabled/*SubresourceFilter/EnabledForPhishingSites/*SwReporterExtendedSafeBrowsingFeature/Enabled/*TLS13Negotiation/Default/TranslateRankerLogging/TranslateRankerLoggingDefault/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_11/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*WebFontsInterventionV2/Default/ --primordial-pipe-token=1B613E3BF79EBC24456FB8D8A8B1ADBE --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.75 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=1B613E3BF79EBC24456FB8D8A8B1ADBE --renderer-client-id=4 --mojo-platform-channel-handle=3496 /prefetch:1
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
C:\WINDOWS\SysWoW64\DllHost.exe /Processid:{9F85A2DD-93C9-4195-8473-E4E863E03719}
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Users\Jarviness\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Users\Jarviness\Downloads\RSITx64.exe"
====== Scheduled tasks folder ======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore1d1c0a36cd5c026 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA1d1c0a36ce8d33e - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Norton WSC Integration - "C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\WSCStub.exe" /taskschd
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task v2 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\{04B3BE0A-28AB-40F7-8C38-1E687E4AC6C6} - C:\Windows\system32\pcalua.exe -a "C:\Users\Jarviness\Documents\MRP stažení\Účetnictví + daň z příjmu multiverze pro Windows verze 7.10.783\distr.exe" -d "C:\Users\Jarviness\Documents\MRP stažení\Účetnictví + daň z příjmu multiverze pro Windows verze 7.10.783"
C:\WINDOWS\system32\tasks\{065C713B-8CE1-4319-A576-EECEEBE3EC3F} - C:\Windows\system32\pcalua.exe -a "C:\Users\JARVIN~1\AppData\Local\Temp\Účetnictví + daň z příjmu multiverze pro Windows\setup.exe" -d "C:\Users\JARVIN~1\AppData\Local\Temp\Účetnictví + daň z příjmu multiverze pro Windows"
C:\WINDOWS\system32\tasks\{13F9705B-876F-4042-B729-3BD72039580B} - C:\Windows\system32\pcalua.exe -a C:\Users\Jarviness\Downloads\FSXDemo.exe -d C:\Users\Jarviness\Downloads
C:\WINDOWS\system32\tasks\{2562F14D-7424-4546-8E55-3873A4691C0F} - C:\Windows\system32\pcalua.exe -a "D:\Hry\Cenega Czech\Mafia\Setup.exe" -d "D:\Hry\Cenega Czech\Mafia"
C:\WINDOWS\system32\tasks\{F13D30CC-E539-49F9-93A6-E95BFA44EF20} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Jarviness\Desktop\flash\Mafia 1 – Plna Verze Hry – CZ\Game.exe" -d "C:\Users\Jarviness\Desktop\flash\Mafia 1 – Plna Verze Hry – CZ"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-1178627139-551152587-1051265069-1001 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose /background
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe" /immunize /silent /autoclose
C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe" /scan /cleanclose
C:\WINDOWS\system32\tasks\Norton 360\Norton Error Analyzer - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe /analyze
C:\WINDOWS\system32\tasks\Norton 360\Norton Error Processor - C:\Program Files (x86)\Norton 360\Engine\22.6.0.142\SymErr.exe /submit
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask - %SystemRoot%\System32\GWX\GWX.exe ms-gwx:upgradenotify ?page=upgradeReminder
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
=========Mozilla firefox=========
ProfilePath - C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://home.tb.ask.com/index.jhtml?ptb= ... =flvrunner"
prefs.js - "keyword.URL" - "http://search.tb.ask.com/search/GGmain. ... searchfor="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Allin1Convert_8h.com/Plugin]
"Description"=Allin1Convert Plugin
"Path"=C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\NP8hStub.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\searchplugins\
ask-web-search.xml
C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\addons.json
McAfee Security Scan Plus detection - extension - {e4f94d1e-2f53-401e-8885-681602c0ddd8}
Video DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\extensions.json
Allin1Convert - extension - 8hffxtbr@Allin1Convert_8h.com - C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\extensions\8hffxtbr@Allin1Convert_8h.com
McAfee Security Scan Plus - extension - {e4f94d1e-2f53-401e-8885-681602c0ddd8} - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
Norton Toolbar - extension - {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.1.3\coFFPlgn
PDF Architect Converter For Firefox - extension - FFPDFArchitectConverter@pdfarchitect.com - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
DownloadHelper - extension - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\pluginreg.dat
Plugin - Shockwave Flash - 15.0.0.246 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
Plugin - Adobe Acrobat - 11.0.10.32 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 11.0.10.32 - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.25.11 - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
Plugin - Silverlight Plug-In - 5.1.30514.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
Plugin - Foxit Reader Plugin for Mozilla - 2.2.4.414 - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
Plugin - VLC Web Plugin - 2.1.3.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
Plugin - Mindspark Toolbar Platform Plugin Stub - 1.0.2.0 - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\NP8hStub.dll
Plugin - FireFox PDF Architect Previewer - 1.1.83.9982 - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt\plugins\NPPDFArchitectPreviewerPlugin.dll
Plugin - NVIDIA 3D Vision - 7.17.13.1407 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
Plugin - NVIDIA 3D VISION - 7.17.13.1407 - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
=========Google Chrome=========
C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5616.1121.0.3
Homepage:
default_search_provider.search_url:
C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}]
"URL"=http://search.tb.ask.com/search/GGmain. ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}]
Toolbar BHO - C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15 988400]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-06-01 183216]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2015-06-01 411056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2015-06-01 453552]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 2114376]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-09-09 176440]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-09-23 457088]
"OneDrive"=C:\Users\Jarviness\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-02-28 1518304]
"EEDSpeedLauncher"=C:\WINDOWS\system32\eed_ec.dll [2014-12-02 3141120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Jarviness\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"RemoveNetSoftware"=C:\Program Files\NetSoftware\\rmNetSoftware.exe /hst=logs.panelcz.gemius.com:80 /uid=2299671 /tck=1320741633 /rea=4 /ist=0 []
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 451584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-03-02 19:06:52 ----D---- C:\rsit
2017-03-02 19:06:52 ----D---- C:\Program Files\trend micro
2017-03-02 17:53:16 ----A---- C:\WINDOWS\system32\sdnclean64.exe
====== List of files/folders modified in the last 1 month ======
2017-03-02 19:06:52 ----RD---- C:\Program Files
2017-03-02 19:06:26 ----D---- C:\WINDOWS\Prefetch
2017-03-02 19:06:22 ----D---- C:\WINDOWS\Temp
2017-03-02 19:05:23 ----D---- C:\WINDOWS\system32\sru
2017-03-02 19:05:23 ----D---- C:\WINDOWS\system32\catroot2
2017-03-02 18:39:11 ----D---- C:\ProgramData\firebird
2017-03-02 18:18:49 ----AD---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-03-02 18:08:14 ----D---- C:\WINDOWS\debug
2017-03-02 17:54:07 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-03-02 17:53:22 ----SD---- C:\ProgramData\Microsoft
2017-03-02 17:53:16 ----D---- C:\WINDOWS\System32
2017-03-02 14:39:03 ----D---- C:\WINDOWS\system32\NDF
2017-03-02 08:05:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-02 08:03:37 ----D---- C:\WINDOWS\AppReadiness
2017-03-02 08:03:36 ----HD---- C:\Program Files\WindowsApps
2017-03-02 07:52:17 ----D---- C:\WINDOWS\system32\SleepStudy
2017-03-01 14:31:36 ----RD---- C:\Program Files (x86)
2017-03-01 14:31:30 ----D---- C:\Program Files (x86)\Google
2017-03-01 09:45:03 ----D---- C:\WINDOWS\system32\config
2017-03-01 09:40:23 ----D---- C:\WINDOWS\WinSxS
2017-03-01 09:39:36 ----RD---- C:\WINDOWS\Microsoft.NET
2017-02-28 15:03:27 ----D---- C:\WINDOWS\LiveKernelReports
2017-02-28 10:00:19 ----D---- C:\WINDOWS\SysWOW64
2017-02-28 10:00:19 ----D---- C:\WINDOWS\CbsTemp
2017-02-28 10:00:15 ----D---- C:\WINDOWS\system32\MRT
2017-02-28 09:57:43 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-02-28 09:30:26 ----SHDC---- C:\WINDOWS\Installer
2017-02-28 09:23:01 ----SHD---- C:\System Volume Information
2017-02-28 09:17:54 ----D---- C:\WINDOWS\system32\Tasks
2017-02-07 11:21:44 ----D---- C:\WINDOWS\system32\FxsTmp
2017-02-06 20:48:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2016-11-24 84616]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-11-24 262792]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-11-24 197248]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2016-11-24 208520]
