Dobrý den.
Při kontrole WD jsem nalezl malware v registrech, ale v zápětí došlo k zablokování defenderu.
"This application is turned off by group policy".
Také mi ve firefoxu vyskakujou nechtena okna s reklamami. Děkuji za každou pomoc.
-----------------------------------------------------------------------------------------------------------------
RSIT log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Markalous at 2017-03-15 20:43:12
Microsoft Windows 10 Home
System drive C: has 156 GB (41%) free of 381 GB
Total RAM: 8081 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:14, on 15.03.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Markalous\AppData\Local\Temp\00016072\msiql.exe
C:\Users\Markalous\AppData\Roaming\isMiner\msminer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Markalous\AppData\Roaming\Kuaizip\kytips.exe
C:\Program Files\trend micro\Markalous.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [isMiner Update] "C:\Users\Markalous\AppData\Roaming\isMiner\isMiner.exe" -checkforupdates
O4 - HKCU\..\Run: [msiql] C:\Users\Markalous\AppData\Local\Temp\00016072\msiql.exe /RUNNING
O4 - HKCU\..\Run: [H7L#BizFGv.exe] C:\Program Files\Microsoft Office\{785-5e-fc-cf4e1-babd8-15d4-53e1a}\H7L#BizFGv.exe -r1_5 -r2_1
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
O4 - HKCU\..\RunOnce: [vmtVAOvM#Y.exe] C:\Program Files\Microsoft Office\{785-5e-fc-cf4e1-babd8-15d4-53e1a}\vmtVAOvM#Y.exe 2 0
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: cgm.brevir-1 - Unknown owner - D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
O23 - Service: cgm.ecommunication-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DriverMFTService - ASUSTek Computer Inc. - C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GoogleChromeUpService - Unknown owner - C:\ProgramData\service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HCS.MedConnect.Service - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe
O23 - Service: HCS.MEDCONNECT.SERVICEMANAGER - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
O23 - Service: @oem49.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\WINDOWS\SysWoW64\xmesrv.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 14345 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
C:\WINDOWS\system32\igfxCUIService.exe
dashost.exe {75f79407-1c15-4d29-97294ff6fd10e4d8}
C:\WINDOWS\system32\rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\DbxSvc.exe
C:\WINDOWS\SysWoW64\xmesrv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
"C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe"
C:\WINDOWS\system32\ibtsiva
"C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Elantech\ETDService.exe"
C:\WINDOWS\SysWoW64\svchost.exe -k kuaizipupdatesvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Windows\system32\SAsrv.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\ProgramData\service.exe /s GoogleChromeUpService /uid:51495 /local:br
D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
D:\CGMSERVER\bin\core\cgm.servercore.exe
C:\WINDOWS\system32\WLANExt.exe 2238533028800
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"D:\CGMSERVER\jre\bin\java.exe" -Xms50m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath="D:\CGMSERVER\logs\java.dump" -jar ..\jetty\start.jar STOP.KEY=cgm.jetty.stop STOP.PORT=12384
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
CMD /C ""D:/CGMSERVER/bin/pgsql/bin/postgres.exe" -D "D:/CGMSERVER/data/pgsql" < "nul" >> "D:\CGMSERVER\logs\pg_ctl.log" 2>&1"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" -D "D:/CGMSERVER/data/pgsql"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forklog" "5212" "5216"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkboot" "5064" "-x3"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkboot" "5032" "-x4"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkavlauncher" "5060"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkcol" "5020"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "5012"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
igfxEM.exe
igfxHK.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\Markalous\AppData\Local\Temp\00016072\msiql.exe" /RUNNING
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"" "--start" "--register_port" "--address" "127.0.0.1" "--port" "49331" "--pause_on_user_switching" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC_WILLAMETTE" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=no output_folder='C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData\userlogs' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll' "
"C:\Users\Markalous\AppData\Roaming\isMiner\msminer.exe" -o stratum+tcp://xmr-eu.dwarfpool.com:8005 -u 41x6n94daJYUJjkPC72SpE56gnGK2gqpZF9MQqemEbSz5TZbi7sfPNsPxwYtFWb7MkVYM3L6X8gZjJFVN3LxvzXd2DDgD3Q -p x -t 2
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "5056"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "4980"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "4980"
"C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe" "--AUTO_START" "--start" "--address" "127.0.0.1" "--port" "49330" "--depend_on_key" "SYSTEM\CurrentControlSet\Services\ESRV_SVC_WILLAMETTE" "--depend_on_value" "run" "--time_in_ms" "--pause" "5000" "--library" "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll" "--no_pl" "--watchdog" "10" "--watchdog_cpu_usage_limit" "50" "--end_on_error" "--kernel_priority_boost" "--shutdown_priority_boost" "--device_options" " time=no output=w output_folder='C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData' limit_output_by=time output_limit=3600000 output_buffer=1024 il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll','process_input_options.txt' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll','service=yes' il='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll','pause=60000 working_dir=C:\ProgramData\Intel\SUR\WILLAMETTE\IntelData override_existing_tracing=no limit_output_by_filesize_mb=10' os='C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\os_counters.txt' "
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "4972"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "4968"
C:\WINDOWS\TEMP\gD8F3.tmp.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x354
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Markalous\AppData\Roaming\Kuaizip\kytips.exe" -enableintegeroclock=1 -kz_skinurl=http://i.kpzip.com/n/tui/tips/2/tips2-1.zip -detect360=1 -taskid=taskid.tips2-3
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 648 652 660 8192 656
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Markalous\Desktop\Údržba\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate
C:\WINDOWS\tasks\Uninstaller_SkipUac_Markalous.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
=========Mozilla firefox=========
ProfilePath - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default
prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=Software602 Form Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.127 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npPDFXCviewNPPlugin.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\searchplugins\
McSiteAdvisor.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29 462400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29 173120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-11-13 3242696]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2015-06-10 599896]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2016-09-07 631808]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MARKALOUSOVO"=C:\WINDOWS\TEMP\gD8F3.tmp.exe [2017-03-15 249344]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe [2017-03-03 2143936]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [2017-01-09 568904]
"isMiner Update"=C:\Users\Markalous\AppData\Roaming\isMiner\isMiner.exe [2017-03-15 2874368]
"msiql"=C:\Users\Markalous\AppData\Local\Temp\00016072\msiql.exe [2017-03-15 2072064]
"H7L#BizFGv.exe"=C:\Program Files\Microsoft Office\{785-5e-fc-cf4e1-babd8-15d4-53e1a}\H7L#BizFGv.exe [2017-03-15 139264]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]
"Uninstall C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]
"vmtVAOvM#Y.exe"=C:\Program Files\Microsoft Office\{785-5e-fc-cf4e1-babd8-15d4-53e1a}\vmtVAOvM#Y.exe [2017-03-15 221696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS TB Tray Agent]
c:\program files (x86)\easeus\traypopup\traytipagent.exe [2015-12-10 253992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_5D7D4019F38896730918709ABCFDAEC2]
c:\program files (x86)\google\chrome\application\chrome.exe [2017-02-01 945496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebStorage]
c:\program files (x86)\asus\webstorage\2.2.2.524\asuswsloader.exe [2015-05-31 63272]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-09-20 25382344]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-10-10 39792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{921DF8F6-0395-11E7-A44F-64006A5CFC23}"=C:\Users\Markalous\AppData\Roaming\Clhaght\Katutionvuzok.dll [2017-03-15 145920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableTaskMgr"=0
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
"EnableShellExecuteHooks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-03-15 20:27:24 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-15 20:24:58 ----D---- C:\Users\Markalous\AppData\Roaming\Prukatain
2017-03-15 20:24:58 ----D---- C:\Users\Markalous\AppData\Roaming\Event Monitor
2017-03-15 20:24:58 ----D---- C:\Program Files (x86)\Cpiing Client
2017-03-15 20:24:56 ----D---- C:\Program Files (x86)\UCBrowser
2017-03-15 20:24:55 ----D---- C:\Users\Markalous\AppData\Roaming\PC Clean Plus
2017-03-15 20:24:44 ----SHD---- C:\Config.Msi
2017-03-15 20:24:38 ----D---- C:\Program Files (x86)\PC Clean Plus
2017-03-15 20:24:31 ----D---- C:\Program Files (x86)\pccleanplus
2017-03-15 20:24:08 ----A---- C:\WINDOWS\system32\drivers\KuaiZipDrive.sys
2017-03-15 20:24:07 ----D---- C:\Users\Markalous\AppData\Roaming\KuaiZip
2017-03-15 20:24:06 ----D---- C:\Users\Markalous\AppData\Roaming\Softlink
2017-03-15 20:23:53 ----D---- C:\Program Files\żěŃą
2017-03-15 20:23:26 ----D---- C:\Users\Markalous\AppData\Roaming\UCChannel
2017-03-15 20:23:04 ----A---- C:\ProgramData\service.exe
2017-03-15 20:22:35 ----HD---- C:\ProgramData\4982n4126n2647H6893
2017-03-15 20:22:31 ----D---- C:\ProgramData\RegisterObject
2017-03-15 20:22:27 ----D---- C:\Users\Markalous\AppData\Roaming\isMiner
2017-03-15 20:22:07 ----D---- C:\Users\Markalous\AppData\Roaming\Clhaght
2017-03-15 20:22:07 ----D---- C:\Program Files (x86)\Pladesy Adapter
2017-03-15 20:22:02 ----D---- C:\Users\Markalous\AppData\Roaming\Profiles
2017-03-15 20:22:01 ----D---- C:\Program Files (x86)\Prerus
2017-03-02 14:01:26 ----D---- C:\Users\Markalous\AppData\Roaming\Open Rails (disabled)
2017-02-22 19:51:14 ----A---- C:\WINDOWS\system32\drivers\lgandnetmodem64.sys
2017-02-22 19:51:13 ----A---- C:\WINDOWS\system32\drivers\lgandnetdiag64.sys
2017-02-22 19:51:13 ----A---- C:\WINDOWS\system32\drivers\lgandnetbus64.sys
2017-02-22 11:23:53 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of files/folders modified in the last 1 month======
2017-03-15 20:43:13 ----D---- C:\Program Files\trend micro
2017-03-15 20:37:22 ----D---- C:\WINDOWS\Prefetch
2017-03-15 20:33:36 ----HD---- C:\Program Files\WindowsApps
2017-03-15 20:33:33 ----D---- C:\WINDOWS\Temp
2017-03-15 20:33:28 ----D---- C:\WINDOWS\System32
2017-03-15 20:33:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-15 20:33:17 ----D---- C:\WINDOWS\system32\config
2017-03-15 20:30:56 ----D---- C:\WINDOWS\INF
2017-03-15 20:30:21 ----D---- C:\WINDOWS\SoftwareDistribution
2017-03-15 20:30:15 ----D---- C:\WINDOWS\system32\Tasks
2017-03-15 20:27:56 ----D---- C:\ProgramData\ASUS Smart Gesture
2017-03-15 20:26:17 ----D---- C:\ProgramData\NVIDIA
2017-03-15 20:26:14 ----D---- C:\WINDOWS\system32\SleepStudy
2017-03-15 20:26:12 ----D---- C:\WINDOWS\debug
2017-03-15 20:26:10 ----D---- C:\Windows
2017-03-15 20:26:10 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-15 20:26:10 ----AD---- C:\Program Files\Microsoft Silverlight
2017-03-15 20:26:10 ----AD---- C:\Program Files (x86)\Microsoft Silverlight
2017-03-15 20:24:58 ----RD---- C:\Program Files (x86)
2017-03-15 20:24:44 ----SHDC---- C:\WINDOWS\Installer
2017-03-15 20:24:29 ----D---- C:\WINDOWS\system32\catroot2
2017-03-15 20:24:29 ----D---- C:\WINDOWS\system32\CatRoot
2017-03-15 20:24:27 ----D---- C:\Program Files\Microsoft Office
2017-03-15 20:24:08 ----D---- C:\WINDOWS\system32\drivers
2017-03-15 20:23:53 ----RD---- C:\Program Files
2017-03-15 20:23:39 ----D---- C:\WINDOWS\system32\DriverStore
2017-03-15 20:23:04 ----HD---- C:\ProgramData
2017-03-15 20:21:33 ----D---- C:\WINDOWS\AppReadiness
2017-03-15 20:16:04 ----D---- C:\Users\Markalous\AppData\Roaming\uTorrent
2017-03-15 20:03:21 ----D---- C:\WINDOWS\system32\sru
2017-03-15 20:00:46 ----AD---- C:\WINDOWS\SysWOW64
2017-03-15 20:00:44 ----D---- C:\WINDOWS\Tasks
2017-03-15 20:00:27 ----D---- C:\WINDOWS\system32\Macromed
2017-03-15 20:00:21 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-03-11 19:06:59 ----RD---- C:\WINDOWS\Microsoft.NET
2017-03-10 22:21:56 ----AD---- C:\ProgramData\Temp
2017-03-10 11:45:05 ----AD---- C:\Program Files (x86)\Dialog MIS
2017-03-10 09:02:19 ----D---- C:\WINDOWS\LiveKernelReports
2017-03-10 08:18:37 ----D---- C:\ProgramData\firebird
2017-03-09 07:52:36 ----D---- C:\ProgramData\ProductData
2017-03-08 22:10:06 ----D---- C:\Users\Markalous\AppData\Roaming\Open Rails
2017-03-07 22:49:30 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2017-03-05 13:59:26 ----SHD---- C:\System Volume Information
2017-03-04 21:10:45 ----D---- C:\Users\Markalous\AppData\Roaming\Orbx systems
2017-03-04 21:03:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-03-03 12:43:53 ----D---- C:\Users\Markalous\AppData\Roaming\Navdata
2017-02-23 09:19:32 ----D---- C:\WINDOWS\system32\MRT
2017-02-23 09:16:39 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-02-22 11:38:36 ----D---- C:\WINDOWS\WinSxS
2017-02-22 11:24:05 ----D---- C:\WINDOWS\CbsTemp
2017-02-17 21:00:15 ----RSD---- C:\WINDOWS\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2015-12-10 60968]
R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2015-12-10 48168]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-06-12 1469952]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-06-26 88256]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2014-12-20 40344]
R1 EUDSKACS;EUDSKACS; \??\C:\WINDOWS\system32\drivers\eudskacs.sys [2015-12-10 18472]
R1 EUFDDISK;EUFDDISK; \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys [2015-12-10 192552]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-04-09 27552]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2016-04-28 310728]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 KuaiZipDrive;KuaiZipDrive; \??\C:\WINDOWS\system32\drivers\KuaiZipDrive.sys [2017-03-15 92832]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2016-04-28 42696]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R3 ATP;@oem10.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-12-14 101368]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-08-20 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-08-20 84992]
R3 CnxtHdAudService;@oem59.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2016-06-12 1552376]
R3 ETD;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-11-13 525512]
R3 HIDSwitch;@oem32.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2016-05-14 27872]
R3 ibtusb;@oem5.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-15 266512]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-30 7969760]
R3 MEIx64;@oem93.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-05-14 185896]
R3 Netwtw04;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw04.sys [2016-07-24 7237384]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [2016-12-12 14200880]
R3 nvvad_WaveExtensible;@oem5.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-12-18 47760]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
R3 rt640x64;@oem20.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-06-12 936192]
R3 RTSPER;@oem23.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2016-06-12 758488]
R3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2015-06-04 21984]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2016-05-14 42600]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 AndnetBus;@oem9.inf,%LGSI.Service.Desc%;LGE Mobile USB Composite Device; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [2016-03-02 29696]
S3 AndNetDiag;@oem16.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [2016-03-02 30720]
S3 ANDNetModem;@oem19.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [2016-03-02 37376]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dbx;dbx; C:\WINDOWS\system32\DRIVERS\dbx.sys []
S3 dg_ssudbus;@oem9.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\syswow64\epmntdrv.sys [2014-11-18 14944]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\syswow64\EuGdiDrv.sys [2014-11-18 10208]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2015-11-12 139632]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-08-06 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 IntcDAud;@oem54.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-07-16 472872]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-01-12 26560]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService10;Advanced SystemCare Service 10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-10-14 462624]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_5a4dc;CDPUserSvc_5a4dc; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 cgm.brevir-1;cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [2016-06-29 252928]
R2 cgm.ebooking-1;cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [2015-12-03 27536]
R2 cgm.ecommunication-1;cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [2016-10-25 72800]
R2 cgm.servercore;cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [2015-10-13 93072]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CxAudMsg;Conexant Audio Message Service; C:\Windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2016-09-20 42792]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DriverMFTService;DriverMFTService; C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe [2015-05-19 20992]
R2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-06-08 416408]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-11-13 144072]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2016-06-23 642464]
R2 GoogleChromeUpService;GoogleChromeUpService; C:\ProgramData\service.exe [2017-03-15 1620992]
R2 ibtsiva;@oem49.inf,%SERVICE_NAME%;Intel Bluetooth Service; C:\WINDOWS\system32\ibtsiva []
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-30 373728]
R2 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2016-10-28 360736]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 KuaizipUpdateChecker;KuaizipUpdateChecker; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-11 459832]
R2 OneSyncSvc_5a4dc;Hostitel synchronizace_5a4dc; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2016-06-23 157088]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\syswow64\SAsrv.exe [2015-04-17 427224]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-04-20 129424]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 PimIndexMaintenanceSvc_5a4dc;Data kontaktů_5a4dc; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15 271960]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-30 301536]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2016-01-03 1044816]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-01-12 1163200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12 144200]
S3 HCS.MedConnect.Service;HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [2015-02-11 48528]
S3 HCS.MEDCONNECT.SERVICEMANAGER;HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [2015-02-11 87952]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-22 223520]
S3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-22 415520]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_5a4dc;Služba zasílání zpráv_5a4dc; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-07 172488]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-06-23 268704]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-01-12 1879488]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-01-12 6308288]
S3 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-01-12 4812736]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-09-07 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S4 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [2015-05-31 71168]
S4 ASUSGiftBoxDekstop;Asus GiftBox Desktop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [2015-07-20 315704]
S4 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11 136048]
S4 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11 136048]
S4 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2015-12-10 36904]
S4 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zablokovaný Windows defender - prosím o odvirování
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows defender - prosím o odvirování
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaný Windows defender - prosím o odvirování
..A víte, že mě to taky napadlo..ale chtěl jsem počkat na Vaší reakci 
----------------------------------------------------------------------------------------
Zde je log z AdwCleaneru:
# AdwCleaner v6.044 - Log vytvořen 15/03/2017 v 21:07:52
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-15.2 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Markalous - MARKALOUSOVO
# Spuštěno z : C:\Users\Markalous\Desktop\Údržba\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: GoogleChromeUpService
[-] Služba smazána: KuaiZipDrive
[-] Služba smazána: KuaizipUpdateChecker
