VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

PC se chová divně

https://forum.viry.cz:443/viewtopic.php?t=151913

Stránka 1 z 2

PC se chová divně

Napsal: 17 dub 2017 15:42
od zsman
Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2017-04-17 16:33:09
Microsoft Windows 8.1 Pro
System drive G: has 95 GB (61%) free of 155 GB
Total RAM: 3840 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:33:16, on 17. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
G:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe
H:\Instalované\AVAST Software\Avast\AvastUI.exe
H:\Instalované\Uninstaller\IObit Uninstaller\UninstallMonitor.exe
H:\Instalované\AVGTuneUp\Framework\Common\avguix.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
H:\Instalované\AVAST Software\Avast\gaming_hook.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
H:\Instalované\totalcmd\TOTALCMD.EXE
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
H:\Instalované\SumatraPDF\SumatraPDF.exe
H:\Staženo z netu\HiJackThis.exe
G:\Users\ZDENK~1\AppData\Local\Temp\nsy15A4.tmp\setupHiJackThis.exe
G:\Program Files\trend micro\Zdeněk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = G:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://tech-access.biz/wpad.dat?38ab839 ... cf28252110
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - G:\PROGRA~2\Spyware Terminator\STInternetGuard.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Instalované\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: IObit Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - G:\PROGRA~2\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll
O2 - BHO: IObit Ads Removal - {FFCB3198-32F3-4E8B-9539-4324694ED664} - G:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll
O4 - HKLM\..\Run: [AvgUi] "H:\Instalované\AVGTuneUp\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "H:\Instalované\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Advanced SystemCare 10] "G:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Inbox Storage] "G:\Program Files (x86)\Inbox Storage\InboxStorage.exe" /STARTUP
O4 - Startup: Sledovat výstrahy inkoustu - HP DeskJet 4530 series.lnk = ?
O8 - Extra context menu item: Analyzovat LeechGetem - file://H:\Instalované\LeechGet 2009\\Parser.html
O8 - Extra context menu item: Download LeechGetem - file://H:\Instalované\LeechGet 2009\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://H:\Instalované\LeechGet 2009\\Wizard.html
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{67AEFBA0-2FD6-42D3-A93E-B44318293602}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{67AEFBA0-2FD6-42D3-A93E-B44318293602}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - G:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - G:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 10 (AdvancedSystemCareService10) - IObit - G:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - G:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - H:\Instalované\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - H:\Instalované\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - H:\Instalované\AVAST Software\Avast\afwServ.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - G:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - G:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - G:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - G:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - G:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - H:\Instalované\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - G:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - G:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - G:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - G:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - G:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - G:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - H:\Instalované\System Explorer\service\SystemExplorerService64.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - G:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - G:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - G:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - G:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - G:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - G:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - G:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - G:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10166 bytes

======Listing Processes======






wininit.exe
winlogon.exe


G:\WINDOWS\system32\svchost.exe -k DcomLaunch
G:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"G:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
"G:\WINDOWS\system32\nvvsvc.exe"
"G:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
G:\WINDOWS\system32\nvvsvc.exe -session -first
G:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
G:\WINDOWS\system32\svchost.exe -k netsvcs
G:\WINDOWS\system32\svchost.exe -k LocalService
G:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
G:\WINDOWS\system32\svchost.exe -k NetworkService

G:\WINDOWS\Explorer.EXE
"G:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe" /RunCurUs
G:\WINDOWS\System32\spoolsv.exe
G:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
G:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe

H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe
G:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {67e6a8d1-66ee-40c3-94bf7f58f7aa5dfe}
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
G:\WINDOWS\system32\svchost.exe -k imgsvc
"H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
G:\WINDOWS\system32\SearchIndexer.exe /Embedding
G:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
G:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" fbfc5f46-f43d-4d6a-88d3-695d16dc498e
"G:\Windows\System32\SettingSyncHost.exe" -Embedding
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\G:\WINDOWS\system32\conhost.exe 0x4
\??\G:\WINDOWS\system32\conhost.exe 0x4
G:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2108
G:\Windows\System32\skydrive.exe -Embedding
AvastUI.exe /nogui
"H:\Instalované\Uninstaller\IObit Uninstaller\UninstallMonitor.exe"

/fmw.trayonly
G:\WINDOWS\system32\svchost.exe -k WindowsMobile
G:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
G:\WINDOWS\system32\wbem\wmiprvse.exe
taskhostex.exe Regular
taskhost.exe IdleSyncMaintenance
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0x130,0x134,0x138,0x12c,0x13c,0x6e407dc8,0x6e407dbc,0x6e407dd4
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3264 --on-initialized-event-handle=464 --parent-handle=476 /prefetch:6
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1256 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x03d0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.908 --gpu-driver-date=1-30-2015 --service-request-channel-token=B3F7441970AA508687A07F4BE6DCFF5D --mojo-platform-channel-handle=1276 --ignored=" --type=renderer " /prefetch:2
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=10F3BFA384A19D076C3BAB0659A94235 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=10F3BFA384A19D076C3BAB0659A94235 --renderer-client-id=7 --mojo-platform-channel-handle=2024 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=866FE39D45B25CA314D46977791474F8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=866FE39D45B25CA314D46977791474F8 --renderer-client-id=4 --mojo-platform-channel-handle=2328 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=2B1F152793C19A91A12331E9E7000E94 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=2B1F152793C19A91A12331E9E7000E94 --renderer-client-id=5 --mojo-platform-channel-handle=1720 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=2BEDC2C55004D330828F7AD9D7F08E63 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=2BEDC2C55004D330828F7AD9D7F08E63 --renderer-client-id=6 --mojo-platform-channel-handle=2548 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --lang=cs --service-request-channel-token=6CF73474719DCE4BC165C8D00E80C3E1 --mojo-platform-channel-handle=4176 --ignored=" --type=renderer " /prefetch:8
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=C399F10562A4854EB1FE89C11FEB668A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=C399F10562A4854EB1FE89C11FEB668A --renderer-client-id=11 --mojo-platform-channel-handle=5708 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=75562AB2758049A91118AD6FC2EDB2F9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=75562AB2758049A91118AD6FC2EDB2F9 --renderer-client-id=15 --mojo-platform-channel-handle=6480 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=A5C1355172D4A8B43435913395EB68FA --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=A5C1355172D4A8B43435913395EB68FA --renderer-client-id=24 --mojo-platform-channel-handle=3696 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=C118F13708615E9B8DB3D4116814185F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=C118F13708615E9B8DB3D4116814185F --renderer-client-id=34 --mojo-platform-channel-handle=8028 /prefetch:1
rundll32 "G:\Program Files\fdktzjhh\{5EC302BF-38A4-476C-8E4C-030F7F160078}\pz27zon1.k38",a3 20170422
"H:\Instalované\IObit Malware Fighter\IMFsrv.exe"
"H:\Instalované\IObit Malware Fighter\IMF.exe" /systemstart
"H:\Instalované\IObit Malware Fighter\IMFTips.exe" /starttips
"H:\Instalované\AVAST Software\Avast\gaming_hook.exe" /ph:cc040000
"H:\Instalované\AVAST Software\Avast\x64\gaming_hook.exe" /ph:cc040000
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=31476A8237B51FD289CF6241BF7C1505 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=31476A8237B51FD289CF6241BF7C1505 --renderer-client-id=84 --mojo-platform-channel-handle=9036 /prefetch:1
rundll32 "G:\Program Files\f09er35s\{548C031A-0BC8-43D3-A129-D97A2646FD0C}\9ur4zpzx.h1d",a3 20170422
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=B76BF2D3791215728B5C146983EDF68C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=B76BF2D3791215728B5C146983EDF68C --renderer-client-id=103 --mojo-platform-channel-handle=4420 /prefetch:1
"H:\Instalované\totalcmd\TOTALCMD.EXE"
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=81273216E9B08648B6B07ED9FDA1FC35 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=81273216E9B08648B6B07ED9FDA1FC35 --renderer-client-id=107 --mojo-platform-channel-handle=6584 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1256 --primordial-pipe-token=426D8BDC0A34F68FD3334745B27A5E68 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=426D8BDC0A34F68FD3334745B27A5E68 --renderer-client-id=113 --mojo-platform-channel-handle=10060 /prefetch:1
"H:\Instalované\totalcmd\tcmdx64.exe" 5272770
"H:\Instalované\SumatraPDF\SumatraPDF.exe" "G:\Users\Zdeněk\Desktop\tisk_týden_16_SKY_web velikonoce.pdf"
"H:\Staženo z netu\HiJackThis.exe"
setupHiJackThis.exe