R1 EpfwLWF;@oem15.inf,%EpfwLWF_Desc%;ESET Personal Firewall; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2016-11-24 61568]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-12-20 27552]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2016-11-24 153216]
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [2013-07-10 11576]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-08-03 175616]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-07-16 589824]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-08-21 15488]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2016-07-16 108544]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll" = %windir%\system32\inetsrv\apphostsvc.dll
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-08-05 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPUserSvc_3b856;CDPUserSvc_3b856; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-11-24 2771848]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2015-06-02 244392]
R2 IntelBCAsvc;Intel(R) Biometric and Context Agent Service; C:\Program Files\Intel\BCA\pabeSvc64.exe [2016-05-06 3026584]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-08-03 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [2016-08-04 143664]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2016-09-21 4088608]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2016-11-24 235984]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2016-07-22 908256]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-09-09 651576]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\TimeBrokerServer.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S2 OneSyncSvc_3b856;Hostitel synchronizace_3b856; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-07-22 15736]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2016-05-13 194032]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_3b856;Služba zasílání zpráv_3b856; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-26 114800]
S3 PimIndexMaintenanceSvc_3b856;Data kontaktů_3b856; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-11-18 833728]
S3 TrueKeyServiceHelper;Intel Security True Key Helper Service; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2016-07-22 86864]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Policie varuje
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Policie varuje
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Policie varuje
# AdwCleaner v6.044 - Log vytvořen 02/03/2017 v 20:07:34
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-01.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Jarviness - JARVINESS-PC
# Spuštěno z : C:\Users\Jarviness\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Jarviness\AppData\Local\Allin1Convert_8h
[-] Složka smazána: C:\Users\Jarviness\AppData\LocalLow\Allin1Convert_8h
[-] Složka smazána: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\Allin1Convert_8h
[-] Složka smazána: C:\Program Files (x86)\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\Local\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\LocalLow\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Program Files (x86)\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\Local\Allin1Convert_8h
[-] Složka smazána: C:\Users\Jarviness\AppData\LocalLow\iac
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\LocalLow\IAC
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\LocalLow\Allin1Convert_8h
[-] Složka smazána: C:\Users\Jarviness\AppData\Roaming\OpenCandy
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Program Files (x86)\Allin1Convert_8h
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\searchplugins\ask-web-search.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[-] Klíč smazán: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\AppDataLow\Software\Allin1Convert_8h_is1
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Allin1Convert_8h_is1
[-] Klíč smazán: HKLM\SOFTWARE\Allin1Convert_8h
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Allin1Convert_8h_is1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\AppDataLow\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Allin1Convert_8h
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
[-] Klíč smazán: HKLM\SOFTWARE\MozillaPlugins\@Allin1Convert_8h.com/Plugin
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Firefox
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Internet Explorer
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248b3e95-17a4-482d-a8a8-6b3df4d05c35}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5e58cda9-3b21-4611-a859-26ee28950e61}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6874fade-02c8-4181-831a-fc7486cf1d74}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6c5561b6-3dd2-46b5-83be-eae744366046}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88e44198-d164-4ec0-b2c0-f679d866c6da}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f671c1b3-9776-426d-a350-55fb2d9b53f7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{248b3e95-17a4-482d-a8a8-6b3df4d05c35}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{248b3e95-17a4-482d-a8a8-6b3df4d05c35}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{27f49273-de3a-4111-90f9-6c474c37aefb}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{27f49273-de3a-4111-90f9-6c474c37aefb}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.Allin1Convert_8h.PseudoTransparentPlugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.Allin1Convert_8h.PseudoTransparentPlugin.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{39d4f1a1-a94d-4b7d-bf1d-7446308800ed}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{39d4f1a1-a94d-4b7d-bf1d-7446308800ed}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{443321f7-e46c-42f8-812b-f35e98cbb44f}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{443321f7-e46c-42f8-812b-f35e98cbb44f}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{5cde4714-32dc-473c-8194-0645e62c2e96}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{5cde4714-32dc-473c-8194-0645e62c2e96}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.Allin1Convert_8h.RadioSettings
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.Allin1Convert_8h.RadioSettings.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{7caefafc-9a1e-4bcc-94dd-bc7d8d52717a}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{7caefafc-9a1e-4bcc-94dd-bc7d8d52717a}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.Allin1Convert_8h.SettingsPlugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.Allin1Convert_8h.SettingsPlugin.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.Allin1Convert_8h.HTMLMenu
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.Allin1Convert_8h.HTMLMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{889f49d2-6cea-40be-be5f-7217485f9745}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{889f49d2-6cea-40be-be5f-7217485f9745}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.Allin1Convert_8h.ToolbarProtector
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.Allin1Convert_8h.ToolbarProtector.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{8f83d657-5993-4ffa-9aee-da0b20d828a7}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{8f83d657-5993-4ffa-9aee-da0b20d828a7}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.Allin1Convert_8h.FeedManager
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.Allin1Convert_8h.FeedManager.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{c8ef8f70-3807-424a-83f7-da06fd4dacf9}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{c8ef8f70-3807-424a-83f7-da06fd4dacf9}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.Allin1Convert_8h.Radio
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.Allin1Convert_8h.Radio.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{de0f6787-9d1c-42b7-a0b9-eac630f87902}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{de0f6787-9d1c-42b7-a0b9-eac630f87902}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{e4ef697f-434b-4dc7-a464-4412462206db}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{e4ef697f-434b-4dc7-a464-4412462206db}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.Allin1Convert_8h.HTMLPanel
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.Allin1Convert_8h.HTMLPanel.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{ef3f28c8-0330-4d18-b901-d24cb83e5aa1}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{ef3f28c8-0330-4d18-b901-d24cb83e5aa1}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.Allin1Convert_8h.MultipleButton
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.Allin1Convert_8h.MultipleButton.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{ef5db804-585b-472e-b415-bc63f8f01bf6}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{ef5db804-585b-472e-b415-bc63f8f01bf6}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.Allin1Convert_8h.ScriptButton
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.Allin1Convert_8h.ScriptButton.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{f2c368c5-9f44-4d43-89f3-a1cc87f1da96}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{f2c368c5-9f44-4d43-89f3-a1cc87f1da96}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{f99ddd9a-07d0-47ab-86f1-193533dd2c60}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{f99ddd9a-07d0-47ab-86f1-193533dd2c60}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.Allin1Convert_8h.ThirdPartyInstaller