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\PC Clean Plus
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\Event Monitor
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\Kuaizip
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\Softlink
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\UCChannel
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\isMiner
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Clean Plus
[-] Složka smazána: C:\Program Files (x86)\PC Clean Plus
[-] Složka smazána: C:\Program Files (x86)\pccleanplus
[-] Složka smazána: C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd
***** [ Soubory ] *****
[#] Soubor smazán: C:\WINDOWS\SysNative\drivers\KuaiZipDrive.sys
[-] Soubor smazán: C:\ProgramData\service.exe
[#] Soubor smazán: C:\ProgramData\service.exe
[-] Soubor smazán: C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bknbnapaddjdnbilpmlacdkjdkjmbjhd_0.localstorage
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: RunAtStartup
[-] Úloha smazána: RunAtStartup
[-] Úloha smazána: PC Clean Plus
[-] Úloha smazána: KuaiZip_Update
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.001
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.002
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.003
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.004
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.005
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.006
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.007
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.008
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.009
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.01
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.010
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.011
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.012
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.013
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.014
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.015
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.016
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.017
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.018
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.019
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.02
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.020
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.021
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.022
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.023
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.024
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.025
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.026
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.027
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.028
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.029
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.03
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.030
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.031
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.032
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.033
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.034
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.035
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.036
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.037
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.038
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.039
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.04
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.040
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.041
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.042
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.043
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.044
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.045
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.046
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.047
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.048
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.049
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.05
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.050
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.051
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.052
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.053
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.054
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.055
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.056
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.057
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.058
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.059
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.06
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.060
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.061
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.062
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.063
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.064
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.065
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.066
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.067
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.068
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.069
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.07
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.070
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.071
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.072
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.073
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.074
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.075
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.076
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.077
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.078
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.079
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.08
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.080
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.081
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.082
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.083
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.084
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.085
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.086
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.087
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.088
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.089
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.09
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.090
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.091
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.092
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.093
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.094
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.095
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.096
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.097
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.098
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.099
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.7z
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.arj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.bz2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.cab
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.gz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.gzip
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.jar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.kz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.lzh
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.mou
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.rar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.rpm
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.tar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.tbz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.tgz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.wim
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.z
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.zip
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.ape
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.bin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.ccd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.cue
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.flac
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.iso
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.isz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.mdf
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.mds
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.nrg
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.vcd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.wv
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount_FileAsso.Origin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip_FileAsso.Origin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.001
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.002
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.003
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.004
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.005
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.006
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.007
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.008
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.009
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.01
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.010
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.011
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.012
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.013
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.014
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.015
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.016
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.017
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.018
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.019
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.02
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.020
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.021
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.022
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.023
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.024
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.025
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.026
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.027
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.028
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.029
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.03
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.030
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.031
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.032
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.033
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.034
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.035
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.036
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.037
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.038
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.039
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.04
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.040
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.041
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.042
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.043
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.044
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.045
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.046
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.047
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.048
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.049
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.05
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.050
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.051
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.052
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.053
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.054
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.055
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.056
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.057
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.058
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.059
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.06
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.060
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.061
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.062
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.063
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.064
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.065
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.066
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.067
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.068
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.069
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.07
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.070
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.071
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.072
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.073
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.074
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.075
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.076
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.077
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.078
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.079
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.08
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.080
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.081
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.082
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.083
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.084
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.085
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.086
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.087
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.088
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.089
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.09
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.090
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.091
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.092
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.093
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.094
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.095
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.096
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.097
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.098
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.099
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.7z
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.arj
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.bz2
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.cab
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.gz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.gzip
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.jar
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.kz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.lzh
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.mou
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.rar
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.rpm
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.tar
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.tbz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.tgz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.wim
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.z
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.zip
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.ape
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.bin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.ccd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.cue
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.flac
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.iso
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.isz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.mdf
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.mds
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.nrg
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.vcd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.wv
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount_FileAsso.Origin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip_FileAsso.Origin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{86C4C3BA-4EA4-4CF8-98B9-6B07B477B835}
[-] Klíč smazán: HKU\.DEFAULT\Software\jhdbca
[-] Klíč smazán: HKU\.DEFAULT\Software\UpgSvr
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Installer
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\PC Clean Plus
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\PC
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\AutoTime
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\KuaiZip
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\SNDA
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\KuaiZipSFX
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\VideoBox
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\PopWnd
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\UpgSvr
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\isMiner
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\jhdbca
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\UpgSvr
[#] Klíč smazán po restartu: HKCU\Software\Installer
[#] Klíč smazán po restartu: HKCU\Software\PC Clean Plus
[#] Klíč smazán po restartu: HKCU\Software\PC
[#] Klíč smazán po restartu: HKCU\Software\AutoTime
[#] Klíč smazán po restartu: HKCU\Software\KuaiZip
[#] Klíč smazán po restartu: HKCU\Software\SNDA
[#] Klíč smazán po restartu: HKCU\Software\KuaiZipSFX
[#] Klíč smazán po restartu: HKCU\Software\VideoBox
[#] Klíč smazán po restartu: HKCU\Software\PopWnd
[#] Klíč smazán po restartu: HKCU\Software\UpgSvr
[#] Klíč smazán po restartu: HKCU\Software\isMiner
[-] Klíč smazán: HKLM\SOFTWARE\jhdbca
[-] Klíč smazán: HKLM\SOFTWARE\msServer
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\isMiner
[#] Klíč smazán po restartu: [x64] HKCU\Software\Installer
[#] Klíč smazán po restartu: [x64] HKCU\Software\PC Clean Plus
[#] Klíč smazán po restartu: [x64] HKCU\Software\PC
[#] Klíč smazán po restartu: [x64] HKCU\Software\AutoTime
[#] Klíč smazán po restartu: [x64] HKCU\Software\KuaiZip
[#] Klíč smazán po restartu: [x64] HKCU\Software\SNDA
[#] Klíč smazán po restartu: [x64] HKCU\Software\KuaiZipSFX
[#] Klíč smazán po restartu: [x64] HKCU\Software\VideoBox
[#] Klíč smazán po restartu: [x64] HKCU\Software\PopWnd
[#] Klíč smazán po restartu: [x64] HKCU\Software\UpgSvr
[#] Klíč smazán po restartu: [x64] HKCU\Software\isMiner
[-] Klíč smazán: [x64] HKLM\SOFTWARE\jhdbca
[-] Hodnota smazána: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[-] Hodnota smazána: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Windows\CurrentVersion\Run [isMiner Update]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [isMiner Update]
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [isMiner Update]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [kuaizipupdatesvc]
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL
[-] Klíč smazán: HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\KuaiZipShlExt
[-] Klíč smazán: HKCU\Software\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd
[#] Klíč smazán po restartu: [x64] HKCU\Software\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd
***** [ Prohlížeče ] *****
[-] [C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: slunecnice.cz
[-] [C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: bknbnapaddjdnbilpmlacdkjdkjmbjhd
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [749 Bajty] - [05/02/2016 19:18:12]
C:\AdwCleaner\AdwCleaner[C2].txt - [25910 Bajty] - [15/03/2017 21:07:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [657 Bajty] - [05/02/2016 19:16:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [23304 Bajty] - [15/03/2017 21:02:17]
C:\AdwCleaner\AdwCleaner[S3].txt - [23389 Bajty] - [15/03/2017 21:05:36]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [26204 Bajty] ##########
----------------------------------------------------------------------------------------
Zde je log z AdwCleaneru:
# AdwCleaner v6.044 - Log vytvořen 15/03/2017 v 21:07:52
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-15.2 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Markalous - MARKALOUSOVO
# Spuštěno z : C:\Users\Markalous\Desktop\Údržba\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: GoogleChromeUpService
[-] Služba smazána: KuaiZipDrive
[-] Služba smazána: KuaizipUpdateChecker
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\PC Clean Plus
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\Event Monitor
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\Kuaizip
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\Softlink
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\UCChannel
[-] Složka smazána: C:\Users\Markalous\AppData\Roaming\isMiner