"G:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe24_ Global\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "G:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"G:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"H:\Staženo z netu\RSITx64.exe"

======Scheduled tasks folder======

G:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - G:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
G:\WINDOWS\tasks\Uninstaller_SkipUac_Zdeněk.job - H:\Instalované\Uninstaller\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer

=========Mozilla firefox=========

ProfilePath - G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "https://www.google.com/search"

"wrc@avast.com"=H:\Instalované\AVAST Software\Avast\WebRep\FF
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=G:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
"sp@avast.com"=H:\Instalované\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=G:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=G:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=G:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=G:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=G:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll


G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default\extensions\
{4BBDD651-70CF-4821-84F8-2B918CF89CA3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - H:\Instalované\Uninstaller\IObit Uninstaller\UninstallExplorer.dll [2017-03-28 2478880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - G:\PROGRA~2\Spyware Terminator\STInternetGuard64.dll [2017-03-16 2021632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Instalované\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-05 895528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - g:\PROGRA~2\mcafee\siteadvisor\x64\mcieplg.dll [2017-03-27 189288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - G:\PROGRA~2\Spyware Terminator\STInternetGuard.dll [2017-03-16 1263368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Instalované\AVAST Software\Avast\aswWebRepIE.dll [2017-04-05 773920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll [2017-03-27 160192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
IObit Surfing Protection - G:\PROGRA~2\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2016-08-03 1203112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
IObit Ads Removal - G:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23 734632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=G:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-11-15 16696832]
"AvastUI.exe"=H:\Instalované\AVAST Software\Avast\AvLaunch.exe [2017-04-05 213824]
"SpywareTerminatorShield"=G:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2017-03-16 5349120]
"SpywareTerminatorUpdater"=G:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2017-03-16 5585672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 10"=G:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2017-02-08 3919136]
"Inbox Storage"=G:\Program Files (x86)\Inbox Storage\InboxStorage.exe [2015-08-31 4104552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"=H:\Instalované\AVGTuneUp\Framework\Common\avguirna.exe [2016-12-06 240400]
"HP Software Update"=G:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"IObit Malware Fighter"=H:\Instalované\IObit Malware Fighter\IMF.exe [2017-04-11 5296416]

G:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
Sledovat výstrahy inkoustu - HP DeskJet 4530 series.lnk - G:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{31FB0306-1B45-11E7-8C20-64006A5CFC23}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=G:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - G:\Windows\System32\Notepad.exe %1
.js - open - G:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-04-17 16:33:10 ----D---- G:\Program Files\trend micro
2017-04-17 13:46:11 ----A---- G:\WINDOWS\system32\drivers\IMFCameraProtect.sys
2017-04-17 06:38:52 ----A---- G:\WINDOWS\system32\FNTCACHE.DAT
2017-04-15 05:22:08 ----D---- G:\Program Files (x86)\Therlighrbocult
2017-04-14 23:11:29 ----D---- G:\Program Files (x86)\MIO
2017-04-14 23:11:10 ----D---- G:\Users\Zdeněk\AppData\Roaming\WinSAPSvc
2017-04-14 22:30:45 ----D---- G:\Program Files (x86)\CStart8
2017-04-14 22:30:30 ----D---- G:\Users\Zdeněk\AppData\Roaming\Inbox Storage
2017-04-14 22:30:24 ----D---- G:\Program Files (x86)\Inbox Storage
2017-04-14 22:20:33 ----D---- G:\Users\Zdeněk\AppData\Roaming\Spyware Terminator
2017-04-14 22:20:33 ----D---- G:\ProgramData\Spyware Terminator
2017-04-14 22:20:25 ----D---- G:\Program Files (x86)\Spyware Terminator
2017-04-14 22:03:53 ----D---- G:\Users\Zdeněk\AppData\Roaming\Spy Emergency
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg_guard.sys
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg_access.sys
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg.sys
2017-04-14 22:03:46 ----D---- G:\ProgramData\NETGATE
2017-04-14 21:20:32 ----D---- G:\Program Files (x86)\Google
2017-04-14 14:00:39 ----D---- G:\Program Files\f09er35s
2017-04-14 10:00:41 ----HD---- G:\$AV_ASW
2017-04-14 10:00:04 ----D---- G:\Program Files\MK
2017-04-14 09:58:43 ----A---- G:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-04-14 09:58:32 ----D---- G:\Program Files\fdktzjhh
2017-04-14 09:41:32 ----A---- G:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-04-14 09:41:32 ----A---- G:\WINDOWS\system32\msvcp120_clr0400.dll
2017-04-14 09:41:29 ----A---- G:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-04-14 09:41:29 ----A---- G:\WINDOWS\system32\msvcr120_clr0400.dll
2017-04-13 12:35:36 ----A---- G:\WINDOWS\system32\mshtml.dll
2017-04-13 12:35:33 ----A---- G:\WINDOWS\SYSWOW64\mshtml.dll
2017-04-13 12:35:31 ----A---- G:\WINDOWS\system32\ieframe.dll
2017-04-13 12:35:30 ----A---- G:\WINDOWS\SYSWOW64\ieframe.dll
2017-04-13 12:35:29 ----A---- G:\WINDOWS\SYSWOW64\jscript9.dll
2017-04-13 12:35:28 ----A---- G:\WINDOWS\system32\wuaueng.dll
2017-04-13 12:35:27 ----A---- G:\WINDOWS\system32\wininet.dll
2017-04-13 12:35:27 ----A---- G:\WINDOWS\system32\win32k.sys
2017-04-13 12:35:26 ----A---- G:\WINDOWS\SYSWOW64\wininet.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\SYSWOW64\storagewmi.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\system32\storagewmi.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\system32\iertutil.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\SYSWOW64\mispace.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\SYSWOW64\iertutil.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\system32\ole32.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\system32\mispace.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\urlmon.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\ole32.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\urlmon.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\rdpcorets.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\SYSWOW64\gdi32.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\wuapi.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\win32spl.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\samsrv.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\quartz.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\netlogon.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\gdi32.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\drivers\WdFilter.sys
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\wuapi.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\SessEnv.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\quartz.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\WindowsCodecs.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\SessEnv.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\drivers\dxgmms1.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\SYSWOW64\netlogon.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\wucltux.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\WdNisDrv.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\ndis.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\csc.sys
2017-04-13 12:35:20 ----A---- G:\WINDOWS\SYSWOW64\atmfd.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\ucrtbase.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\puiobj.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\msfeeds.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\drivers\mrxsmb.sys
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\atmfd.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\WinSCard.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\ScDeviceEnum.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\drivers\storport.sys
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\DafPrintProvider.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\certprop.dll
2017-04-13 12:35:18 ----A---- G:\WINDOWS\SYSWOW64\WinSCard.dll
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\WdBoot.sys
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\dfsc.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\http.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\BasicRender.sys
2017-04-13 12:35:16 ----A---- G:\WINDOWS\SYSWOW64\samlib.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\samlib.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\rdpudd.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\drivers\spaceport.sys
2017-04-13 12:35:15 ----A---- G:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-04-13 12:35:15 ----A---- G:\WINDOWS\SYSWOW64\asycfilt.dll
2017-04-13 12:35:15 ----A---- G:\WINDOWS\system32\wuauclt.exe
2017-04-13 12:35:15 ----A---- G:\WINDOWS\system32\drivers\storvsp.sys
2017-04-13 12:35:14 ----A---- G:\WINDOWS\system32\jscript.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\WUSettingsProvider.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\jscript9.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\asycfilt.dll
2017-04-13 12:35:11 ----A---- G:\WINDOWS\SYSWOW64\msfeeds.dll
2017-04-13 12:35:11 ----A---- G:\WINDOWS\system32\webcheck.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\webcheck.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\mfmjpegdec.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\iedkcs32.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\ie4uinit.exe
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\drivers\vpcivsp.sys
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wuwebv.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wudriver.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wuapp.exe
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\vbscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\jscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\inetcomm.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\atmlib.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wuwebv.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wudriver.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wuapp.exe
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\vbscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\inetcomm.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\ieapfltr.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\drivers\scfilter.sys
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\atmlib.dll
2017-04-12 20:27:17 ----D---- G:\ProgramData\BDLogging
2017-04-12 20:27:17 ----A---- G:\WINDOWS\system32\drivers\trufos.sys
2017-04-11 17:57:58 ----D---- G:\Users\Zdeněk\AppData\Roaming\Tujule
2017-04-11 17:57:57 ----D---- G:\Program Files (x86)\Hernoy Controls
2017-04-11 17:57:53 ----D---- G:\Users\Zdeněk\AppData\Roaming\Profiles
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswVmm.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswStm.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswSP.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswSnx.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswRvrt.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswRdr2.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswNetSec.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswMonFlt.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswKbd.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswHwid.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbuniva.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbloga.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbidsha.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-04-05 17:26:14 ----A---- G:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2017-04-17 16:33:10 ----RD---- G:\Program Files
2017-04-17 16:32:52 ----D---- G:\WINDOWS\Temp
2017-04-17 16:30:25 ----D---- G:\Program Files (x86)\trend micro
2017-04-17 16:12:11 ----D---- G:\rsit
2017-04-17 16:00:00 ----D---- G:\WINDOWS\system32\sru
2017-04-17 14:47:39 ----D---- G:\WINDOWS\Prefetch
2017-04-17 14:21:18 ----SHD---- G:\System Volume Information
2017-04-17 13:46:24 ----D---- G:\Program Files (x86)\IObit
2017-04-17 13:46:17 ----D---- G:\ProgramData\ProductData
2017-04-17 13:46:11 ----D---- G:\WINDOWS\system32\drivers
2017-04-17 08:51:31 ----HD---- G:\ProgramData
2017-04-17 07:02:46 ----D---- G:\WINDOWS\system32\config
2017-04-17 07:00:32 ----D---- G:\WINDOWS\Microsoft.NET
2017-04-17 06:59:30 ----D---- G:\WINDOWS\debug
2017-04-17 06:59:15 ----D---- G:\WINDOWS\Inf
2017-04-17 06:45:32 ----RD---- G:\WINDOWS\assembly
2017-04-17 06:39:28 ----D---- G:\Windows
2017-04-17 06:38:52 ----RD---- G:\WINDOWS\System32
2017-04-16 17:22:28 ----RD---- G:\Users
2017-04-16 16:26:33 ----D---- G:\WINDOWS\system32\catroot2
2017-04-16 10:50:42 ----SHD---- G:\WINDOWS\Installer
2017-04-16 10:45:43 ----RD---- G:\Program Files (x86)
2017-04-16 10:45:41 ----D---- G:\WINDOWS\Tasks
2017-04-16 09:40:11 ----D---- G:\WINDOWS\system32\Tasks
2017-04-16 08:24:30 ----D---- G:\WINDOWS\AppReadiness
2017-04-14 21:09:57 ----D---- G:\Program Files (x86)\McAfee
2017-04-14 20:13:15 ----D---- G:\Users\Zdeněk\AppData\Roaming\MPC-HC
2017-04-14 20:10:29 ----D---- G:\Program Files (x86)\Internet Explorer
2017-04-14 19:30:51 ----D---- G:\WINDOWS\system32\Macromed
2017-04-14 19:30:44 ----D---- G:\WINDOWS\SYSWOW64\Macromed
2017-04-14 18:17:02 ----D---- G:\WINDOWS\rescache
2017-04-14 10:04:08 ----A---- G:\WINDOWS\system32\PerfStringBackup.INI
2017-04-14 09:58:48 ----D---- G:\WINDOWS\WinSxS
2017-04-14 09:58:43 ----D---- G:\WINDOWS\SysWOW64
2017-04-14 09:57:31 ----D---- G:\WINDOWS\system32\DriverStore
2017-04-14 09:53:10 ----RD---- G:\WINDOWS\ToastData
2017-04-14 09:53:09 ----D---- G:\Program Files\Internet Explorer
2017-04-14 09:53:09 ----D---- G:\Program Files (x86)\Windows Defender
2017-04-14 09:53:08 ----D---- G:\WINDOWS\SYSWOW64\wbem
2017-04-14 09:53:08 ----D---- G:\WINDOWS\SYSWOW64\cs-CZ
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\wbem
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\drivers\cs-CZ
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\cs-CZ
2017-04-14 09:53:08 ----D---- G:\Program Files\Windows Defender
2017-04-14 09:52:51 ----D---- G:\WINDOWS\system32\MRT
2017-04-14 09:44:30 ----AC---- G:\WINDOWS\system32\MRT.exe
2017-04-14 09:44:24 ----D---- G:\WINDOWS\CbsTemp
2017-04-12 19:18:36 ----D---- G:\WINDOWS\system32\NDF
2017-04-11 18:40:58 ----D---- G:\ProgramData\IObit
2017-04-09 21:41:12 ----D---- G:\Users\Zdeněk\AppData\Roaming\StartMenu