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.Allin1Convert_8h.ThirdPartyInstaller.1
[#] Klíč smazán po restartu: {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4}
[#] Klíč smazán po restartu: {16976E15-10EA-44FD-804A-6ECBC9EBBFC7}
[#] Klíč smazán po restartu: {2561FD25-FE31-4E56-A120-AF7FEAAE3124}
[#] Klíč smazán po restartu: {4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
[#] Klíč smazán po restartu: {507C73BB-FC69-425E-8A49-9204F886B328}
[#] Klíč smazán po restartu: {6EC57031-1740-4151-93C5-C465D6063DD2}
[#] Klíč smazán po restartu: {76FC1003-0825-48BD-B59B-3B7A5754972C}
[#] Klíč smazán po restartu: {9D217B94-6FC9-44FE-94B1-30C711871266}
[#] Klíč smazán po restartu: {B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
[#] Klíč smazán po restartu: {BE698E51-830B-447A-954D-901D6E05DDE2}
[#] Klíč smazán po restartu: {BFCF748F-A56E-451F-AA45-0D7EB699E416}
[#] Klíč smazán po restartu: {D617CF84-B0BC-441F-9984-B676AFBA1E8D}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{13B534D0-49F9-48A9-A006-B2F92E1D01CB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{164993F7-4D6D-40A5-8FA1-37A8F96B4700}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{1B520A16-E83A-48F9-8802-8F485F24A452}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{1CE5ABBD-42D7-4EEE-BBD6-33E76D912ECD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{1E6170F4-3856-40E4-A2EB-2D8FB46574A4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{21B4FA2D-3459-44D1-A855-D8BC0378E9D2}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{289211A5-2A74-454B-9F1F-FA9A8D9CD6D8}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{2CFC7EED-36BA-4374-8D29-92895D942F6C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{3E698E62-9516-4670-AD6C-DC58181BC9F8}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{43E76D04-EB5C-4D74-A11D-7403BAFE540B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{45A28B99-6C20-441D-9D4D-F7EC7C701F6C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{4CE34BDA-95CD-431D-AA32-0FF7589C0376}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{4E089F3E-F5E1-4759-AF16-E7EBE24CAA9C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{5D076356-28C1-43B2-B29B-1AAE8D518E83}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{5D5D5550-534F-4854-B461-3B40D759EA72}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{628BA19D-7BED-4C54-8210-AFE66BB15D06}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{774BFD7A-2CE7-4785-8957-2D62F7F4A83C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{8077E854-138D-4396-ABB8-44C39E621705}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{13B534D0-49F9-48A9-A006-B2F92E1D01CB}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{164993F7-4D6D-40A5-8FA1-37A8F96B4700}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{1B520A16-E83A-48F9-8802-8F485F24A452}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{1CE5ABBD-42D7-4EEE-BBD6-33E76D912ECD}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{1E6170F4-3856-40E4-A2EB-2D8FB46574A4}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{21B4FA2D-3459-44D1-A855-D8BC0378E9D2}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{289211A5-2A74-454B-9F1F-FA9A8D9CD6D8}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{2CFC7EED-36BA-4374-8D29-92895D942F6C}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{3E698E62-9516-4670-AD6C-DC58181BC9F8}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{43E76D04-EB5C-4D74-A11D-7403BAFE540B}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{45A28B99-6C20-441D-9D4D-F7EC7C701F6C}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{4CE34BDA-95CD-431D-AA32-0FF7589C0376}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{4E089F3E-F5E1-4759-AF16-E7EBE24CAA9C}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{5D076356-28C1-43B2-B29B-1AAE8D518E83}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{5D5D5550-534F-4854-B461-3B40D759EA72}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{628BA19D-7BED-4C54-8210-AFE66BB15D06}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{774BFD7A-2CE7-4785-8957-2D62F7F4A83C}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{8077E854-138D-4396-ABB8-44C39E621705}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{39D4F1A1-A94D-4B7D-BF1D-7446308800ED}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{443321F7-E46C-42F8-812B-F35E98CBB44F}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{5CDE4714-32DC-473C-8194-0645E62C2E96}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{8F83D657-5993-4FFA-9AEE-DA0B20D828A7}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{EF5DB804-585B-472E-B415-BC63F8F01BF6}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Klíč smazán: [x64] HKLM\SOFTWARE\systweak
[-] Klíč smazán: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
***** [ Prohlížeče ] *****
[-] Firefox předvolby vyčištěny: "browser.search.selectedEngine" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "browser.startup.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=DE765EE4-14BA-4B0A-925D-D518CC8842DD&n=780b8539&p2=^AYY^xdm067^YYA^cz&si=flvrunner"
[-] Firefox předvolby vyčištěny: "extensions.mywebsearch.prevKwdEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.BUTTON_STRUCTURE" - "[{\"b\":220475038,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":220475039,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0\"},{\"b\":220475041,\"c\":\"mindspark.full\",\"p\":\"L.0.1\"},{\"b\":220475045,\"c\":\"mindspark.image\",\"p\":\"L.0.2\"},{\"b\":220475048,\"c\":\"mindspark.advanced\",\"p\":\"L.0.3\"},{\"b\":220475051,\"c\":\"mindspark.directory\",\"p\":\"L.0.4\"},{\"b\":220474995,\"c\":\"mindspark.search\",\"p\":\"L.1\"},{\"b\":220474998,\"c\":\"mindspark.allin1convertlogo\",\"p\":\"L.2\"},{\"b\":220474999,\"c\":\"mindspark.notspyware\",\"p\":\"L.2.0\"},{\"b\":220475006,\"c\":\"mindspark.help\",\"p\":\"L.2.1\"},{\"b\":220475012,\"c\":\"mindspark.version\",\"p\":\"L.2.2\"},{\"b\":220540005,\"c\":\"mindspark.convertfiles\",\"v\":\"1.0.0\",\"p\":\"L.3\"},{\"b\":220475021,\"c\":\"mindspark.measurementconverter\",\"v\":\"1.1.2\",\"p\":\"L.4\"},{\"b\":220475022,\"c\":\"mindspark.translate\",\"v\":\"1.1.2\",\"p\":\"L.5\"},{\"b\":220475023,\"c\":\"mindspark.facebook\",\"v\":\"1.3.2\",\"p\":\"L.6\"},{\"b\":220475024,\"c\":\"mindspark.weather\",\"v\":\"1.2.1\",\"p\":\"L.7\"},{\"b\":220474997,\"c\":\"mindspark.ask\",\"p\":\"R.0\"},{\"b\":220475055,\"c\":\"mindspark.wrench\",\"p\":\"R.1\"},{\"b\":220475061,\"c\":\"mindspark.tboptions\",\"p\":\"R.1.0\"},{\"b\":220475062,\"c\":\"mindspark.enabledisable\",\"p\":\"R.1.0.0\"},{\"b\":220475080,\"c\":\"mindspark.uninstall\",\"p\":\"R.1.0.1\"}]"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.tb" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.tb" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.tb" - "hxxp://home.tb.ask.com/index.jhtml?ptb=DE765EE4-14BA-4B0A-925D-D518CC8842DD&n=780b8539&p2=^AYY^xdm067^YYA^cz&si=flvrunner"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.startup.page.savedPrev" - 1
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.startup.page.tb" - 1
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.firstKnownVersion" - "5.79.3.15569"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=DE765EE4-14BA-4B0A-925D-D518CC8842DD&n=780b8539&p2=^AYY^xdm067^YYA^cz&si=flvrunner"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.hp.enabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.initialized" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installKeysSource" - "File"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.contextKey" - ""
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.installDate" - "2014020921"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.partnerId" - "^AYY^xdm067^YYA^cz"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.partnerSubId" - "flvrunner"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.success" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.toolbarId" - "DE765EE4-14BA-4B0A-925D-D518CC8842DD"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.isCompliantUninstallImplementation" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.lastActivePing" - "1420286725446"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.lastKnownVersion" - "5.79.3.15569"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.options.defaultSearch" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.options.homePageEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.options.keywordEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.options.tabEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.toolbarCollapsed" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.hp.enabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.hp.enabled.guid" - "allin1convert@mindspark.com"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.lastInstalled" - "allin1convert@mindspark.com"
[-] Firefox předvolby vyčištěny: "keyword.URL" - "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=DE765EE4-14BA-4B0A-925D-D518CC8842DD&n=780b8539&ind=2014020921&p2=^AYY^xdm067^YYA^cz&si=flvrunner&searchfor="