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Clean Plus
[-] Složka smazána: C:\Program Files (x86)\PC Clean Plus
[-] Složka smazána: C:\Program Files (x86)\pccleanplus
[-] Složka smazána: C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd
***** [ Soubory ] *****
[#] Soubor smazán: C:\WINDOWS\SysNative\drivers\KuaiZipDrive.sys
[-] Soubor smazán: C:\ProgramData\service.exe
[#] Soubor smazán: C:\ProgramData\service.exe
[-] Soubor smazán: C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bknbnapaddjdnbilpmlacdkjdkjmbjhd_0.localstorage
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: RunAtStartup
[-] Úloha smazána: RunAtStartup
[-] Úloha smazána: PC Clean Plus
[-] Úloha smazána: KuaiZip_Update
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\GoogleChromeUpService
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.001
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.002
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.003
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.004
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.005
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.006
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.007
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.008
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.009
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.01
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.010
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.011
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.012
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.013
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.014
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.015
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.016
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.017
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.018
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.019
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.02
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.020
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.021
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.022
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.023
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.024
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.025
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.026
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.027
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.028
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.029
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.03
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.030
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.031
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.032
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.033
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.034
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.035
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.036
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.037
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.038
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.039
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.04
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.040
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.041
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.042
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.043
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.044
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.045
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.046
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.047
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.048
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.049
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.05
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.050
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.051
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.052
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.053
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.054
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.055
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.056
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.057
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.058
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.059
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.06
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.060
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.061
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.062
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.063
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.064
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.065
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.066
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.067
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.068
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.069
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.07
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.070
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.071
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.072
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.073
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.074
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.075
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.076
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.077
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.078
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.079
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.08
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.080
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.081
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.082
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.083
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.084
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.085
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.086
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.087
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.088
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.089
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.09
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.090
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.091
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.092
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.093
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.094
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.095
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.096
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.097
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.098
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.099
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.7z
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.arj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.bz2
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.cab
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.gz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.gzip
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.jar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.kz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.lzh
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.mou
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.rar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.rpm
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.tar
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.tbz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.tgz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.wim
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.z
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip.zip
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.ape
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.bin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.ccd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.cue
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.flac
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.iso
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.isz
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.mdf
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.mds
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.nrg
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.vcd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount.wv
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZipMount_FileAsso.Origin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\KuaiZip_FileAsso.Origin
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
[-] Klíč smazán: HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.001
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.002
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.003
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.004
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.005
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.006
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.007
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.008
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.009
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.01
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.010
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.011
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.012
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.013
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.014
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.015
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.016
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.017
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.018
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.019
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.02
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.020
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.021
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.022
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.023
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.024
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.025
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.026
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.027
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.028
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.029
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.03
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.030
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.031
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.032
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.033
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.034
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.035
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.036
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.037
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.038
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.039
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.04
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.040
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.041
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.042
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.043
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.044
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.045
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.046
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.047
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.048
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.049
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.05
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.050
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.051
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.052
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.053
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.054
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.055
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.056
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.057
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.058
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.059
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.06
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.060
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.061
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.062
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.063
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.064
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.065
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.066
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.067
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.068
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.069
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.07
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.070
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.071
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.072
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.073
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.074
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.075
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.076
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.077
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.078
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.079
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.08
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.080
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.081
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.082
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.083
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.084
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.085
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.086
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.087
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.088
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.089
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.09
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.090
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.091
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.092
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.093
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.094
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.095
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.096
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.097
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.098
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.099
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.7z
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.arj
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.bz2
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.cab
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.gz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.gzip
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.jar
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.kz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.lzh
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.mou
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.rar
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.rpm
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.tar
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.tbz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.tgz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.wim
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.z
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip.zip
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.ape
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.bin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.ccd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.cue
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.flac
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.iso
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.isz
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.mdf
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.mds
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.nrg
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.vcd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount.wv
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZipMount_FileAsso.Origin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\KuaiZip_FileAsso.Origin
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.ContextMenuExt.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.DragDropMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.KYDropHandler.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.KzShlobj
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.KzShlobj.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.PropertyExt
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\QZipShell.PropertyExt.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{9CC34070-3A38-4C7A-89CB-EF8177EF07A1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{86C4C3BA-4EA4-4CF8-98B9-6B07B477B835}
[-] Klíč smazán: HKU\.DEFAULT\Software\jhdbca
[-] Klíč smazán: HKU\.DEFAULT\Software\UpgSvr
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Installer
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\PC Clean Plus
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\PC
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\AutoTime
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\KuaiZip
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\SNDA
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\KuaiZipSFX
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\VideoBox
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\PopWnd
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\UpgSvr
[-] Klíč smazán: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\isMiner
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\jhdbca
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\UpgSvr
[#] Klíč smazán po restartu: HKCU\Software\Installer
[#] Klíč smazán po restartu: HKCU\Software\PC Clean Plus
[#] Klíč smazán po restartu: HKCU\Software\PC
[#] Klíč smazán po restartu: HKCU\Software\AutoTime
[#] Klíč smazán po restartu: HKCU\Software\KuaiZip
[#] Klíč smazán po restartu: HKCU\Software\SNDA
[#] Klíč smazán po restartu: HKCU\Software\KuaiZipSFX
[#] Klíč smazán po restartu: HKCU\Software\VideoBox
[#] Klíč smazán po restartu: HKCU\Software\PopWnd
[#] Klíč smazán po restartu: HKCU\Software\UpgSvr
[#] Klíč smazán po restartu: HKCU\Software\isMiner
[-] Klíč smazán: HKLM\SOFTWARE\jhdbca
[-] Klíč smazán: HKLM\SOFTWARE\msServer
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\isMiner
[#] Klíč smazán po restartu: [x64] HKCU\Software\Installer
[#] Klíč smazán po restartu: [x64] HKCU\Software\PC Clean Plus
[#] Klíč smazán po restartu: [x64] HKCU\Software\PC
[#] Klíč smazán po restartu: [x64] HKCU\Software\AutoTime
[#] Klíč smazán po restartu: [x64] HKCU\Software\KuaiZip
[#] Klíč smazán po restartu: [x64] HKCU\Software\SNDA
[#] Klíč smazán po restartu: [x64] HKCU\Software\KuaiZipSFX
[#] Klíč smazán po restartu: [x64] HKCU\Software\VideoBox
[#] Klíč smazán po restartu: [x64] HKCU\Software\PopWnd
[#] Klíč smazán po restartu: [x64] HKCU\Software\UpgSvr
[#] Klíč smazán po restartu: [x64] HKCU\Software\isMiner
[-] Klíč smazán: [x64] HKLM\SOFTWARE\jhdbca
[-] Hodnota smazána: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [msiql]
[-] Hodnota smazána: HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Windows\CurrentVersion\Run [isMiner Update]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [isMiner Update]
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [isMiner Update]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [kuaizipupdatesvc]
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\KuaiZipShlExt
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\KuaiZipShlExt
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\QZipShell.DLL
[-] Klíč smazán: HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\KuaiZipShlExt
[-] Klíč smazán: HKCU\Software\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd
[-] Klíč smazán: HKLM\SOFTWARE\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd
[#] Klíč smazán po restartu: [x64] HKCU\Software\Google\Chrome\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd
***** [ Prohlížeče ] *****
[-] [C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: slunecnice.cz
[-] [C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: bknbnapaddjdnbilpmlacdkjdkjmbjhd
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [749 Bajty] - [05/02/2016 19:18:12]
C:\AdwCleaner\AdwCleaner[C2].txt - [25910 Bajty] - [15/03/2017 21:07:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [657 Bajty] - [05/02/2016 19:16:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [23304 Bajty] - [15/03/2017 21:02:17]
C:\AdwCleaner\AdwCleaner[S3].txt - [23389 Bajty] - [15/03/2017 21:05:36]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [26204 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows defender - prosím o odvirování
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaný Windows defender - prosím o odvirování
Tak bohuzel, AdwCleaner stale nachází Kuaizip, ten vsak nelze odinstalovat nijak. Po restartu se opet objevi.