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; G:\WINDOWS\system32\drivers\aswbidsha.sys [2017-04-05 189768]
R0 aswblog;aswblog; G:\WINDOWS\system32\drivers\aswbloga.sys [2017-04-05 334088]
R0 aswbuniv;aswbuniv; G:\WINDOWS\system32\drivers\aswbuniva.sys [2017-04-05 48528]
R0 aswRvrt;aswRvrt; G:\WINDOWS\system32\drivers\aswRvrt.sys [2017-04-05 75704]
R0 aswVmm;aswVmm; G:\WINDOWS\system32\drivers\aswVmm.sys [2017-04-05 339696]
R1 aswbidsdriver;aswbidsdriver; G:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-04-05 307736]
R1 aswKbd;aswKbd; G:\WINDOWS\system32\drivers\aswKbd.sys [2017-04-05 32600]
R1 aswNetSec;aswNetSec; G:\WINDOWS\system32\drivers\aswNetSec.sys [2017-04-05 505880]
R1 aswRdr;aswRdr; G:\WINDOWS\system32\drivers\aswRdr2.sys [2017-04-05 101152]
R1 aswSnx;aswSnx; G:\WINDOWS\system32\drivers\aswSnx.sys [2017-04-05 1005048]
R1 aswSP;aswSP; G:\WINDOWS\system32\drivers\aswSP.sys [2017-04-05 556784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\G:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-14 26528]
R1 IMFCameraProtect;IMFCameraProtect; \??\G:\WINDOWS\system32\drivers\IMFCameraProtect.sys [2017-03-29 26272]
R1 SpyEmrg;Spy Emergency Driver; G:\WINDOWS\System32\Drivers\spyemrg.sys [2011-04-21 17240]
R2 aswMonFlt;aswMonFlt; G:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-04-05 127112]
R2 aswStm;aswStm; G:\WINDOWS\system32\drivers\aswStm.sys [2017-04-05 164064]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; G:\WINDOWS\system32\DRIVERS\RMCAST.sys [2015-11-05 145408]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; G:\WINDOWS\system32\DRIVERS\stflt.sys [2011-08-24 51496]
R3 IMFDownProtect;IMFDownProtect; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [2017-03-08 21360]
R3 IMFFilter;IMFFilter; \??\H:\Instalované\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-12-22 22440]
R3 IMFForceDelete;IMFForceDelete; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [2017-03-29 16216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); G:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-11-15 5310472]
R3 nvlddmkm;nvlddmkm; G:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-08-28 13585736]
R3 NVNET;@netnvm64.inf,%NVENETFD.Service.DispName%;Ovladač Ethernet NVIDIA nForce; G:\WINDOWS\system32\DRIVERS\nvmf6264.sys [2013-06-18 344192]
R3 NvStreamKms;NvStreamKms; \??\G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-12 20768]
R3 nvvad_WaveExtensible;@oem33.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); G:\WINDOWS\system32\drivers\nvvad64v.sys [2016-08-28 56384]
R3 tap0901;@oem12.inf,%DeviceDescription%;TAP-Windows Adapter V9; G:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 Trufos;Trufos; G:\WINDOWS\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2016-02-15 32304]
R4 RegFilter;RegFilter; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-11-03 34752]
S3 61883;@61883.inf,%61883_Unit.ServiceDesc%;61883 Unit Device; G:\WINDOWS\System32\drivers\61883.sys [2013-08-22 59904]
S3 aswHwid;aswHwid; G:\WINDOWS\system32\drivers\aswHwid.sys [2017-04-05 38296]
S3 aswTap;@oem26.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; G:\WINDOWS\system32\DRIVERS\aswTap.sys [2014-11-22 44640]
S3 Avc;@avc.inf,%Avc.ServiceDesc%;AVC Device; G:\WINDOWS\System32\drivers\avc.sys [2013-08-22 48000]
S3 dg_ssudbus;@oem3.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); G:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem7.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; G:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem8.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; G:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem7.inf,%DOT4USB_NAME%;Dot4USB Filter; G:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 mfesapsn;McAfee Process Start Notification Service; \??\G:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
S3 MSDV;@msdv.inf,%DVCR.Capture%;Microsoft DV Camera and VCR; G:\WINDOWS\system32\DRIVERS\msdv.sys [2013-08-22 51584]
S3 nmwcd;@oem6.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; G:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem5.inf,%MFG% %SVC%;Nokia USB Communication Driver; G:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; G:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RTSUER;@oem25.inf,%RtsUER%;Realtek USB Card Reader - UER; G:\WINDOWS\system32\Drivers\RtsUer.sys [2016-08-28 413912]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; G:\WINDOWS\System32\Drivers\spyemrg_access.sys [2011-04-21 24408]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; G:\WINDOWS\System32\Drivers\spyemrg_guard.sys [2015-03-09 19768]
S3 ssudmdm;@oem4.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); G:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; G:\WINDOWS\system32\DRIVERS\usb8023x.sys [2015-04-25 20992]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); G:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; G:\WINDOWS\System32\drivers\usbscan.sys [2014-12-16 44544]
S3 usbser;USB Modem Driver; G:\WINDOWS\system32\drivers\usbser.sys [2014-12-16 33280]
S3 UsbserFilt;UsbserFilt; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); G:\WINDOWS\System32\Drivers\usbvideo.sys [2014-12-16 212736]
S3 VMSMP;VMSMP; G:\WINDOWS\system32\DRIVERS\vmswitch.sys [2013-09-30 685568]
S3 VMSP;VMSP; G:\WINDOWS\system32\DRIVERS\vmswitch.sys [2013-09-30 685568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService10;Advanced SystemCare Service 10; G:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-12-12 462624]
R2 avast! Antivirus;Avast Antivirus; H:\Instalované\AVAST Software\Avast\AvastSvc.exe [2017-04-05 261712]
R2 avast! Firewall;Avast Firewall Service; H:\Instalované\AVAST Software\Avast\afwServ.exe [2017-04-05 310496]
R2 avgsvc;AVG Service; H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe [2016-12-06 1146128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; G:\WINDOWS\System32\svchost.exe [2014-12-16 38792]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-04-07 33640]
R2 IMFservice;IMF Service; H:\Instalované\IObit Malware Fighter\IMFsrv.exe [2017-04-11 1764640]
R2 NvStreamSvc;NVIDIA Streamer Service; G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-12 5568288]
R2 nvsvc;NVIDIA Display Driver Service; G:\WINDOWS\system32\nvvsvc.exe [2015-01-31 878400]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; G:\WINDOWS\system32\svchost.exe [2014-12-16 38792]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2017-02-21 5906704]
R3 aswbIDSAgent;aswbIDSAgent; H:\Instalované\AVAST Software\Avast\x64\aswidsagenta.exe [2017-04-05 7398336]
S2 gupdate;Služba Aktualizace Google (gupdate); G:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-16 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; G:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-14 271448]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; G:\WINDOWS\System32\svchost.exe [2014-12-16 38792]
S3 gupdatem;Služba Aktualizace Google (gupdatem); G:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-16 153752]
S3 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; G:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2017-03-27 188264]
S3 SystemExplorerHelpService;System Explorer Service; H:\Instalované\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S4 IObitUnSvr;IObit Uninstaller Service; H:\Instalované\Uninstaller\IObit Uninstaller\IUService.exe [2017-03-28 360736]
S4 ServiceLayer;ServiceLayer; G:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service; G:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2017-03-16 3292416]
S4 TomTomHOMEService;TomTomHOMEService; H:\Instalované\TomTom\TomTom HOME 2\TomTomHOMEService.exe [2016-11-04 100088]