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [34130 Bajty] - [02/03/2017 20:07:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [32866 Bajty] - [02/03/2017 20:06:49]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [34278 Bajty] ##########
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-01.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Jarviness - JARVINESS-PC
# Spuštěno z : C:\Users\Jarviness\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Jarviness\AppData\Local\Allin1Convert_8h
[-] Složka smazána: C:\Users\Jarviness\AppData\LocalLow\Allin1Convert_8h
[-] Složka smazána: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\Allin1Convert_8h
[-] Složka smazána: C:\Program Files (x86)\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\Local\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\LocalLow\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Program Files (x86)\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\Local\Allin1Convert_8h
[-] Složka smazána: C:\Users\Jarviness\AppData\LocalLow\iac
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\LocalLow\IAC
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\LocalLow\Allin1Convert_8h
[-] Složka smazána: C:\Users\Jarviness\AppData\Roaming\OpenCandy
[#] Složka smazána po restartu: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\Allin1Convert_8h
[#] Složka smazána po restartu: C:\Program Files (x86)\Allin1Convert_8h
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\searchplugins\ask-web-search.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[-] Klíč smazán: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\AppDataLow\Software\Allin1Convert_8h_is1
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Allin1Convert_8h_is1
[-] Klíč smazán: HKLM\SOFTWARE\Allin1Convert_8h
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Allin1Convert_8h_is1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\AppDataLow\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: HKCU\Software\AppDataLow\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Allin1Convert_8h
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Allin1Convert_8h
[#] Klíč smazán po restartu: [x64] HKCU\Software\AppDataLow\Software\Allin1Convert_8h_is1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1
[-] Klíč smazán: HKLM\SOFTWARE\MozillaPlugins\@Allin1Convert_8h.com/Plugin
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Firefox
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Allin1Convert_8hbar Uninstall Internet Explorer
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248b3e95-17a4-482d-a8a8-6b3df4d05c35}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5e58cda9-3b21-4611-a859-26ee28950e61}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6874fade-02c8-4181-831a-fc7486cf1d74}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6c5561b6-3dd2-46b5-83be-eae744366046}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88e44198-d164-4ec0-b2c0-f679d866c6da}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f671c1b3-9776-426d-a350-55fb2d9b53f7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{248b3e95-17a4-482d-a8a8-6b3df4d05c35}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{248b3e95-17a4-482d-a8a8-6b3df4d05c35}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{27f49273-de3a-4111-90f9-6c474c37aefb}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{27f49273-de3a-4111-90f9-6c474c37aefb}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.Allin1Convert_8h.PseudoTransparentPlugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.PseudoTransparentPlugin.Allin1Convert_8h.PseudoTransparentPlugin.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{39d4f1a1-a94d-4b7d-bf1d-7446308800ed}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{39d4f1a1-a94d-4b7d-bf1d-7446308800ed}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{443321f7-e46c-42f8-812b-f35e98cbb44f}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{443321f7-e46c-42f8-812b-f35e98cbb44f}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{5cde4714-32dc-473c-8194-0645e62c2e96}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{5cde4714-32dc-473c-8194-0645e62c2e96}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.Allin1Convert_8h.RadioSettings
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.RadioSettings.Allin1Convert_8h.RadioSettings.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{7caefafc-9a1e-4bcc-94dd-bc7d8d52717a}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{7caefafc-9a1e-4bcc-94dd-bc7d8d52717a}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.Allin1Convert_8h.SettingsPlugin
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.SettingsPlugin.Allin1Convert_8h.SettingsPlugin.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.Allin1Convert_8h.HTMLMenu
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLMenu.Allin1Convert_8h.HTMLMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{889f49d2-6cea-40be-be5f-7217485f9745}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{889f49d2-6cea-40be-be5f-7217485f9745}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.Allin1Convert_8h.ToolbarProtector
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.Allin1Convert_8h.ToolbarProtector.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{8f83d657-5993-4ffa-9aee-da0b20d828a7}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{8f83d657-5993-4ffa-9aee-da0b20d828a7}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.Allin1Convert_8h.FeedManager
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.FeedManager.Allin1Convert_8h.FeedManager.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{c8ef8f70-3807-424a-83f7-da06fd4dacf9}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{c8ef8f70-3807-424a-83f7-da06fd4dacf9}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.Allin1Convert_8h.Radio
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.Radio.Allin1Convert_8h.Radio.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{de0f6787-9d1c-42b7-a0b9-eac630f87902}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{de0f6787-9d1c-42b7-a0b9-eac630f87902}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{e4ef697f-434b-4dc7-a464-4412462206db}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{e4ef697f-434b-4dc7-a464-4412462206db}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.Allin1Convert_8h.HTMLPanel
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.HTMLPanel.Allin1Convert_8h.HTMLPanel.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{ef3f28c8-0330-4d18-b901-d24cb83e5aa1}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{ef3f28c8-0330-4d18-b901-d24cb83e5aa1}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.Allin1Convert_8h.MultipleButton
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.MultipleButton.Allin1Convert_8h.MultipleButton.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{ef5db804-585b-472e-b415-bc63f8f01bf6}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{ef5db804-585b-472e-b415-bc63f8f01bf6}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.Allin1Convert_8h.ScriptButton
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ScriptButton.Allin1Convert_8h.ScriptButton.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{f2c368c5-9f44-4d43-89f3-a1cc87f1da96}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{f2c368c5-9f44-4d43-89f3-a1cc87f1da96}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{f99ddd9a-07d0-47ab-86f1-193533dd2c60}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{f99ddd9a-07d0-47ab-86f1-193533dd2c60}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.Allin1Convert_8h.ThirdPartyInstaller
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ThirdPartyInstaller.Allin1Convert_8h.ThirdPartyInstaller.1
[#] Klíč smazán po restartu: {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4}
[#] Klíč smazán po restartu: {16976E15-10EA-44FD-804A-6ECBC9EBBFC7}
[#] Klíč smazán po restartu: {2561FD25-FE31-4E56-A120-AF7FEAAE3124}
[#] Klíč smazán po restartu: {4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
[#] Klíč smazán po restartu: {507C73BB-FC69-425E-8A49-9204F886B328}
[#] Klíč smazán po restartu: {6EC57031-1740-4151-93C5-C465D6063DD2}
[#] Klíč smazán po restartu: {76FC1003-0825-48BD-B59B-3B7A5754972C}
[#] Klíč smazán po restartu: {9D217B94-6FC9-44FE-94B1-30C711871266}
[#] Klíč smazán po restartu: {B48AC2CD-9662-47E0-A3C0-3B01BB3F463E}
[#] Klíč smazán po restartu: {BE698E51-830B-447A-954D-901D6E05DDE2}
[#] Klíč smazán po restartu: {BFCF748F-A56E-451F-AA45-0D7EB699E416}