zde je FRST log:
------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Markalous (administrator) on MARKALOUSOVO (15-03-2017 22:34:50)
Running from C:\Users\Markalous\Desktop
Loaded Profiles: Markalous (Available Profiles: Markalous)
Platform: Windows 10 Home Version 1607 (X64) Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft) D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
(Microsoft) D:\CGMSERVER\bin\core\cgm.servercore.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\PixelMaster Video HDR\DriverMFTService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Oracle Corporation) D:\CGMSERVER\jre\bin\java.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
() C:\Windows\Temp\gD8F3.tmp.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
(CompuGroup Medical Česká republika s.r.o.) D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Markalous\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-11-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [MARKALOUSOVO] => C:\WINDOWS\TEMP\gD8F3.tmp.exe [249344 2017-03-15] () <===== ATTENTION
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Run: [uTorrent] => C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-03-03] (BitTorrent Inc.)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Run: [H7L#BizFGv.exe] => C:\Program Files\Microsoft Office\{785-5e-fc-cf4e1-babd8-15d4-53e1a}\H7L#BizFGv.exe [139264 2017-03-15] (With)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\RunOnce: [Uninstall C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\RunOnce: [Uninstall C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\RunOnce: [vmtVAOvM#Y.exe] => C:\Program Files\Microsoft Office\{785-5e-fc-cf4e1-babd8-15d4-53e1a}\vmtVAOvM#Y.exe [221696 2017-03-15] (FOrINs)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Providers\88hk1qxc: C:\Program Files (x86)\Pladesy Adapter\local64spl.dll [307712 2017-03-15] ()
ShellExecuteHooks: No Name - {921DF8F6-0395-11E7-A44F-64006A5CFC23} - C:\Users\Markalous\AppData\Roaming\Clhaght\Katutionvuzok.dll -> No File
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\żěŃą\X64\KZipShell.dll [2017-03-15] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{268f357a-b162-4e15-96d1-648f7e37a165}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{edad486c-8a2c-4582-88c1-d7a57ab2790c}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> hxxp://www.seznam.cz/
FireFox:
========
FF DefaultProfile: 01v2w0b0.default
FF ProfilePath: C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default [2017-03-15]
FF user.js: detected! => C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\user.js [2016-11-14]
FF Homepage: Mozilla\Firefox\Profiles\01v2w0b0.default -> http://www.seznam.cz
FF Extension: (PDFescape Extension) - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\Extensions\{2A1D5949-B519-4924-BF62-8522FE0D5274}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\searchplugins\McSiteAdvisor.xml [2015-11-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @servis24.cz/PKIComponent -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2016-03-29] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2016-03-29] (Česká spořitelna, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2007-05-10] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2016-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2016-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2016-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2016-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2016-09-16] (Apple Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default [2017-03-15]
CHR Extension: (Prezentace Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-12]
CHR Extension: (Dokumenty Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (Disk Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]
CHR Extension: (YouTube) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Tabulky Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-08-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-02-06]
CHR Extension: (Gmail) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-10-14] (IObit)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [File not signed]
S4 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [252928 2016-06-29] () [File not signed]
R2 cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [27536 2015-12-03] (Microsoft) [File not signed]
R2 cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [72800 2016-10-25] (CompuGroup Medical Česká republika s.r.o.)
R2 cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [93072 2015-10-13] (Microsoft) [File not signed]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42792 2016-09-20] (Windows (R) Win 7 DDK provider)
R2 DriverMFTService; C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe [20992 2015-05-19] (ASUSTek Computer Inc.) [File not signed]
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-11-13] (ELAN Microelectronics Corp.)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S3 HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [48528 2015-02-11] (HCS GmbH) [File not signed]
S3 HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [87952 2015-02-11] (HCS GmbH) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 xmengine service; C:\WINDOWS\SysWoW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [310728 2016-04-28] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-11-12] (Gemalto)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-09] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [266512 2015-07-15] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R2 KuaiZipDrive; C:\WINDOWS\system32\drivers\KuaiZipDrive.sys [92832 2017-03-15] (WinMount International Inc)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [42696 2016-04-28] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
U5 Netwtw02; C:\Windows\System32\Drivers\Netwtw02.sys [7081200 2015-09-24] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7237384 2016-07-24] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-06-12] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [758488 2016-06-12] (Realsil Semiconductor Corporation)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-14] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-15 22:34 - 2017-03-15 22:35 - 00031079 _____ C:\Users\Markalous\Desktop\FRST.txt
2017-03-15 22:34 - 2017-03-15 22:34 - 00029696 _____ C:\Users\Markalous\AppData\Local\MSGBOX.EXE
2017-03-15 22:34 - 2017-03-15 22:34 - 00015327 _____ C:\Users\Markalous\Desktop\LM.bat
2017-03-15 22:34 - 2017-03-15 22:34 - 00000000 ____D C:\FRST
2017-03-15 22:33 - 2017-03-15 22:33 - 02424832 _____ (Farbar) C:\Users\Markalous\Desktop\FRST64.exe
2017-03-15 22:33 - 2017-03-15 22:33 - 00112640 _____ (forum.viry.cz) C:\Users\Markalous\Desktop\FRSTLauncher.exe
2017-03-15 22:28 - 2017-03-15 22:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-15 22:26 - 2017-03-15 22:26 - 00016844 _____ C:\WINDOWS\System32\Tasks\plugin-container-exe
2017-03-15 21:52 - 2017-03-15 21:52 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-03-15 21:47 - 2017-03-15 22:07 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\KuaiZip
2017-03-15 21:45 - 2017-03-15 20:24 - 00092832 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys
2017-03-15 21:38 - 2017-03-15 21:59 - 00000000 ____D C:\WINDOWS\pss
2017-03-15 21:33 - 2017-03-15 22:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\program64
2017-03-15 21:33 - 2017-03-15 21:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\program32
2017-03-15 20:30 - 2017-03-15 20:30 - 00016850 _____ C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll
2017-03-15 20:28 - 2017-03-15 20:28 - 00016836 _____ C:\WINDOWS\System32\Tasks\plugin-container
2017-03-15 20:24 - 2017-03-15 20:31 - 00016818 _____ C:\WINDOWS\System32\Tasks\firefox
2017-03-15 20:24 - 2017-03-15 20:24 - 00006064 _____ C:\WINDOWS\System32\Tasks\Cpiing Client
2017-03-15 20:24 - 2017-03-15 20:24 - 00000886 _____ C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-03-15 20:24 - 2017-03-15 20:24 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Prukatain
2017-03-15 20:24 - 2017-03-15 20:24 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-03-15 20:24 - 2017-03-15 20:24 - 00000000 ____D C:\Program Files (x86)\Cpiing Client
2017-03-15 20:23 - 2017-03-15 22:26 - 00000000 ____D C:\Program Files\żěŃą
2017-03-15 20:22 - 2017-03-15 22:27 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Clhaght
2017-03-15 20:22 - 2017-03-15 20:25 - 00000000 ____D C:\Users\Markalous\AppData\Local\Couqlegrefase
2017-03-15 20:22 - 2017-03-15 20:25 - 00000000 ____D C:\Program Files (x86)\Prerus
2017-03-15 20:22 - 2017-03-15 20:22 - 00016842 _____ C:\WINDOWS\System32\Tasks\4982n4126n2647H6893
2017-03-15 20:22 - 2017-03-15 20:22 - 00006132 _____ C:\WINDOWS\System32\Tasks\Pladesy Adapter
2017-03-15 20:22 - 2017-03-15 20:22 - 00000000 ___HD C:\ProgramData\4982n4126n2647H6893
2017-03-15 20:22 - 2017-03-15 20:22 - 00000000 ____D C:\ProgramData\RegisterObject
2017-03-15 20:22 - 2017-03-15 20:22 - 00000000 ____D C:\Program Files (x86)\Pladesy Adapter
2017-03-15 20:15 - 2017-03-15 20:15 - 00003694 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-03-15 20:15 - 2017-03-15 20:15 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-03-04 21:01 - 2017-03-04 21:01 - 00000000 ____D C:\Users\Markalous\Downloads\AS_VILNIUS-INTERNATIONAL-X_FSX_V101
2017-03-03 12:43 - 2017-02-22 17:55 - 00000687 _____ C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2017-03-03 11:45 - 2017-03-03 12:12 - 00000000 ____D C:\Users\Markalous\Downloads\Navigraph AIRAC Cycle 1703
2017-03-03 11:44 - 2017-03-04 20:22 - 00000000 ____D C:\Users\Markalous\AppData\LocalLow\uTorrent
2017-03-02 14:01 - 2017-03-02 14:02 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Open Rails (disabled)
2017-03-01 20:40 - 2017-03-01 20:40 - 00681498 _____ C:\Users\Markalous\Documents\Boreš Tomáš.zfo
2017-02-24 07:50 - 2017-02-24 07:50 - 00000000 ____H C:\asc_rdflag
2017-02-22 19:55 - 2017-02-22 20:04 - 00000000 ____D C:\Users\Markalous\Desktop\sonidla-záloha
2017-02-22 19:51 - 2016-03-02 17:10 - 00037376 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetmodem64.sys
2017-02-22 19:51 - 2016-03-02 17:10 - 00030720 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys
2017-02-22 19:51 - 2016-03-02 17:10 - 00029696 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetbus64.sys
2017-02-22 11:23 - 2017-02-06 20:48 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-22 11:23 - 2017-02-06 20:48 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-13 14:13 - 2017-03-15 20:16 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fs-Etr485-T-biz
2017-02-13 14:01 - 2017-02-13 14:01 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FS ETR Pack
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-15 22:33 - 2016-07-16 23:25 - 01805526 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-15 22:33 - 2016-07-16 23:25 - 00486740 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-15 22:33 - 2015-08-15 06:21 - 04073160 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-15 22:31 - 2016-11-16 13:00 - 00000000 ____D C:\Users\Markalous\AppData\LocalLow\Mozilla
2017-03-15 22:31 - 2016-02-05 19:16 - 00000000 ____D C:\AdwCleaner
2017-03-15 22:30 - 2016-08-24 13:02 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-03-15 22:29 - 2016-06-20 07:03 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-03-15 22:28 - 2015-11-11 19:41 - 00000000 __SHD C:\Users\Markalous\IntelGraphicsProfiles
2017-03-15 22:27 - 2016-08-24 13:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-15 22:27 - 2016-08-24 12:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-15 22:26 - 2016-07-16 07:04 - 02621440 _____ C:\WINDOWS\system32\config\BBI