-----------------EOF-----------------

Re: PC se chová divně

Napsal: 17 dub 2017 15:49
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: PC se chová divně

Napsal: 18 dub 2017 21:09
od zsman
# AdwCleaner v6.045 - Log vytvořen 18/04/2017 v 21:58:41
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-04-18.1 [Server]
# Operační systém : Windows 8.1 Pro (X64)
# Uživatelské jméno : Zdeněk - DOMÁCÍPC
# Spuštěno z : G:\Users\Zdeněk\Desktop\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

[-] Služba smazána: sp_rsdrv2
[-] Služba smazána: WinSAPSvc
[-] Služba smazána: AdvancedSystemCareService10


***** [ Složky ] *****

[-] Složka smazána: G:\Users\Zdeněk\AppData\Local\cool_mirage
[-] Složka smazána: G:\Users\Zdeněk\AppData\Local\FileViewPro
[-] Složka smazána: G:\Users\Zdeněk\AppData\Local\slimware utilities inc
[#] Složka smazána po restartu: G:\Users\Zdeněk\AppData\Local\SlimWare

Utilities Inc
[-] Složka smazána: G:\Users\Zdeněk\AppData\LocalLow\IObit\Advanced

SystemCare
[-] Složka smazána: G:\Users\Zdeněk\AppData\Roaming\WinSAPSvc
[-] Složka smazána: G:\Users\Zdeněk\AppData\Roaming\IObit\Advanced

SystemCare
[-] Složka smazána: G:\Users\Zdeněk\Documents\PCSpeedUp
[#] Složka smazána po restartu: G:\Program Files\f09er35s
[-] Složka smazána: G:\ProgramData\IHProtectUpDate
[-] Složka smazána: G:\ProgramData\WindowsMangerProtect
[-] Složka smazána: G:\ProgramData\IObit\ASCDownloader
[-] Složka smazána: G:\ProgramData\IObit\Advanced SystemCare
[#] Složka smazána po restartu: G:\ProgramData\Application Data

\IHProtectUpDate
[#] Složka smazána po restartu: G:\ProgramData\Application Data

\WindowsMangerProtect
[#] Složka smazána po restartu: G:\ProgramData\Application Data\IObit

\ASCDownloader
[#] Složka smazána po restartu: G:\ProgramData\Application Data\IObit

\Advanced SystemCare
[-] Složka smazána: G:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Advanced SystemCare
[-] Složka smazána: G:\Users\Public\Documents\Downloaded Installers
[#] Složka smazána po restartu: G:\Program Files (x86)\IObit\Advanced

SystemCare
[-] Složka smazána: G:\Program Files (x86)\Common Files\IObit\Advanced

SystemCare
[-] Složka smazána: G:\WINDOWS\SysWOW64\config\systemprofile\AppData

\Roaming\IObit\Advanced SystemCare
[-] Složka smazána: G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox

\naweriweentcofise
[-] Složka smazána: G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data

\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
[-] Složka smazána: G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data

\Default\Local Extension Settings\bbmegnmpleoagolcnjnejdacakedpcgd


***** [ Soubory ] *****

[-] Soubor smazán: G:\Users\Zdeněk\AppData\Roaming\Microsoft\Internet

Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 10.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****

[-] Zástupce vyléčen: G:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Avast SafeZone Browser.lnk
[-] Zástupce vyléčen: G:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Mozilla Firefox.lnk
[-] Zástupce vyléčen: G:\Users\Zdeněk\Desktop\Programy\Avast SafeZone