[#] Klíč smazán po restartu: {D617CF84-B0BC-441F-9984-B676AFBA1E8D}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{13B534D0-49F9-48A9-A006-B2F92E1D01CB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{164993F7-4D6D-40A5-8FA1-37A8F96B4700}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{1B520A16-E83A-48F9-8802-8F485F24A452}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{1CE5ABBD-42D7-4EEE-BBD6-33E76D912ECD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{1E6170F4-3856-40E4-A2EB-2D8FB46574A4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{21B4FA2D-3459-44D1-A855-D8BC0378E9D2}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{289211A5-2A74-454B-9F1F-FA9A8D9CD6D8}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{2CFC7EED-36BA-4374-8D29-92895D942F6C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{3E698E62-9516-4670-AD6C-DC58181BC9F8}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{43E76D04-EB5C-4D74-A11D-7403BAFE540B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{45A28B99-6C20-441D-9D4D-F7EC7C701F6C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{4CE34BDA-95CD-431D-AA32-0FF7589C0376}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{4E089F3E-F5E1-4759-AF16-E7EBE24CAA9C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{5D076356-28C1-43B2-B29B-1AAE8D518E83}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{5D5D5550-534F-4854-B461-3B40D759EA72}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{628BA19D-7BED-4C54-8210-AFE66BB15D06}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{774BFD7A-2CE7-4785-8957-2D62F7F4A83C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{8077E854-138D-4396-ABB8-44C39E621705}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{13B534D0-49F9-48A9-A006-B2F92E1D01CB}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{164993F7-4D6D-40A5-8FA1-37A8F96B4700}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{1B520A16-E83A-48F9-8802-8F485F24A452}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{1CE5ABBD-42D7-4EEE-BBD6-33E76D912ECD}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{1E6170F4-3856-40E4-A2EB-2D8FB46574A4}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{21B4FA2D-3459-44D1-A855-D8BC0378E9D2}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{289211A5-2A74-454B-9F1F-FA9A8D9CD6D8}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{2CFC7EED-36BA-4374-8D29-92895D942F6C}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{3E698E62-9516-4670-AD6C-DC58181BC9F8}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{43E76D04-EB5C-4D74-A11D-7403BAFE540B}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{45A28B99-6C20-441D-9D4D-F7EC7C701F6C}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{4CE34BDA-95CD-431D-AA32-0FF7589C0376}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{4E089F3E-F5E1-4759-AF16-E7EBE24CAA9C}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{5D076356-28C1-43B2-B29B-1AAE8D518E83}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{5D5D5550-534F-4854-B461-3B40D759EA72}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{628BA19D-7BED-4C54-8210-AFE66BB15D06}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{774BFD7A-2CE7-4785-8957-2D62F7F4A83C}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Classes\Interface\{8077E854-138D-4396-ABB8-44C39E621705}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{39D4F1A1-A94D-4B7D-BF1D-7446308800ED}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{443321F7-E46C-42F8-812B-F35E98CBB44F}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{5CDE4714-32DC-473C-8194-0645E62C2E96}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{8F83D657-5993-4FFA-9AEE-DA0B20D828A7}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{EF5DB804-585B-472E-B415-BC63F8F01BF6}
[#] Klíč smazán po restartu: HKLM\SOFTWARE\Classes\CLSID\{889F49D2-6CEA-40BE-BE5F-7217485F9745}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Klíč smazán: [x64] HKLM\SOFTWARE\systweak
[-] Klíč smazán: HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}
***** [ Prohlížeče ] *****
[-] Firefox předvolby vyčištěny: "browser.search.selectedEngine" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "browser.startup.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=DE765EE4-14BA-4B0A-925D-D518CC8842DD&n=780b8539&p2=^AYY^xdm067^YYA^cz&si=flvrunner"
[-] Firefox předvolby vyčištěny: "extensions.mywebsearch.prevKwdEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.BUTTON_STRUCTURE" - "[{\"b\":220475038,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":220475039,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0\"},{\"b\":220475041,\"c\":\"mindspark.full\",\"p\":\"L.0.1\"},{\"b\":220475045,\"c\":\"mindspark.image\",\"p\":\"L.0.2\"},{\"b\":220475048,\"c\":\"mindspark.advanced\",\"p\":\"L.0.3\"},{\"b\":220475051,\"c\":\"mindspark.directory\",\"p\":\"L.0.4\"},{\"b\":220474995,\"c\":\"mindspark.search\",\"p\":\"L.1\"},{\"b\":220474998,\"c\":\"mindspark.allin1convertlogo\",\"p\":\"L.2\"},{\"b\":220474999,\"c\":\"mindspark.notspyware\",\"p\":\"L.2.0\"},{\"b\":220475006,\"c\":\"mindspark.help\",\"p\":\"L.2.1\"},{\"b\":220475012,\"c\":\"mindspark.version\",\"p\":\"L.2.2\"},{\"b\":220540005,\"c\":\"mindspark.convertfiles\",\"v\":\"1.0.0\",\"p\":\"L.3\"},{\"b\":220475021,\"c\":\"mindspark.measurementconverter\",\"v\":\"1.1.2\",\"p\":\"L.4\"},{\"b\":220475022,\"c\":\"mindspark.translate\",\"v\":\"1.1.2\",\"p\":\"L.5\"},{\"b\":220475023,\"c\":\"mindspark.facebook\",\"v\":\"1.3.2\",\"p\":\"L.6\"},{\"b\":220475024,\"c\":\"mindspark.weather\",\"v\":\"1.2.1\",\"p\":\"L.7\"},{\"b\":220474997,\"c\":\"mindspark.ask\",\"p\":\"R.0\"},{\"b\":220475055,\"c\":\"mindspark.wrench\",\"p\":\"R.1\"},{\"b\":220475061,\"c\":\"mindspark.tboptions\",\"p\":\"R.1.0\"},{\"b\":220475062,\"c\":\"mindspark.enabledisable\",\"p\":\"R.1.0.0\"},{\"b\":220475080,\"c\":\"mindspark.uninstall\",\"p\":\"R.1.0.1\"}]"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.tb" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.tb" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.tb" - "hxxp://home.tb.ask.com/index.jhtml?ptb=DE765EE4-14BA-4B0A-925D-D518CC8842DD&n=780b8539&p2=^AYY^xdm067^YYA^cz&si=flvrunner"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.startup.page.savedPrev" - 1
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.browser.startup.page.tb" - 1
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.firstKnownVersion" - "5.79.3.15569"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=DE765EE4-14BA-4B0A-925D-D518CC8842DD&n=780b8539&p2=^AYY^xdm067^YYA^cz&si=flvrunner"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.hp.enabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.initialized" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installKeysSource" - "File"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.contextKey" - ""
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.installDate" - "2014020921"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.partnerId" - "^AYY^xdm067^YYA^cz"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.partnerSubId" - "flvrunner"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.success" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.installation.toolbarId" - "DE765EE4-14BA-4B0A-925D-D518CC8842DD"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.isCompliantUninstallImplementation" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.lastActivePing" - "1420286725446"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.lastKnownVersion" - "5.79.3.15569"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.options.defaultSearch" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.options.homePageEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.options.keywordEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.options.tabEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._8hMembers_.toolbarCollapsed" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.hp.enabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.hp.enabled.guid" - "allin1convert@mindspark.com"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.lastInstalled" - "allin1convert@mindspark.com"
[-] Firefox předvolby vyčištěny: "keyword.URL" - "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=DE765EE4-14BA-4B0A-925D-D518CC8842DD&n=780b8539&ind=2014020921&p2=^AYY^xdm067^YYA^cz&si=flvrunner&searchfor="
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [34130 Bajty] - [02/03/2017 20:07:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [32866 Bajty] - [02/03/2017 20:06:49]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [34278 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Policie varuje
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Policie varuje
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
Ran by Jarviness (administrator) on JARVINESS-PC (02-03-2017 21:13:49)
Running from C:\Users\Jarviness\Desktop
Loaded Profiles: Jarviness (Available Profiles: Jarviness & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jarviness\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RemoveNetSoftware] => "C:\Program Files\NetSoftware\\rmNetSoftware.exe" /hst=logs.panelcz.gemius.com:80 /uid=2299671 /tck=1320741633 /rea=4 /ist=0
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\MountPoints2: {12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} - "E:\HPLauncher.exe"
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-1178627139-551152587-1051265069-1001] => localhost:21320
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c883c88e-ee84-4bb1-9d2f-3bce94b35459}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/?gfe_rd=cr&ei=sapiu6qveuu ... gws_rd=ssl
URLSearchHook: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
BHO-x32: Toolbar BHO -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
FireFox:
========
FF ProfilePath: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default [2017-03-02]
FF Session Restore: Mozilla\Firefox\Profiles\ctqvz7p8.default -> is enabled.