2017-03-15 21:08 - 2016-08-24 12:45 - 00000000 ____D C:\Users\Markalous
2017-03-15 21:03 - 2015-11-12 00:15 - 00000000 ____D C:\Users\Markalous\Desktop\Údržba
2017-03-15 20:57 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-15 20:43 - 2016-02-05 11:18 - 00000000 ____D C:\Program Files\trend micro
2017-03-15 20:33 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 20:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-15 20:26 - 2016-08-24 12:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-15 20:26 - 2016-02-16 19:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 20:26 - 2016-02-16 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-15 20:26 - 2015-11-11 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-15 20:24 - 2016-05-03 21:14 - 00000000 ____D C:\Program Files\Microsoft Office
2017-03-15 20:17 - 2016-02-16 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 20:16 - 2016-03-21 23:25 - 00000000 ____D C:\Users\Markalous\AppData\Local\CrashDumps
2017-03-15 20:16 - 2015-12-04 08:06 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\uTorrent
2017-03-15 20:04 - 2015-11-26 09:30 - 00000000 ____D C:\Users\Markalous\Desktop\záloha media telefon
2017-03-15 20:00 - 2016-08-24 13:02 - 00004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-15 20:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-15 20:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-11 21:34 - 2016-09-14 06:43 - 00000000 ____D C:\Users\Markalous\Desktop\nvid
2017-03-10 22:21 - 2016-02-03 13:11 - 00000000 ____D C:\Users\Markalous\Documents\Flight Simulator X Files
2017-03-10 22:21 - 2015-10-24 21:06 - 00000000 ____D C:\ProgramData\Temp
2017-03-10 21:16 - 2016-10-31 13:45 - 00000000 ____D C:\Users\Markalous\Documents\vPilot Files
2017-03-10 11:45 - 2015-11-11 20:47 - 00000000 ____D C:\Program Files (x86)\Dialog MIS
2017-03-10 09:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-10 08:18 - 2016-01-20 09:27 - 00000000 ____D C:\ProgramData\firebird
2017-03-09 07:52 - 2016-04-08 20:55 - 00000000 ____D C:\ProgramData\ProductData
2017-03-08 22:10 - 2015-11-16 15:04 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Open Rails
2017-03-07 22:49 - 2016-06-12 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-07 10:31 - 2017-01-25 10:34 - 00000000 ____D C:\Users\Markalous\Desktop\Train programy
2017-03-04 21:10 - 2016-02-11 09:33 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Orbx systems
2017-03-04 21:03 - 2015-11-15 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2017-03-04 21:03 - 2015-10-24 20:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-03 12:54 - 2016-01-20 10:50 - 00000000 ____D C:\Users\Public\Documents\PFPX Data
2017-03-03 12:43 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Navdata
2017-03-02 14:40 - 2015-11-13 13:53 - 00000000 _____ C:\Users\Markalous\AppData\Roaming\FileOut.cns
2017-03-02 14:40 - 2015-11-13 13:53 - 00000000 _____ C:\Users\Markalous\AppData\Roaming\FileIn.cns
2017-03-01 18:48 - 2016-10-08 22:24 - 00000000 ____D C:\Users\Markalous\Desktop\Viktor
2017-02-24 07:50 - 2016-11-07 06:19 - 05685248 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2017-02-24 07:50 - 2016-10-01 06:50 - 112349184 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2017-02-24 07:50 - 2016-10-01 06:50 - 00417792 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2017-02-24 07:50 - 2016-10-01 06:50 - 00061440 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2017-02-24 07:50 - 2016-10-01 06:50 - 00024576 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2017-02-23 09:19 - 2015-11-13 00:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 09:16 - 2015-11-13 00:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 11:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-17 12:35 - 2015-11-11 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompuGroup Medical
2017-02-13 07:01 - 2016-09-19 19:22 - 00000000 ____D C:\Users\Markalous\Desktop\Soňa
==================== Files in the root of some directories =======
2017-03-03 12:43 - 2017-02-22 17:55 - 0000687 _____ () C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2015-11-13 13:53 - 2017-03-02 14:40 - 0000000 _____ () C:\Users\Markalous\AppData\Roaming\FileIn.cns
2015-11-13 13:53 - 2017-03-02 14:40 - 0000000 _____ () C:\Users\Markalous\AppData\Roaming\FileOut.cns
2015-11-11 19:41 - 2016-06-26 08:12 - 0000165 _____ () C:\Users\Markalous\AppData\Roaming\sp_data.sys
2017-03-15 22:34 - 2017-03-15 22:34 - 0029696 _____ () C:\Users\Markalous\AppData\Local\MSGBOX.EXE
2016-04-08 11:29 - 2016-11-10 18:12 - 0007601 _____ () C:\Users\Markalous\AppData\Local\Resmon.ResmonCfg
2015-11-14 19:30 - 2015-11-14 19:30 - 0000000 _____ () C:\Users\Markalous\AppData\Local\{8E6A0024-B2E2-47BF-9147-A24DC9D2B2F9}
Files to move or delete:
====================
C:\WINDOWS\TEMP\gD8F3.tmp.exe
Some files in TEMP:
====================
2017-03-15 20:22 - 2017-03-15 20:22 - 0856045 _____ ( ) C:\Users\Markalous\AppData\Local\Temp\AutoTime51495.exe
2017-03-15 20:17 - 2017-03-15 20:17 - 2612600 _____ (Microsoft Corporation) C:\Users\Markalous\AppData\Local\Temp\DefaultPack.EXE
2017-03-15 20:23 - 2017-03-15 20:23 - 0249344 _____ () C:\Users\Markalous\AppData\Local\Temp\g2D0C.tmp.exe
2017-03-15 20:22 - 2017-03-15 20:23 - 0219648 _____ () C:\Users\Markalous\AppData\Local\Temp\g7B1.tmp.exe
2017-03-15 20:21 - 2017-03-15 20:22 - 4750185 _____ () C:\Users\Markalous\AppData\Local\Temp\inst-cli-20.exe
2017-03-15 20:22 - 2017-03-15 20:22 - 2874368 _____ (isMiner) C:\Users\Markalous\AppData\Local\Temp\isminer.exe
2017-03-15 20:22 - 2017-03-15 20:22 - 0388608 _____ (SOcialAPP) C:\Users\Markalous\AppData\Local\Temp\Setup.exe
2017-03-15 20:22 - 2017-03-15 20:22 - 1199825 _____ () C:\Users\Markalous\AppData\Local\Temp\unins000.exe
2017-03-15 20:22 - 2017-03-15 20:22 - 1247620 _____ (VideoBox ) C:\Users\Markalous\AppData\Local\Temp\vbsetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-03 22:14
==================== End of FRST.txt ============================
zde je FRST log:
------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Markalous (administrator) on MARKALOUSOVO (15-03-2017 22:34:50)
Running from C:\Users\Markalous\Desktop
Loaded Profiles: Markalous (Available Profiles: Markalous)
Platform: Windows 10 Home Version 1607 (X64) Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft) D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
(Microsoft) D:\CGMSERVER\bin\core\cgm.servercore.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\PixelMaster Video HDR\DriverMFTService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Oracle Corporation) D:\CGMSERVER\jre\bin\java.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
() C:\Windows\Temp\gD8F3.tmp.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe
(CompuGroup Medical Česká republika s.r.o.) D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
(PostgreSQL Global Development Group) D:\CGMSERVER\bin\pgsql\bin\postgres.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Markalous\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-11-13] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2007-10-10] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [MARKALOUSOVO] => C:\WINDOWS\TEMP\gD8F3.tmp.exe [249344 2017-03-15] () <===== ATTENTION
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Run: [uTorrent] => C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe [2143936 2017-03-03] (BitTorrent Inc.)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Run: [H7L#BizFGv.exe] => C:\Program Files\Microsoft Office\{785-5e-fc-cf4e1-babd8-15d4-53e1a}\H7L#BizFGv.exe [139264 2017-03-15] (With)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\RunOnce: [Uninstall C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\RunOnce: [Uninstall C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\RunOnce: [vmtVAOvM#Y.exe] => C:\Program Files\Microsoft Office\{785-5e-fc-cf4e1-babd8-15d4-53e1a}\vmtVAOvM#Y.exe [221696 2017-03-15] (FOrINs)
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Providers\88hk1qxc: C:\Program Files (x86)\Pladesy Adapter\local64spl.dll [307712 2017-03-15] ()
ShellExecuteHooks: No Name - {921DF8F6-0395-11E7-A44F-64006A5CFC23} - C:\Users\Markalous\AppData\Roaming\Clhaght\Katutionvuzok.dll -> No File
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.2.524\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => C:\Program Files\żěŃą\X64\KZipShell.dll [2017-03-15] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{268f357a-b162-4e15-96d1-648f7e37a165}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{edad486c-8a2c-4582-88c1-d7a57ab2790c}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> hxxp://www.seznam.cz/
FireFox:
========
FF DefaultProfile: 01v2w0b0.default
FF ProfilePath: C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default [2017-03-15]
FF user.js: detected! => C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\user.js [2016-11-14]
FF Homepage: Mozilla\Firefox\Profiles\01v2w0b0.default -> http://www.seznam.cz
FF Extension: (PDFescape Extension) - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\Extensions\{2A1D5949-B519-4924-BF62-8522FE0D5274}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\searchplugins\McSiteAdvisor.xml [2015-11-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @cuminas.jp/DjVuPlugin -> C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll [2015-11-19] (Adobe Systems, Inc.)
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2015-05-08] (Cuminas Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @servis24.cz/PKIComponent -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2016-03-29] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-1903383002-3755401707-383608710-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\Markalous\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2016-03-29] (Česká spořitelna, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2007-05-10] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2016-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2016-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2016-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2016-09-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2016-09-16] (Apple Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default [2017-03-15]
CHR Extension: (Prezentace Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-12]
CHR Extension: (Dokumenty Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (Disk Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-12]
CHR Extension: (YouTube) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-12]
CHR Extension: (Tabulky Google) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-08-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Hola - Unlimited Proxy VPN) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl [2016-02-06]
CHR Extension: (Gmail) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Markalous\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AdvancedSystemCareService10; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [462624 2016-10-14] (IObit)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168 2015-05-31] (ASUS Cloud Corporation) [File not signed]
S4 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUS)
R2 cgm.brevir-1; D:\CGMSERVER\bin\brevir-1\cgm.brevir-1.exe [252928 2016-06-29] () [File not signed]
R2 cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [27536 2015-12-03] (Microsoft) [File not signed]
R2 cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [72800 2016-10-25] (CompuGroup Medical Česká republika s.r.o.)