Browser.lnk
[-] Zástupce vyléčen: G:\Users\Zdeněk\AppData\Roaming\Microsoft\Internet

Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Zástupce vyléčen: G:\Users\Zdeněk\AppData\Roaming\Microsoft\Internet

Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk


***** [ Naplánované úlohy ] *****

[-] Úloha smazána: ASC10_PerformanceMonitor
[-] Úloha smazána: Windows-PG


***** [ Registry ] *****

[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Services\EventLog

\Application\WindowsMangerProtect
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services

\EventLog\Application\WindowsMangerProtect
[#] Klíč smazán po restartu: HKLM\SYSTEM\CurrentControlSet\Services

\EventLog\Application\windowsmangerprotect
[#] Klíč smazán po restartu: [x64] HKLM\SYSTEM\CurrentControlSet\Services

\EventLog\Application\windowsmangerprotect
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes

\ASCExtMenu.CExtMenu.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-

59EE6CF0711F}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-

8BDE245DC7E6}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-

ECA9878B8D48}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-

00104B265ED5}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer

\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats

\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext

\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč smazán: HKU\.DEFAULT\Software\jhdbca
[-] Klíč smazán: HKU\S-1-5-21-1923296849-2351948686-3859510446-

1001\Software\PRODUCTSETUP
[-] Klíč smazán: HKU\S-1-5-21-1923296849-2351948686-3859510446-

1001\Software\SlimWare Utilities Inc
[-] Klíč smazán: HKU\S-1-5-21-1923296849-2351948686-3859510446-

1001\Software\csastats
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\jhdbca
[#] Klíč smazán po restartu: HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: HKCU\Software\SlimWare Utilities Inc
[#] Klíč smazán po restartu: HKCU\Software\csastats
[-] Klíč smazán: HKLM\SOFTWARE\IHProtect
[-] Klíč smazán: HKLM\SOFTWARE\omiga-plusSoftware
[-] Klíč smazán: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Klíč smazán: HKLM\SOFTWARE\jhdbca
[-] Klíč smazán: HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
[-] Klíč smazán: HKLM\SOFTWARE\IOBIT\ASC
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

\Advanced SystemCare_is1
[#] Klíč smazán po restartu: [x64] HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: [x64] HKCU\Software\SlimWare Utilities Inc
[#] Klíč smazán po restartu: [x64] HKCU\Software\csastats
[-] Klíč smazán: [x64] HKLM\SOFTWARE\jhdbca
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main

[Default_Search_URL]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main

[Default_Page_URL]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main

[Start Page]
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main

[Search Page]
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer

\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer

\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data obnovena: HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE

\shell\open\command [] "G:\Program Files (x86)\Internet Explorer

\iexplore.exe"
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage

\castplatform.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage

\cdn.castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet

Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet

Explorer\DOMStorage\cdn.castplatform.com
[-] Hodnota smazána: HKU\S-1-5-21-1923296849-2351948686-3859510446-

1001\Software\Microsoft\Windows\CurrentVersion\Run [Advanced SystemCare 10]
[-] Hodnota smazána: HKU\S-1-5-21-1923296849-2351948686-3859510446-

1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run

[Advanced SystemCare 10]
[#] Hodnota smazána po restartu: HKCU\Software\Microsoft\Windows

\CurrentVersion\Run [Advanced SystemCare 10]
[#] Hodnota smazána po restartu: [x64] HKCU\Software\Microsoft\Windows

\CurrentVersion\Run [Advanced SystemCare 10]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion

\Svchost [WinSAPSvc]
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX

\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS

\Advanced SystemCare
[-] Klíč smazán: HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS

\Advanced SystemCare


***** [ Prohlížeče ] *****

[-] [G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Web data]

[Search Provider] Smazáno: gymnazium-konice.cz
[-] [G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Web data]

[Search Provider] Smazáno: mysearch.avg.com
[-] [G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Web data]

[Search Provider] Smazáno: en.softonic.com
[-] [G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Web data]

[Search Provider] Smazáno: advanced-systemcare.en.softonic.com
[-] [G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default]

[extension] Smazáno: bbmegnmpleoagolcnjnejdacakedpcgd


*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

G:\AdwCleaner\AdwCleaner[C0].txt - [9290 Bajty] - [18/04/2017 21:58:41]
G:\AdwCleaner\AdwCleaner[S0].txt - [9977 Bajty] - [18/04/2017 21:21:59]

########## EOF - G:\AdwCleaner\AdwCleaner[C0].txt - [9436 Bajty] ##########

Re: PC se chová divně

Napsal: 18 dub 2017 21:11
od Rudy
Dejte nový log RSIT.

Re: PC se chová divně

Napsal: 18 dub 2017 21:18
od zsman
Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2017-04-18 22:17:33
Microsoft Windows 8.1 Pro
System drive G: has 94 GB (61%) free of 155 GB
Total RAM: 3840 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:38, on 18. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
H:\Instalované\AVAST Software\Avast\AvastUI.exe
H:\Instalované\AVGTuneUp\Framework\Common\avguix.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
H:\Instalované\totalcmd\TOTALCMD.EXE
G:\Program Files\trend micro\Zdeněk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = G:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://tech-access.biz/wpad.dat?38ab839 ... cf28252110
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - G:\PROGRA~2\Spyware Terminator\STInternetGuard.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Instalované\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: IObit Ads Removal - {FFCB3198-32F3-4E8B-9539-4324694ED664} - G:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll
O4 - HKLM\..\Run: [AvgUi] "H:\Instalované\AVGTuneUp\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "H:\Instalované\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Inbox Storage] "G:\Program Files (x86)\Inbox Storage\InboxStorage.exe" /STARTUP
O4 - Startup: Sledovat výstrahy inkoustu - HP DeskJet 4530 series.lnk = ?
O8 - Extra context menu item: Analyzovat LeechGetem - file://H:\Instalované\LeechGet 2009\\Parser.html
O8 - Extra context menu item: Download LeechGetem - file://H:\Instalované\LeechGet 2009\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://H:\Instalované\LeechGet 2009\\Wizard.html
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{67AEFBA0-2FD6-42D3-A93E-B44318293602}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{67AEFBA0-2FD6-42D3-A93E-B44318293602}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - G:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - G:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - G:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - H:\Instalované\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - H:\Instalované\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - H:\Instalované\AVAST Software\Avast\afwServ.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - G:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - G:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - G:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - G:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - G:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - H:\Instalované\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - G:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - G:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - G:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - G:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - G:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - G:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - H:\Instalované\System Explorer\service\SystemExplorerService64.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - G:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - G:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - G:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - G:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - G:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - G:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - G:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - G:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8902 bytes