FF Extension: (DownloadHelper) - C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-03] [not signed]
FF Extension: (No Name) - C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\extensions\8hffxtbr@Allin1Convert_8h.com [not found]
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-02-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\all-gemius.js [2016-03-30]
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default [2017-03-02]
CHR Extension: (Prezentace Google) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-01]
CHR Extension: (Dokumenty Google) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-01]
CHR Extension: (Disk Google) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-01]
CHR Extension: (YouTube) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-01]
CHR Extension: (Tabulky Google) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-01]
CHR Extension: (Gmail) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-01]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2771848 2016-11-24] (ESET)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-08-04] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [262792 2016-11-24] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-08-21] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [197248 2016-11-24] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [153216 2016-11-24] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [208520 2016-11-24] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [61568 2016-11-24] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [84616 2016-11-24] (ESET)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-12-20] (REALiX(tm))
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-02 21:13 - 2017-03-02 21:14 - 00018242 _____ C:\Users\Jarviness\Desktop\FRST.txt
2017-03-02 21:13 - 2017-03-02 21:13 - 00000000 ____D C:\FRST
2017-03-02 21:12 - 2017-03-02 21:12 - 00112640 _____ (forum.viry.cz) C:\Users\Jarviness\Downloads\FRSTLauncher.exe
2017-03-02 21:12 - 2017-03-02 21:12 - 00112640 _____ (forum.viry.cz) C:\Users\Jarviness\Desktop\FRSTLauncher.exe
2017-03-02 21:12 - 2017-03-02 21:11 - 02423808 _____ (Farbar) C:\Users\Jarviness\Desktop\FRST64.exe
2017-03-02 21:11 - 2017-03-02 21:11 - 02423808 _____ (Farbar) C:\Users\Jarviness\Downloads\FRST64.exe
2017-03-02 21:11 - 2017-03-02 21:11 - 02423808 _____ (Farbar) C:\Users\Jarviness\Downloads\FRST64 (1).exe
2017-03-02 20:05 - 2017-03-02 20:07 - 00000000 ____D C:\AdwCleaner
2017-03-02 20:05 - 2017-03-02 20:05 - 04031440 _____ C:\Users\Jarviness\Desktop\adwcleaner_6.044.exe
2017-03-02 20:04 - 2017-03-02 20:04 - 04031440 _____ C:\Users\Jarviness\Downloads\adwcleaner_6.044.exe
2017-03-02 19:06 - 2017-03-02 19:07 - 00000000 ____D C:\rsit
2017-03-02 19:06 - 2017-03-02 19:06 - 01324032 _____ C:\Users\Jarviness\Downloads\RSITx64.exe
2017-03-02 19:06 - 2017-03-02 19:06 - 00000000 ____D C:\Program Files\trend micro
2017-03-02 18:04 - 2017-03-02 18:11 - 06751360 _____ (ESET spol. s r.o.) C:\Users\Jarviness\Downloads\esetonlinescanner_enu.exe
2017-03-02 18:04 - 2017-03-02 18:08 - 145357072 _____ (Microsoft Corporation) C:\Users\Jarviness\Downloads\msert.exe
2017-03-02 17:58 - 2017-03-01 14:31 - 00002344 _____ C:\Users\Jarviness\Desktop\Google Chrome.lnk
2017-03-02 17:53 - 2017-03-02 17:53 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-03-02 17:53 - 2017-03-02 17:53 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-03-02 17:53 - 2017-03-02 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-03-02 17:53 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-03-02 17:52 - 2017-03-02 17:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Jarviness\Downloads\spybot-2.4.exe
2017-03-01 14:31 - 2017-03-01 14:31 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-13 13:02 - 2017-02-13 13:02 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-13 13:02 - 2017-02-13 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-09 13:57 - 2017-02-09 13:57 - 00004930 _____ C:\Users\Jarviness\Documents\DPHDP3-6706021872-20170209-135648-8836712-potvrzeni.p7s
2017-02-08 15:35 - 2017-02-08 15:35 - 00004744 _____ C:\Users\Jarviness\Documents\DPHKH1-0045539871-20170208-153438-544405977-potvrzeni.p7s
2017-02-07 13:38 - 2017-02-07 13:38 - 00008716 _____ C:\Users\Jarviness\Downloads\MESSAGE_EN (13).HTML
2017-02-07 13:36 - 2017-02-07 13:36 - 00008722 _____ C:\Users\Jarviness\Downloads\MESSAGE_EN (12).HTML
2017-02-07 12:56 - 2017-02-07 12:56 - 00008722 _____ C:\Users\Jarviness\Downloads\MESSAGE_EN (11).HTML
2017-02-07 12:55 - 2017-02-07 12:55 - 00008716 _____ C:\Users\Jarviness\Downloads\MESSAGE_EN (10).HTML
2017-02-07 11:22 - 2017-02-07 11:22 - 00522116 _____ C:\Users\Jarviness\Desktop\download.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-02 21:09 - 2016-08-03 17:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-02 20:15 - 2016-08-03 17:44 - 02692280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-02 20:15 - 2016-07-16 23:25 - 01034592 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-02 20:15 - 2016-07-16 23:25 - 00279122 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-02 20:08 - 2016-08-03 17:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-02 20:08 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-02 18:39 - 2015-01-13 16:08 - 00000000 ____D C:\ProgramData\firebird
2017-03-02 18:18 - 2016-03-08 10:29 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-03-02 18:11 - 2016-06-07 11:01 - 00000000 ____D C:\Users\Jarviness\AppData\Local\ESET
2017-03-02 17:54 - 2016-03-08 10:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-03-02 14:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-02 08:03 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 08:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-01 14:31 - 2013-03-21 17:40 - 00000000 ____D C:\Users\Jarviness\AppData\Local\Google
2017-03-01 14:31 - 2013-03-21 17:39 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-01 11:52 - 2015-02-03 11:53 - 00000742 _____ C:\Users\Jarviness\Documents\Seznam firem.txt
2017-02-28 15:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-28 10:00 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-28 10:00 - 2013-07-19 12:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-28 09:57 - 2013-03-21 18:03 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-28 09:30 - 2015-12-04 08:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-28 09:17 - 2016-12-06 08:30 - 00003292 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 09:17 - 2016-03-08 10:29 - 00002441 _____ C:\Users\Jarviness\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 09:17 - 2016-03-08 10:29 - 00000000 ___RD C:\Users\Jarviness\OneDrive
2017-02-13 12:27 - 2016-07-06 08:28 - 00000841 _____ C:\Users\Public\Desktop\MRP Mzdy a personalistika.lnk
2017-02-13 12:27 - 2016-07-06 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MRP
2017-02-13 12:18 - 2016-09-29 11:00 - 00000764 _____ C:\Users\Public\Desktop\MRP Účetnictví.lnk
2017-02-13 12:18 - 2015-01-21 11:44 - 00000986 _____ C:\Users\Public\Desktop\MRP Elektronická podání.lnk
2017-02-13 08:08 - 2016-10-05 10:30 - 00000799 _____ C:\Users\Public\Desktop\MRP Daňová evidence + sklad.lnk
2017-02-09 11:57 - 2014-02-28 20:23 - 00000000 ____D C:\Users\Jarviness\Documents\Scan