R2 cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [93072 2015-10-13] (Microsoft) [File not signed]
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-11] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42792 2016-09-20] (Windows (R) Win 7 DDK provider)
R2 DriverMFTService; C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe [20992 2015-05-19] (ASUSTek Computer Inc.) [File not signed]
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-12-10] (CHENGDU YIWO Tech Development Co., Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-11-13] (ELAN Microelectronics Corp.)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S3 HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [48528 2015-02-11] (HCS GmbH) [File not signed]
S3 HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [87952 2015-02-11] (HCS GmbH) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 xmengine service; C:\WINDOWS\SysWoW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [310728 2016-04-28] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [139632 2015-11-12] (Gemalto)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-09] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [266512 2015-07-15] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R2 KuaiZipDrive; C:\WINDOWS\system32\drivers\KuaiZipDrive.sys [92832 2017-03-15] (WinMount International Inc)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [42696 2016-04-28] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
U5 Netwtw02; C:\Windows\System32\Drivers\Netwtw02.sys [7081200 2015-09-24] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7237384 2016-07-24] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_11a67240324f74de\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-06-12] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [758488 2016-06-12] (Realsil Semiconductor Corporation)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-05-14] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-15 22:34 - 2017-03-15 22:35 - 00031079 _____ C:\Users\Markalous\Desktop\FRST.txt
2017-03-15 22:34 - 2017-03-15 22:34 - 00029696 _____ C:\Users\Markalous\AppData\Local\MSGBOX.EXE
2017-03-15 22:34 - 2017-03-15 22:34 - 00015327 _____ C:\Users\Markalous\Desktop\LM.bat
2017-03-15 22:34 - 2017-03-15 22:34 - 00000000 ____D C:\FRST
2017-03-15 22:33 - 2017-03-15 22:33 - 02424832 _____ (Farbar) C:\Users\Markalous\Desktop\FRST64.exe
2017-03-15 22:33 - 2017-03-15 22:33 - 00112640 _____ (forum.viry.cz) C:\Users\Markalous\Desktop\FRSTLauncher.exe
2017-03-15 22:28 - 2017-03-15 22:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-15 22:26 - 2017-03-15 22:26 - 00016844 _____ C:\WINDOWS\System32\Tasks\plugin-container-exe
2017-03-15 21:52 - 2017-03-15 21:52 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-03-15 21:47 - 2017-03-15 22:07 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\KuaiZip
2017-03-15 21:45 - 2017-03-15 20:24 - 00092832 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive.sys
2017-03-15 21:38 - 2017-03-15 21:59 - 00000000 ____D C:\WINDOWS\pss
2017-03-15 21:33 - 2017-03-15 22:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\program64
2017-03-15 21:33 - 2017-03-15 21:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\program32
2017-03-15 20:30 - 2017-03-15 20:30 - 00016850 _____ C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll
2017-03-15 20:28 - 2017-03-15 20:28 - 00016836 _____ C:\WINDOWS\System32\Tasks\plugin-container
2017-03-15 20:24 - 2017-03-15 20:31 - 00016818 _____ C:\WINDOWS\System32\Tasks\firefox
2017-03-15 20:24 - 2017-03-15 20:24 - 00006064 _____ C:\WINDOWS\System32\Tasks\Cpiing Client
2017-03-15 20:24 - 2017-03-15 20:24 - 00000886 _____ C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
2017-03-15 20:24 - 2017-03-15 20:24 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Prukatain
2017-03-15 20:24 - 2017-03-15 20:24 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-03-15 20:24 - 2017-03-15 20:24 - 00000000 ____D C:\Program Files (x86)\Cpiing Client
2017-03-15 20:23 - 2017-03-15 22:26 - 00000000 ____D C:\Program Files\żěŃą
2017-03-15 20:22 - 2017-03-15 22:27 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Clhaght
2017-03-15 20:22 - 2017-03-15 20:25 - 00000000 ____D C:\Users\Markalous\AppData\Local\Couqlegrefase
2017-03-15 20:22 - 2017-03-15 20:25 - 00000000 ____D C:\Program Files (x86)\Prerus
2017-03-15 20:22 - 2017-03-15 20:22 - 00016842 _____ C:\WINDOWS\System32\Tasks\4982n4126n2647H6893
2017-03-15 20:22 - 2017-03-15 20:22 - 00006132 _____ C:\WINDOWS\System32\Tasks\Pladesy Adapter
2017-03-15 20:22 - 2017-03-15 20:22 - 00000000 ___HD C:\ProgramData\4982n4126n2647H6893
2017-03-15 20:22 - 2017-03-15 20:22 - 00000000 ____D C:\ProgramData\RegisterObject
2017-03-15 20:22 - 2017-03-15 20:22 - 00000000 ____D C:\Program Files (x86)\Pladesy Adapter
2017-03-15 20:15 - 2017-03-15 20:15 - 00003694 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-03-15 20:15 - 2017-03-15 20:15 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-03-04 21:01 - 2017-03-04 21:01 - 00000000 ____D C:\Users\Markalous\Downloads\AS_VILNIUS-INTERNATIONAL-X_FSX_V101
2017-03-03 12:43 - 2017-02-22 17:55 - 00000687 _____ C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2017-03-03 11:45 - 2017-03-03 12:12 - 00000000 ____D C:\Users\Markalous\Downloads\Navigraph AIRAC Cycle 1703
2017-03-03 11:44 - 2017-03-04 20:22 - 00000000 ____D C:\Users\Markalous\AppData\LocalLow\uTorrent
2017-03-02 14:01 - 2017-03-02 14:02 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Open Rails (disabled)
2017-03-01 20:40 - 2017-03-01 20:40 - 00681498 _____ C:\Users\Markalous\Documents\Boreš Tomáš.zfo
2017-02-24 07:50 - 2017-02-24 07:50 - 00000000 ____H C:\asc_rdflag
2017-02-22 19:55 - 2017-02-22 20:04 - 00000000 ____D C:\Users\Markalous\Desktop\sonidla-záloha
2017-02-22 19:51 - 2016-03-02 17:10 - 00037376 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetmodem64.sys
2017-02-22 19:51 - 2016-03-02 17:10 - 00030720 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetdiag64.sys
2017-02-22 19:51 - 2016-03-02 17:10 - 00029696 _____ (LG Electronics Inc.) C:\WINDOWS\system32\Drivers\lgandnetbus64.sys
2017-02-22 11:23 - 2017-02-06 20:48 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-22 11:23 - 2017-02-06 20:48 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-13 14:13 - 2017-03-15 20:16 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fs-Etr485-T-biz
2017-02-13 14:01 - 2017-02-13 14:01 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FS ETR Pack
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-15 22:33 - 2016-07-16 23:25 - 01805526 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-15 22:33 - 2016-07-16 23:25 - 00486740 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-15 22:33 - 2015-08-15 06:21 - 04073160 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-15 22:31 - 2016-11-16 13:00 - 00000000 ____D C:\Users\Markalous\AppData\LocalLow\Mozilla
2017-03-15 22:31 - 2016-02-05 19:16 - 00000000 ____D C:\AdwCleaner
2017-03-15 22:30 - 2016-08-24 13:02 - 00003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-03-15 22:29 - 2016-06-20 07:03 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-03-15 22:28 - 2015-11-11 19:41 - 00000000 __SHD C:\Users\Markalous\IntelGraphicsProfiles
2017-03-15 22:27 - 2016-08-24 13:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-15 22:27 - 2016-08-24 12:40 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-15 22:26 - 2016-07-16 07:04 - 02621440 _____ C:\WINDOWS\system32\config\BBI
2017-03-15 21:08 - 2016-08-24 12:45 - 00000000 ____D C:\Users\Markalous
2017-03-15 21:03 - 2015-11-12 00:15 - 00000000 ____D C:\Users\Markalous\Desktop\Údržba
2017-03-15 20:57 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-15 20:43 - 2016-02-05 11:18 - 00000000 ____D C:\Program Files\trend micro
2017-03-15 20:33 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-15 20:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-15 20:26 - 2016-08-24 12:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-15 20:26 - 2016-02-16 19:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 20:26 - 2016-02-16 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-15 20:26 - 2015-11-11 20:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-15 20:24 - 2016-05-03 21:14 - 00000000 ____D C:\Program Files\Microsoft Office
2017-03-15 20:17 - 2016-02-16 19:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 20:16 - 2016-03-21 23:25 - 00000000 ____D C:\Users\Markalous\AppData\Local\CrashDumps
2017-03-15 20:16 - 2015-12-04 08:06 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\uTorrent
2017-03-15 20:04 - 2015-11-26 09:30 - 00000000 ____D C:\Users\Markalous\Desktop\záloha media telefon
2017-03-15 20:00 - 2016-08-24 13:02 - 00004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-15 20:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-15 20:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-11 21:34 - 2016-09-14 06:43 - 00000000 ____D C:\Users\Markalous\Desktop\nvid
2017-03-10 22:21 - 2016-02-03 13:11 - 00000000 ____D C:\Users\Markalous\Documents\Flight Simulator X Files
2017-03-10 22:21 - 2015-10-24 21:06 - 00000000 ____D C:\ProgramData\Temp
2017-03-10 21:16 - 2016-10-31 13:45 - 00000000 ____D C:\Users\Markalous\Documents\vPilot Files
2017-03-10 11:45 - 2015-11-11 20:47 - 00000000 ____D C:\Program Files (x86)\Dialog MIS
2017-03-10 09:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-10 08:18 - 2016-01-20 09:27 - 00000000 ____D C:\ProgramData\firebird