2017-02-07 11:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-02-06 20:48 - 2016-10-29 10:15 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-10-29 10:15 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-01-20 07:59 - 2016-02-25 09:10 - 0003584 _____ () C:\Users\Jarviness\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-30 13:25 - 2016-06-07 15:14 - 1065984 _____ () C:\Users\Jarviness\AppData\Local\file__0.localstorage
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 9.0.407.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: ESET Smart Security 9.0.407.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jarviness\Desktop" je 11269 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Ran by Jarviness (administrator) on JARVINESS-PC (02-03-2017 21:13:49)
Running from C:\Users\Jarviness\Desktop
Loaded Profiles: Jarviness (Available Profiles: Jarviness & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jarviness\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-10] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [RemoveNetSoftware] => "C:\Program Files\NetSoftware\\rmNetSoftware.exe" /hst=logs.panelcz.gemius.com:80 /uid=2299671 /tck=1320741633 /rea=4 /ist=0
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\MountPoints2: {12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} - "E:\HPLauncher.exe"
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-1178627139-551152587-1051265069-1001] => localhost:21320
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c883c88e-ee84-4bb1-9d2f-3bce94b35459}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/?gfe_rd=cr&ei=sapiu6qveuu ... gws_rd=ssl
URLSearchHook: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
BHO-x32: Toolbar BHO -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
FireFox:
========
FF ProfilePath: C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default [2017-03-02]
FF Session Restore: Mozilla\Firefox\Profiles\ctqvz7p8.default -> is enabled.
FF Extension: (DownloadHelper) - C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-01-03] [not signed]
FF Extension: (No Name) - C:\Users\Jarviness\AppData\Roaming\Mozilla\Firefox\Profiles\ctqvz7p8.default\extensions\8hffxtbr@Allin1Convert_8h.com [not found]
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-02-04] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\all-gemius.js [2016-03-30]
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default [2017-03-02]
CHR Extension: (Prezentace Google) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-01]
CHR Extension: (Dokumenty Google) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-01]
CHR Extension: (Disk Google) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-01]
CHR Extension: (YouTube) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-01]
CHR Extension: (Tabulky Google) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-01]
CHR Extension: (Gmail) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-01]
CHR Extension: (Chrome Media Router) - C:\Users\Jarviness\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-01]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2771848 2016-11-24] (ESET)
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-08-04] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [262792 2016-11-24] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-08-21] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [197248 2016-11-24] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [153216 2016-11-24] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [208520 2016-11-24] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [61568 2016-11-24] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [84616 2016-11-24] (ESET)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2015-12-20] (REALiX(tm))
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-02 21:13 - 2017-03-02 21:14 - 00018242 _____ C:\Users\Jarviness\Desktop\FRST.txt
2017-03-02 21:13 - 2017-03-02 21:13 - 00000000 ____D C:\FRST
2017-03-02 21:12 - 2017-03-02 21:12 - 00112640 _____ (forum.viry.cz) C:\Users\Jarviness\Downloads\FRSTLauncher.exe
2017-03-02 21:12 - 2017-03-02 21:12 - 00112640 _____ (forum.viry.cz) C:\Users\Jarviness\Desktop\FRSTLauncher.exe
2017-03-02 21:12 - 2017-03-02 21:11 - 02423808 _____ (Farbar) C:\Users\Jarviness\Desktop\FRST64.exe
2017-03-02 21:11 - 2017-03-02 21:11 - 02423808 _____ (Farbar) C:\Users\Jarviness\Downloads\FRST64.exe
2017-03-02 21:11 - 2017-03-02 21:11 - 02423808 _____ (Farbar) C:\Users\Jarviness\Downloads\FRST64 (1).exe
2017-03-02 20:05 - 2017-03-02 20:07 - 00000000 ____D C:\AdwCleaner
2017-03-02 20:05 - 2017-03-02 20:05 - 04031440 _____ C:\Users\Jarviness\Desktop\adwcleaner_6.044.exe
2017-03-02 20:04 - 2017-03-02 20:04 - 04031440 _____ C:\Users\Jarviness\Downloads\adwcleaner_6.044.exe
2017-03-02 19:06 - 2017-03-02 19:07 - 00000000 ____D C:\rsit
2017-03-02 19:06 - 2017-03-02 19:06 - 01324032 _____ C:\Users\Jarviness\Downloads\RSITx64.exe
2017-03-02 19:06 - 2017-03-02 19:06 - 00000000 ____D C:\Program Files\trend micro
2017-03-02 18:04 - 2017-03-02 18:11 - 06751360 _____ (ESET spol. s r.o.) C:\Users\Jarviness\Downloads\esetonlinescanner_enu.exe
2017-03-02 18:04 - 2017-03-02 18:08 - 145357072 _____ (Microsoft Corporation) C:\Users\Jarviness\Downloads\msert.exe
2017-03-02 17:58 - 2017-03-01 14:31 - 00002344 _____ C:\Users\Jarviness\Desktop\Google Chrome.lnk
2017-03-02 17:53 - 2017-03-02 17:53 - 00001460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-03-02 17:53 - 2017-03-02 17:53 - 00001448 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-03-02 17:53 - 2017-03-02 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-03-02 17:53 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-03-02 17:52 - 2017-03-02 17:52 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Jarviness\Downloads\spybot-2.4.exe
2017-03-01 14:31 - 2017-03-01 14:31 - 00002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-13 13:02 - 2017-02-13 13:02 - 00002221 _____ C:\Users\Public\Desktop\Google Earth.lnk
2017-02-13 13:02 - 2017-02-13 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2017-02-09 13:57 - 2017-02-09 13:57 - 00004930 _____ C:\Users\Jarviness\Documents\DPHDP3-6706021872-20170209-135648-8836712-potvrzeni.p7s
2017-02-08 15:35 - 2017-02-08 15:35 - 00004744 _____ C:\Users\Jarviness\Documents\DPHKH1-0045539871-20170208-153438-544405977-potvrzeni.p7s
2017-02-07 13:38 - 2017-02-07 13:38 - 00008716 _____ C:\Users\Jarviness\Downloads\MESSAGE_EN (13).HTML
2017-02-07 13:36 - 2017-02-07 13:36 - 00008722 _____ C:\Users\Jarviness\Downloads\MESSAGE_EN (12).HTML
2017-02-07 12:56 - 2017-02-07 12:56 - 00008722 _____ C:\Users\Jarviness\Downloads\MESSAGE_EN (11).HTML
2017-02-07 12:55 - 2017-02-07 12:55 - 00008716 _____ C:\Users\Jarviness\Downloads\MESSAGE_EN (10).HTML
2017-02-07 11:22 - 2017-02-07 11:22 - 00522116 _____ C:\Users\Jarviness\Desktop\download.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-02 21:09 - 2016-08-03 17:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-02 20:15 - 2016-08-03 17:44 - 02692280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-02 20:15 - 2016-07-16 23:25 - 01034592 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-02 20:15 - 2016-07-16 23:25 - 00279122 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-02 20:08 - 2016-08-03 17:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-02 20:08 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-02 18:39 - 2015-01-13 16:08 - 00000000 ____D C:\ProgramData\firebird
2017-03-02 18:18 - 2016-03-08 10:29 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-03-02 18:11 - 2016-06-07 11:01 - 00000000 ____D C:\Users\Jarviness\AppData\Local\ESET
2017-03-02 17:54 - 2016-03-08 10:30 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-03-02 14:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-02 08:03 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-02 08:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-01 14:31 - 2013-03-21 17:40 - 00000000 ____D C:\Users\Jarviness\AppData\Local\Google
2017-03-01 14:31 - 2013-03-21 17:39 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-01 11:52 - 2015-02-03 11:53 - 00000742 _____ C:\Users\Jarviness\Documents\Seznam firem.txt
2017-02-28 15:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-28 10:00 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-28 10:00 - 2013-07-19 12:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-28 09:57 - 2013-03-21 18:03 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-28 09:30 - 2015-12-04 08:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-28 09:17 - 2016-12-06 08:30 - 00003292 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-28 09:17 - 2016-03-08 10:29 - 00002441 _____ C:\Users\Jarviness\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-28 09:17 - 2016-03-08 10:29 - 00000000 ___RD C:\Users\Jarviness\OneDrive
2017-02-13 12:27 - 2016-07-06 08:28 - 00000841 _____ C:\Users\Public\Desktop\MRP Mzdy a personalistika.lnk
2017-02-13 12:27 - 2016-07-06 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MRP
2017-02-13 12:18 - 2016-09-29 11:00 - 00000764 _____ C:\Users\Public\Desktop\MRP Účetnictví.lnk
2017-02-13 12:18 - 2015-01-21 11:44 - 00000986 _____ C:\Users\Public\Desktop\MRP Elektronická podání.lnk
2017-02-13 08:08 - 2016-10-05 10:30 - 00000799 _____ C:\Users\Public\Desktop\MRP Daňová evidence + sklad.lnk
2017-02-09 11:57 - 2014-02-28 20:23 - 00000000 ____D C:\Users\Jarviness\Documents\Scan
2017-02-07 11:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-02-06 20:48 - 2016-10-29 10:15 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-10-29 10:15 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2014-01-20 07:59 - 2016-02-25 09:10 - 0003584 _____ () C:\Users\Jarviness\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-30 13:25 - 2016-06-07 15:14 - 1065984 _____ () C:\Users\Jarviness\AppData\Local\file__0.localstorage
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 9.0.407.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: ESET Smart Security 9.0.407.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jarviness\Desktop" je 11269 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (35.15 KiB) Staženo 64 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Policie varuje
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\MountPoints2: {12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} - "E:\HPLauncher.exe"
URLSearchHook: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
BHO-x32: Toolbar BHO -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
U3 idsvc; no ImagePath
C:\Users\Jarviness\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
Z logu:
To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Jarviness novou složku, do níž přesuňte všechna data z ploch (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.Velikost slozky "C:\Users\Jarviness\Desktop" je 11269 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Policie varuje
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017
Ran by Jarviness (02-03-2017 21:38:34) Run:1
Running from C:\Users\Jarviness\Desktop
Loaded Profiles: Jarviness (Available Profiles: Jarviness & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\MountPoints2: {12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} - "E:\HPLauncher.exe"
URLSearchHook: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
BHO-x32: Toolbar BHO -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
U3 idsvc; no ImagePath
C:\Users\Jarviness\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} => key removed successfully
HKCR\CLSID\{12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} => key not found.
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} => value removed successfully
HKCR\Wow6432Node\CLSID\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => key removed successfully
HKCR\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} => key removed successfully
HKCR\Wow6432Node\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CD1A63BA-A08C-431B-9A34-F240AADC728D} => value removed successfully
HKCR\CLSID\{CD1A63BA-A08C-431B-9A34-F240AADC728D} => key not found.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\Users\Jarviness\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1401419 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1662734836 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 51006630 B
Edge => 5275633 B
Chrome => 105939936 B
Firefox => 109863178 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 239988 B
NetworkService => 47412 B
Jarviness => 575415253 B
DefaultAppPool => 0 B
RecycleBin => 3331745245 B
EmptyTemp: => 5.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:42:24 ====
Ran by Jarviness (02-03-2017 21:38:34) Run:1
Running from C:\Users\Jarviness\Desktop
Loaded Profiles: Jarviness (Available Profiles: Jarviness & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\...\MountPoints2: {12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} - "E:\HPLauncher.exe"
URLSearchHook: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
BHO-x32: Toolbar BHO -> {fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} -> C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbar.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-07] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-07] (Google Inc.)
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-1178627139-551152587-1051265069-1001 -> No Name - {CD1A63BA-A08C-431B-9A34-F240AADC728D} - No File
U3 idsvc; no ImagePath
C:\Users\Jarviness\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} => key removed successfully
HKCR\CLSID\{12b48207-a1b5-11e2-a9d3-bcaec5c27fdb} => key not found.
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} => value removed successfully
HKCR\Wow6432Node\CLSID\{5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => key removed successfully
HKCR\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} => key removed successfully
HKCR\Wow6432Node\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
HKU\S-1-5-21-1178627139-551152587-1051265069-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CD1A63BA-A08C-431B-9A34-F240AADC728D} => value removed successfully
HKCR\CLSID\{CD1A63BA-A08C-431B-9A34-F240AADC728D} => key not found.
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\Users\Jarviness\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1401419 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1662734836 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 51006630 B
Edge => 5275633 B
Chrome => 105939936 B
Firefox => 109863178 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 239988 B
NetworkService => 47412 B
Jarviness => 575415253 B
DefaultAppPool => 0 B
RecycleBin => 3331745245 B
EmptyTemp: => 5.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:42:24 ====
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Policie varuje
Smazáno. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Policie varuje
Dobře. Děkuji za pomoc 
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Policie varuje
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?