2017-03-09 07:52 - 2016-04-08 20:55 - 00000000 ____D C:\ProgramData\ProductData
2017-03-08 22:10 - 2015-11-16 15:04 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Open Rails
2017-03-07 22:49 - 2016-06-12 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-07 10:31 - 2017-01-25 10:34 - 00000000 ____D C:\Users\Markalous\Desktop\Train programy
2017-03-04 21:10 - 2016-02-11 09:33 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Orbx systems
2017-03-04 21:03 - 2015-11-15 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2017-03-04 21:03 - 2015-10-24 20:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-03 12:54 - 2016-01-20 10:50 - 00000000 ____D C:\Users\Public\Documents\PFPX Data
2017-03-03 12:43 - 2016-03-21 23:18 - 00000000 ____D C:\Users\Markalous\AppData\Roaming\Navdata
2017-03-02 14:40 - 2015-11-13 13:53 - 00000000 _____ C:\Users\Markalous\AppData\Roaming\FileOut.cns
2017-03-02 14:40 - 2015-11-13 13:53 - 00000000 _____ C:\Users\Markalous\AppData\Roaming\FileIn.cns
2017-03-01 18:48 - 2016-10-08 22:24 - 00000000 ____D C:\Users\Markalous\Desktop\Viktor
2017-02-24 07:50 - 2016-11-07 06:19 - 05685248 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2017-02-24 07:50 - 2016-10-01 06:50 - 112349184 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2017-02-24 07:50 - 2016-10-01 06:50 - 00417792 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2017-02-24 07:50 - 2016-10-01 06:50 - 00061440 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2017-02-24 07:50 - 2016-10-01 06:50 - 00024576 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2017-02-23 09:19 - 2015-11-13 00:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 09:16 - 2015-11-13 00:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-22 11:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-17 12:35 - 2015-11-11 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompuGroup Medical
2017-02-13 07:01 - 2016-09-19 19:22 - 00000000 ____D C:\Users\Markalous\Desktop\Soňa
==================== Files in the root of some directories =======
2017-03-03 12:43 - 2017-02-22 17:55 - 0000687 _____ () C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
2015-11-13 13:53 - 2017-03-02 14:40 - 0000000 _____ () C:\Users\Markalous\AppData\Roaming\FileIn.cns
2015-11-13 13:53 - 2017-03-02 14:40 - 0000000 _____ () C:\Users\Markalous\AppData\Roaming\FileOut.cns
2015-11-11 19:41 - 2016-06-26 08:12 - 0000165 _____ () C:\Users\Markalous\AppData\Roaming\sp_data.sys
2017-03-15 22:34 - 2017-03-15 22:34 - 0029696 _____ () C:\Users\Markalous\AppData\Local\MSGBOX.EXE
2016-04-08 11:29 - 2016-11-10 18:12 - 0007601 _____ () C:\Users\Markalous\AppData\Local\Resmon.ResmonCfg
2015-11-14 19:30 - 2015-11-14 19:30 - 0000000 _____ () C:\Users\Markalous\AppData\Local\{8E6A0024-B2E2-47BF-9147-A24DC9D2B2F9}
Files to move or delete:
====================
C:\WINDOWS\TEMP\gD8F3.tmp.exe
Some files in TEMP:
====================
2017-03-15 20:22 - 2017-03-15 20:22 - 0856045 _____ ( ) C:\Users\Markalous\AppData\Local\Temp\AutoTime51495.exe
2017-03-15 20:17 - 2017-03-15 20:17 - 2612600 _____ (Microsoft Corporation) C:\Users\Markalous\AppData\Local\Temp\DefaultPack.EXE
2017-03-15 20:23 - 2017-03-15 20:23 - 0249344 _____ () C:\Users\Markalous\AppData\Local\Temp\g2D0C.tmp.exe
2017-03-15 20:22 - 2017-03-15 20:23 - 0219648 _____ () C:\Users\Markalous\AppData\Local\Temp\g7B1.tmp.exe
2017-03-15 20:21 - 2017-03-15 20:22 - 4750185 _____ () C:\Users\Markalous\AppData\Local\Temp\inst-cli-20.exe
2017-03-15 20:22 - 2017-03-15 20:22 - 2874368 _____ (isMiner) C:\Users\Markalous\AppData\Local\Temp\isminer.exe
2017-03-15 20:22 - 2017-03-15 20:22 - 0388608 _____ (SOcialAPP) C:\Users\Markalous\AppData\Local\Temp\Setup.exe
2017-03-15 20:22 - 2017-03-15 20:22 - 1199825 _____ () C:\Users\Markalous\AppData\Local\Temp\unins000.exe
2017-03-15 20:22 - 2017-03-15 20:22 - 1247620 _____ (VideoBox ) C:\Users\Markalous\AppData\Local\Temp\vbsetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-03 22:14
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (19.67 KiB) Staženo 79 x
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows defender - prosím o odvirování
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\RunOnce: [MARKALOUSOVO] => C:\WINDOWS\TEMP\gD8F3.tmp.exe [249344 2017-03-15] () <===== ATTENTION
C:\WINDOWS\TEMP\gD8F3.tmp.exe
ShellExecuteHooks: No Name - {921DF8F6-0395-11E7-A44F-64006A5CFC23} - C:\Users\Markalous\AppData\Roaming\Clhaght\Katutionvuzok.dll -> No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
C:\Program Files (x86)\UCBrowser
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893
C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
Task: {285AC30E-3533-4A67-856D-54A1E07302B1} - System32\Tasks\4982n4126n2647H6893 => Rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY <==== ATTENTION
Task: {45D47717-ABB0-4EC9-9086-765C0A5F8EA0} - System32\Tasks\{1917B194-E0F2-444D-B8AC-704EB9A1A664} => pcalua.exe -a "D:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe" -d "D:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X"
Task: {45E73CF2-59FC-47A7-AA06-DB5E553FFBE6} - System32\Tasks\{82E0D1CD-CE15-4C4A-9BA0-CAFDD8D99524} => pcalua.exe -a "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi\Wilbur.exe" -d "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi"
Task: {2716AAEC-E224-4FC0-B3D4-E8B9FF543FD6} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-05-03] ()
C:\WINDOWS\AutoKMS
Task: {606A0A3A-B29F-420B-A846-149CC37F83D9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {6E56EE06-6519-470B-B2DC-B5BA1641D29C} - System32\Tasks\{7075130D-AFF8-4680-BA20-DC11EC8CDBCE} => pcalua.exe -a "C:\Program Files (x86)\Deep Silver\Horse Life\Autorun.exe" -d "C:\Program Files (x86)\Deep Silver\Horse Life"
Task: {75D5BB7C-6008-4C68-B558-0A0D1FD2B027} - System32\Tasks\Microsoft\Windows\Media Center\RegisterObject => C:\\ProgramData\\RegisterObject\\RegisterObject.exe [2017-03-15] () <==== ATTENTION
Task: {9681E464-615E-42E5-A190-593438E87E1F} - System32\Tasks\{F14ADDDA-4175-4980-9017-CA339CC2F2E6} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {FE152164-F6AE-4074-A093-B945FCA514BC} - System32\Tasks\{4B5AF35E-C863-4319-BF38-A1EE2E42744D} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {FEACB586-10A0-43AE-9FF9-282280BF225D} - System32\Tasks\{32FB79C5-2B97-4254-8A7E-CB3F72D160D6} => pcalua.exe -a "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi\Wilbur.exe" -d "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi"
C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll
C:\WINDOWS\TEMP\g7FA6.tmp
EmptyTemp:
ResetHosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaný Windows defender - prosím o odvirování
Provedeno, zde log:
----------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Markalous (16-03-2017 18:52:39) Run:1
Running from C:\Users\Markalous\Desktop
Loaded Profiles: Markalous (Available Profiles: Markalous)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\RunOnce: [MARKALOUSOVO] => C:\WINDOWS\TEMP\gD8F3.tmp.exe [249344 2017-03-15] () <===== ATTENTION
C:\WINDOWS\TEMP\gD8F3.tmp.exe
ShellExecuteHooks: No Name - {921DF8F6-0395-11E7-A44F-64006A5CFC23} - C:\Users\Markalous\AppData\Roaming\Clhaght\Katutionvuzok.dll -> No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
C:\Program Files (x86)\UCBrowser
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893
C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
Task: {285AC30E-3533-4A67-856D-54A1E07302B1} - System32\Tasks\4982n4126n2647H6893 => Rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY <==== ATTENTION
Task: {45D47717-ABB0-4EC9-9086-765C0A5F8EA0} - System32\Tasks\{1917B194-E0F2-444D-B8AC-704EB9A1A664} => pcalua.exe -a "D:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe" -d "D:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X"
Task: {45E73CF2-59FC-47A7-AA06-DB5E553FFBE6} - System32\Tasks\{82E0D1CD-CE15-4C4A-9BA0-CAFDD8D99524} => pcalua.exe -a "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi\Wilbur.exe" -d "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi"
Task: {2716AAEC-E224-4FC0-B3D4-E8B9FF543FD6} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-05-03] ()
C:\WINDOWS\AutoKMS
Task: {606A0A3A-B29F-420B-A846-149CC37F83D9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {6E56EE06-6519-470B-B2DC-B5BA1641D29C} - System32\Tasks\{7075130D-AFF8-4680-BA20-DC11EC8CDBCE} => pcalua.exe -a "C:\Program Files (x86)\Deep Silver\Horse Life\Autorun.exe" -d "C:\Program Files (x86)\Deep Silver\Horse Life"
Task: {75D5BB7C-6008-4C68-B558-0A0D1FD2B027} - System32\Tasks\Microsoft\Windows\Media Center\RegisterObject => C:\\ProgramData\\RegisterObject\\RegisterObject.exe [2017-03-15] () <==== ATTENTION
Task: {9681E464-615E-42E5-A190-593438E87E1F} - System32\Tasks\{F14ADDDA-4175-4980-9017-CA339CC2F2E6} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {FE152164-F6AE-4074-A093-B945FCA514BC} - System32\Tasks\{4B5AF35E-C863-4319-BF38-A1EE2E42744D} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {FEACB586-10A0-43AE-9FF9-282280BF225D} - System32\Tasks\{32FB79C5-2B97-4254-8A7E-CB3F72D160D6} => pcalua.exe -a "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi\Wilbur.exe" -d "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi"
C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll
C:\WINDOWS\TEMP\g7FA6.tmp
EmptyTemp:
ResetHosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\MARKALOUSOVO => value not found.
C:\WINDOWS\TEMP\gD8F3.tmp.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{921DF8F6-0395-11E7-A44F-64006A5CFC23} => value removed successfully
HKCR\CLSID\{921DF8F6-0395-11E7-A44F-64006A5CFC23} => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk => moved successfully
C:\Program Files (x86)\UCBrowser => moved successfully
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll => moved successfully
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893 => moved successfully
C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index => moved successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{285AC30E-3533-4A67-856D-54A1E07302B1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{285AC30E-3533-4A67-856D-54A1E07302B1} => key removed successfully
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4982n4126n2647H6893 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45D47717-ABB0-4EC9-9086-765C0A5F8EA0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45D47717-ABB0-4EC9-9086-765C0A5F8EA0} => key removed successfully
C:\WINDOWS\System32\Tasks\{1917B194-E0F2-444D-B8AC-704EB9A1A664} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1917B194-E0F2-444D-B8AC-704EB9A1A664} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45E73CF2-59FC-47A7-AA06-DB5E553FFBE6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45E73CF2-59FC-47A7-AA06-DB5E553FFBE6} => key removed successfully
C:\WINDOWS\System32\Tasks\{82E0D1CD-CE15-4C4A-9BA0-CAFDD8D99524} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{82E0D1CD-CE15-4C4A-9BA0-CAFDD8D99524} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2716AAEC-E224-4FC0-B3D4-E8B9FF543FD6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2716AAEC-E224-4FC0-B3D4-E8B9FF543FD6} => key removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key removed successfully
C:\WINDOWS\AutoKMS => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{606A0A3A-B29F-420B-A846-149CC37F83D9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{606A0A3A-B29F-420B-A846-149CC37F83D9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E56EE06-6519-470B-B2DC-B5BA1641D29C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E56EE06-6519-470B-B2DC-B5BA1641D29C} => key removed successfully
C:\WINDOWS\System32\Tasks\{7075130D-AFF8-4680-BA20-DC11EC8CDBCE} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7075130D-AFF8-4680-BA20-DC11EC8CDBCE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75D5BB7C-6008-4C68-B558-0A0D1FD2B027} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75D5BB7C-6008-4C68-B558-0A0D1FD2B027} => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterObject => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterObject => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9681E464-615E-42E5-A190-593438E87E1F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9681E464-615E-42E5-A190-593438E87E1F} => key removed successfully
C:\WINDOWS\System32\Tasks\{F14ADDDA-4175-4980-9017-CA339CC2F2E6} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F14ADDDA-4175-4980-9017-CA339CC2F2E6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE152164-F6AE-4074-A093-B945FCA514BC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE152164-F6AE-4074-A093-B945FCA514BC} => key removed successfully
C:\WINDOWS\System32\Tasks\{4B5AF35E-C863-4319-BF38-A1EE2E42744D} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B5AF35E-C863-4319-BF38-A1EE2E42744D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEACB586-10A0-43AE-9FF9-282280BF225D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEACB586-10A0-43AE-9FF9-282280BF225D} => key removed successfully
C:\WINDOWS\System32\Tasks\{32FB79C5-2B97-4254-8A7E-CB3F72D160D6} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32FB79C5-2B97-4254-8A7E-CB3F72D160D6} => key removed successfully
C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll => moved successfully
C:\WINDOWS\TEMP\g7FA6.tmp => moved successfully
ResetHosts: => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62326151 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 249609313 B
Edge => 224 B
Chrome => 1001472 B
Firefox => 10172248 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 60410 B
systemprofile32 => 128 B
LocalService => 7346 B
NetworkService => 0 B
Markalous => 154205944 B
RecycleBin => 140957076 B
EmptyTemp: => 589.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:53:30 ====
----------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Markalous (16-03-2017 18:52:39) Run:1
Running from C:\Users\Markalous\Desktop
Loaded Profiles: Markalous (Available Profiles: Markalous)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\RunOnce: [MARKALOUSOVO] => C:\WINDOWS\TEMP\gD8F3.tmp.exe [249344 2017-03-15] () <===== ATTENTION
C:\WINDOWS\TEMP\gD8F3.tmp.exe
ShellExecuteHooks: No Name - {921DF8F6-0395-11E7-A44F-64006A5CFC23} - C:\Users\Markalous\AppData\Roaming\Clhaght\Katutionvuzok.dll -> No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1903383002-3755401707-383608710-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk
C:\Program Files (x86)\UCBrowser
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893
C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index
Task: {285AC30E-3533-4A67-856D-54A1E07302B1} - System32\Tasks\4982n4126n2647H6893 => Rundll32.exe "C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll",nHGUnRY <==== ATTENTION
Task: {45D47717-ABB0-4EC9-9086-765C0A5F8EA0} - System32\Tasks\{1917B194-E0F2-444D-B8AC-704EB9A1A664} => pcalua.exe -a "D:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe" -d "D:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X"
Task: {45E73CF2-59FC-47A7-AA06-DB5E553FFBE6} - System32\Tasks\{82E0D1CD-CE15-4C4A-9BA0-CAFDD8D99524} => pcalua.exe -a "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi\Wilbur.exe" -d "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi"
Task: {2716AAEC-E224-4FC0-B3D4-E8B9FF543FD6} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-05-03] ()
C:\WINDOWS\AutoKMS
Task: {606A0A3A-B29F-420B-A846-149CC37F83D9} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {6E56EE06-6519-470B-B2DC-B5BA1641D29C} - System32\Tasks\{7075130D-AFF8-4680-BA20-DC11EC8CDBCE} => pcalua.exe -a "C:\Program Files (x86)\Deep Silver\Horse Life\Autorun.exe" -d "C:\Program Files (x86)\Deep Silver\Horse Life"
Task: {75D5BB7C-6008-4C68-B558-0A0D1FD2B027} - System32\Tasks\Microsoft\Windows\Media Center\RegisterObject => C:\\ProgramData\\RegisterObject\\RegisterObject.exe [2017-03-15] () <==== ATTENTION
Task: {9681E464-615E-42E5-A190-593438E87E1F} - System32\Tasks\{F14ADDDA-4175-4980-9017-CA339CC2F2E6} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {FE152164-F6AE-4074-A093-B945FCA514BC} - System32\Tasks\{4B5AF35E-C863-4319-BF38-A1EE2E42744D} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {FEACB586-10A0-43AE-9FF9-282280BF225D} - System32\Tasks\{32FB79C5-2B97-4254-8A7E-CB3F72D160D6} => pcalua.exe -a "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi\Wilbur.exe" -d "C:\Program Files (x86)\Disney Interactive Studios\Robinsonovi"
C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll
C:\WINDOWS\TEMP\g7FA6.tmp
EmptyTemp:
ResetHosts:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\MARKALOUSOVO => value not found.
C:\WINDOWS\TEMP\gD8F3.tmp.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{921DF8F6-0395-11E7-A44F-64006A5CFC23} => value removed successfully
HKCR\CLSID\{921DF8F6-0395-11E7-A44F-64006A5CFC23} => key not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1903383002-3755401707-383608710-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\Markalous\AppData\Roaming\Microsoft\Windows\Start Menu\żěŃą.lnk => moved successfully
C:\Program Files (x86)\UCBrowser => moved successfully
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893-dll => moved successfully
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893 => moved successfully
C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index => moved successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"C:\Users\Markalous\AppData\Roaming\eb9f97a6-d1cb-4c34-a3de-57fdf241b871.index" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{285AC30E-3533-4A67-856D-54A1E07302B1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{285AC30E-3533-4A67-856D-54A1E07302B1} => key removed successfully
C:\WINDOWS\System32\Tasks\4982n4126n2647H6893 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4982n4126n2647H6893 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45D47717-ABB0-4EC9-9086-765C0A5F8EA0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45D47717-ABB0-4EC9-9086-765C0A5F8EA0} => key removed successfully
C:\WINDOWS\System32\Tasks\{1917B194-E0F2-444D-B8AC-704EB9A1A664} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1917B194-E0F2-444D-B8AC-704EB9A1A664} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45E73CF2-59FC-47A7-AA06-DB5E553FFBE6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45E73CF2-59FC-47A7-AA06-DB5E553FFBE6} => key removed successfully
C:\WINDOWS\System32\Tasks\{82E0D1CD-CE15-4C4A-9BA0-CAFDD8D99524} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{82E0D1CD-CE15-4C4A-9BA0-CAFDD8D99524} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2716AAEC-E224-4FC0-B3D4-E8B9FF543FD6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2716AAEC-E224-4FC0-B3D4-E8B9FF543FD6} => key removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key removed successfully
C:\WINDOWS\AutoKMS => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{606A0A3A-B29F-420B-A846-149CC37F83D9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{606A0A3A-B29F-420B-A846-149CC37F83D9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E56EE06-6519-470B-B2DC-B5BA1641D29C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E56EE06-6519-470B-B2DC-B5BA1641D29C} => key removed successfully
C:\WINDOWS\System32\Tasks\{7075130D-AFF8-4680-BA20-DC11EC8CDBCE} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7075130D-AFF8-4680-BA20-DC11EC8CDBCE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75D5BB7C-6008-4C68-B558-0A0D1FD2B027} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75D5BB7C-6008-4C68-B558-0A0D1FD2B027} => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterObject => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterObject => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9681E464-615E-42E5-A190-593438E87E1F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9681E464-615E-42E5-A190-593438E87E1F} => key removed successfully
C:\WINDOWS\System32\Tasks\{F14ADDDA-4175-4980-9017-CA339CC2F2E6} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F14ADDDA-4175-4980-9017-CA339CC2F2E6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE152164-F6AE-4074-A093-B945FCA514BC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE152164-F6AE-4074-A093-B945FCA514BC} => key removed successfully
C:\WINDOWS\System32\Tasks\{4B5AF35E-C863-4319-BF38-A1EE2E42744D} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4B5AF35E-C863-4319-BF38-A1EE2E42744D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEACB586-10A0-43AE-9FF9-282280BF225D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEACB586-10A0-43AE-9FF9-282280BF225D} => key removed successfully
C:\WINDOWS\System32\Tasks\{32FB79C5-2B97-4254-8A7E-CB3F72D160D6} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{32FB79C5-2B97-4254-8A7E-CB3F72D160D6} => key removed successfully
C:\ProgramData\4982n4126n2647H6893\4982n4126n2647H6893.dll => moved successfully
C:\WINDOWS\TEMP\g7FA6.tmp => moved successfully
ResetHosts: => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62326151 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 249609313 B
Edge => 224 B
Chrome => 1001472 B
Firefox => 10172248 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 60410 B
systemprofile32 => 128 B
LocalService => 7346 B
NetworkService => 0 B
Markalous => 154205944 B
RecycleBin => 140957076 B
EmptyTemp: => 589.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:53:30 ====
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows defender - prosím o odvirování
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaný Windows defender - prosím o odvirování
Díky. Ten čínskej šmejd je už pryč, reklamy nevyskakujou.
Problém je, že stále nemůžu zapnout Windows Defender - viz příloha.
Problém je, že stále nemůžu zapnout Windows Defender - viz příloha.
- Přílohy
-
- Untitled.jpg (193.65 KiB) Zobrazeno 4006 x
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows defender - prosím o odvirování
Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaný Windows defender - prosím o odvirování
MBAM log je příliš dlouhý, zasílám jako rar-přílohu.
- Přílohy
-
- MBAMlog.rar
- (7.2 KiB) Staženo 80 x
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows defender - prosím o odvirování
Všechny nálezy MBAM smažte. Mimochodem bych vám doporučoval odinstalovat AdvancedSystemCare. Tento optomalizer, někdy vidí problém i tam, kde nejsopu a laik si jím často poškodí systém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaný Windows defender - prosím o odvirování
Smazáno vše z MBAM, odinstaloval jsem Advanced System care.
Prosím ještě o radu, jak opět zprovoznit Windows Defender, stále je "turned off by group policy" a já nevím, co s tím.
Díky.
Prosím ještě o radu, jak opět zprovoznit Windows Defender, stále je "turned off by group policy" a já nevím, co s tím.
Díky.
-
Rudy
- Site Admin
- Příspěvky: 119670
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zablokovaný Windows defender - prosím o odvirování
Jde to provést přes registry: https://forum.viry.cz/viewtopic.php?f=46&t=2791 . Návod, kde hledat je zde: https://translate.google.cz/translate?h ... rev=search .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zablokovaný Windows defender - prosím o odvirování
Děkuji za odbornou pomoc. System se zdá být již čistý. Můžeme to ukončit.
Chtěl bych se ještě zeptat, zda existuje něco podobného jako Advanced system care, nebo mám čistit disky, defragmenotvat registry atd. jen s windowsáckými nástroji?
MBAM odinstaluji.
Chtěl bych se ještě zeptat, zda existuje něco podobného jako Advanced system care, nebo mám čistit disky, defragmenotvat registry atd. jen s windowsáckými nástroji?
MBAM odinstaluji.
Přispějete na provoz fóra?