======Listing Processes======






wininit.exe
winlogon.exe


G:\WINDOWS\system32\svchost.exe -k DcomLaunch
G:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"H:\Instalované\IObit Malware Fighter\IMFsrv.exe"
"G:\WINDOWS\system32\nvvsvc.exe"
"G:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
G:\WINDOWS\system32\nvvsvc.exe -session -first
G:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
G:\WINDOWS\system32\svchost.exe -k netsvcs
G:\WINDOWS\system32\svchost.exe -k LocalService
G:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
G:\WINDOWS\system32\svchost.exe -k NetworkService

G:\WINDOWS\Explorer.EXE
taskhostex.exe
G:\WINDOWS\System32\spoolsv.exe
G:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe
G:\WINDOWS\System32\svchost.exe -k utcsvc
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
dashost.exe {32ef47ac-856d-44a2-9752361fb5a37649}
G:\WINDOWS\system32\svchost.exe -k imgsvc
"H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2948

"G:\Windows\System32\SettingSyncHost.exe" -Embedding
G:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
G:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" fbfc5f46-f43d-4d6a-88d3-695d16dc498e
G:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\G:\WINDOWS\system32\conhost.exe 0x4
\??\G:\WINDOWS\system32\conhost.exe 0x4
G:\WINDOWS\system32\SearchIndexer.exe /Embedding
G:\Windows\System32\skydrive.exe -Embedding
G:\WINDOWS\system32\wbem\wmiprvse.exe
AvastUI.exe /nogui
"H:\Instalované\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"H:\Instalované\IObit Malware Fighter\IMFTips.exe" /starttips
/fmw.trayonly
"G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
G:\WINDOWS\system32\svchost.exe -k WindowsMobile
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0x134,0x138,0x13c,0x130,0x140,0x69077dc8,0x69077dbc,0x69077dd4
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4760 --on-initialized-event-handle=468 --parent-handle=480 /prefetch:6
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1220 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x03d0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.908 --gpu-driver-date=1-30-2015 --service-request-channel-token=3300849F1DD0E9B7B53B17D42FBC8A1F --mojo-platform-channel-handle=1228 --ignored=" --type=renderer " /prefetch:2
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1220 --primordial-pipe-token=545EBD0B544535C9073CC9AFBAB6FFB2 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=545EBD0B544535C9073CC9AFBAB6FFB2 --renderer-client-id=3 --mojo-platform-channel-handle=2444 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1220 --primordial-pipe-token=174DB7E1B5E7EDE7792F294510F79F98 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=174DB7E1B5E7EDE7792F294510F79F98 --renderer-client-id=4 --mojo-platform-channel-handle=2484 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1220 --primordial-pipe-token=47875F153E7197FA4F7FE67F15BE6200 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=47875F153E7197FA4F7FE67F15BE6200 --renderer-client-id=5 --mojo-platform-channel-handle=2496 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --lang=cs --service-request-channel-token=F62C96D06A299CCAA9F0B68DFCEAD387 --mojo-platform-channel-handle=3776 --ignored=" --type=renderer " /prefetch:8
G:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1220 --primordial-pipe-token=1219BAB199D2194237293A414274E94F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=1219BAB199D2194237293A414274E94F --renderer-client-id=11 --mojo-platform-channel-handle=5212 /prefetch:1
"H:\Instalované\totalcmd\TOTALCMD.EXE"
G:\WINDOWS\system32\wbem\wmiprvse.exe

"H:\Staženo z netu\RSITx64.exe"


======Scheduled tasks folder======

G:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - G:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
G:\WINDOWS\tasks\Uninstaller_SkipUac_Zdeněk.job - H:\Instalované\Uninstaller\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer

=========Mozilla firefox=========

ProfilePath - G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "https://www.google.com/search"

"wrc@avast.com"=H:\Instalované\AVAST Software\Avast\WebRep\FF
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=G:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
"sp@avast.com"=H:\Instalované\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=G:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=G:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=G:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=G:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=G:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll


G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default\extensions\
{4BBDD651-70CF-4821-84F8-2B918CF89CA3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - H:\Instalované\Uninstaller\IObit Uninstaller\UninstallExplorer.dll [2017-03-28 2478880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - G:\PROGRA~2\Spyware Terminator\STInternetGuard64.dll [2017-03-16 2021632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Instalované\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-05 895528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - g:\PROGRA~2\mcafee\siteadvisor\x64\mcieplg.dll [2017-03-27 189288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - G:\PROGRA~2\Spyware Terminator\STInternetGuard.dll [2017-03-16 1263368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Instalované\AVAST Software\Avast\aswWebRepIE.dll [2017-04-05 773920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll [2017-03-27 160192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
IObit Ads Removal - G:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23 734632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=G:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-11-15 16696832]
"AvastUI.exe"=H:\Instalované\AVAST Software\Avast\AvLaunch.exe [2017-04-05 213824]
"SpywareTerminatorShield"=G:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2017-03-16 5349120]
"SpywareTerminatorUpdater"=G:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2017-03-16 5585672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Inbox Storage"=G:\Program Files (x86)\Inbox Storage\InboxStorage.exe [2015-08-31 4104552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"=H:\Instalované\AVGTuneUp\Framework\Common\avguirna.exe [2016-12-06 240400]
"HP Software Update"=G:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"IObit Malware Fighter"=H:\Instalované\IObit Malware Fighter\IMF.exe [2017-04-11 5296416]

G:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
Sledovat výstrahy inkoustu - HP DeskJet 4530 series.lnk - G:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{31FB0306-1B45-11E7-8C20-64006A5CFC23}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=G:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - G:\Windows\System32\Notepad.exe %1
.js - open - G:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-04-18 22:03:43 ----D---- G:\ProgramData\SWCUTemp
2017-04-18 21:16:20 ----D---- G:\AdwCleaner
2017-04-17 16:33:10 ----D---- G:\Program Files\trend micro
2017-04-17 13:46:11 ----A---- G:\WINDOWS\system32\drivers\IMFCameraProtect.sys
2017-04-17 06:38:52 ----A---- G:\WINDOWS\system32\FNTCACHE.DAT
2017-04-15 05:22:08 ----D---- G:\Program Files (x86)\Therlighrbocult
2017-04-14 23:11:29 ----D---- G:\Program Files (x86)\MIO
2017-04-14 22:30:45 ----D---- G:\Program Files (x86)\CStart8
2017-04-14 22:30:30 ----D---- G:\Users\Zdeněk\AppData\Roaming\Inbox Storage
2017-04-14 22:30:24 ----D---- G:\Program Files (x86)\Inbox Storage
2017-04-14 22:20:33 ----D---- G:\Users\Zdeněk\AppData\Roaming\Spyware Terminator
2017-04-14 22:20:33 ----D---- G:\ProgramData\Spyware Terminator
2017-04-14 22:20:25 ----D---- G:\Program Files (x86)\Spyware Terminator
2017-04-14 22:03:53 ----D---- G:\Users\Zdeněk\AppData\Roaming\Spy Emergency
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg_guard.sys
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg_access.sys
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg.sys
2017-04-14 22:03:46 ----D---- G:\ProgramData\NETGATE
2017-04-14 21:20:32 ----D---- G:\Program Files (x86)\Google
2017-04-14 14:00:39 ----D---- G:\Program Files\f09er35s
2017-04-14 10:00:41 ----HD---- G:\$AV_ASW
2017-04-14 10:00:04 ----D---- G:\Program Files\MK
2017-04-14 09:58:43 ----A---- G:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-04-14 09:58:32 ----D---- G:\Program Files\fdktzjhh
2017-04-14 09:41:32 ----A---- G:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-04-14 09:41:32 ----A---- G:\WINDOWS\system32\msvcp120_clr0400.dll
2017-04-14 09:41:29 ----A---- G:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-04-14 09:41:29 ----A---- G:\WINDOWS\system32\msvcr120_clr0400.dll
2017-04-13 12:35:36 ----A---- G:\WINDOWS\system32\mshtml.dll
2017-04-13 12:35:33 ----A---- G:\WINDOWS\SYSWOW64\mshtml.dll
2017-04-13 12:35:31 ----A---- G:\WINDOWS\system32\ieframe.dll
2017-04-13 12:35:30 ----A---- G:\WINDOWS\SYSWOW64\ieframe.dll
2017-04-13 12:35:29 ----A---- G:\WINDOWS\SYSWOW64\jscript9.dll
2017-04-13 12:35:28 ----A---- G:\WINDOWS\system32\wuaueng.dll
2017-04-13 12:35:27 ----A---- G:\WINDOWS\system32\wininet.dll
2017-04-13 12:35:27 ----A---- G:\WINDOWS\system32\win32k.sys
2017-04-13 12:35:26 ----A---- G:\WINDOWS\SYSWOW64\wininet.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\SYSWOW64\storagewmi.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\system32\storagewmi.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\system32\iertutil.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\SYSWOW64\mispace.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\SYSWOW64\iertutil.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\system32\ole32.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\system32\mispace.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\urlmon.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\ole32.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\urlmon.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\rdpcorets.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\SYSWOW64\gdi32.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\wuapi.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\win32spl.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\samsrv.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\quartz.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\netlogon.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\gdi32.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\drivers\WdFilter.sys
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\wuapi.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\SessEnv.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\quartz.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\WindowsCodecs.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\SessEnv.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\drivers\dxgmms1.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\SYSWOW64\netlogon.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\wucltux.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\WdNisDrv.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\ndis.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\csc.sys
2017-04-13 12:35:20 ----A---- G:\WINDOWS\SYSWOW64\atmfd.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\ucrtbase.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\puiobj.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\msfeeds.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\drivers\mrxsmb.sys
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\atmfd.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\WinSCard.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\ScDeviceEnum.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\drivers\storport.sys
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\DafPrintProvider.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\certprop.dll
2017-04-13 12:35:18 ----A---- G:\WINDOWS\SYSWOW64\WinSCard.dll
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\WdBoot.sys
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\dfsc.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\http.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\BasicRender.sys
2017-04-13 12:35:16 ----A---- G:\WINDOWS\SYSWOW64\samlib.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\samlib.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\rdpudd.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\drivers\spaceport.sys
2017-04-13 12:35:15 ----A---- G:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-04-13 12:35:15 ----A---- G:\WINDOWS\SYSWOW64\asycfilt.dll
2017-04-13 12:35:15 ----A---- G:\WINDOWS\system32\wuauclt.exe
2017-04-13 12:35:15 ----A---- G:\WINDOWS\system32\drivers\storvsp.sys
2017-04-13 12:35:14 ----A---- G:\WINDOWS\system32\jscript.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\WUSettingsProvider.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\jscript9.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\asycfilt.dll
2017-04-13 12:35:11 ----A---- G:\WINDOWS\SYSWOW64\msfeeds.dll
2017-04-13 12:35:11 ----A---- G:\WINDOWS\system32\webcheck.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\webcheck.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\mfmjpegdec.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\iedkcs32.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\ie4uinit.exe
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\drivers\vpcivsp.sys
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wuwebv.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wudriver.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wuapp.exe
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\vbscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\jscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\inetcomm.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\atmlib.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wuwebv.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wudriver.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wuapp.exe
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\vbscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\inetcomm.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\ieapfltr.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\drivers\scfilter.sys
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\atmlib.dll
2017-04-12 20:27:17 ----D---- G:\ProgramData\BDLogging
2017-04-12 20:27:17 ----A---- G:\WINDOWS\system32\drivers\trufos.sys
2017-04-11 17:57:58 ----D---- G:\Users\Zdeněk\AppData\Roaming\Tujule
2017-04-11 17:57:57 ----D---- G:\Program Files (x86)\Hernoy Controls
2017-04-11 17:57:53 ----D---- G:\Users\Zdeněk\AppData\Roaming\Profiles
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswVmm.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswStm.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswSP.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswSnx.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswRvrt.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswRdr2.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswNetSec.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswMonFlt.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswKbd.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswHwid.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbuniva.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbloga.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbidsha.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-04-05 17:26:14 ----A---- G:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2017-04-18 22:14:04 ----D---- G:\WINDOWS\Temp
2017-04-18 22:13:46 ----D---- G:\WINDOWS\Prefetch
2017-04-18 22:03:43 ----HD---- G:\ProgramData
2017-04-18 22:00:01 ----D---- G:\WINDOWS\system32\sru
2017-04-18 21:58:13 ----D---- G:\WINDOWS\system32\Tasks
2017-04-18 21:57:27 ----D---- G:\ProgramData\IObit
2017-04-18 21:57:10 ----D---- G:\Users\Zdeněk\AppData\Roaming\IObit
2017-04-18 21:30:11 ----D---- G:\WINDOWS\Microsoft.NET
2017-04-17 18:20:28 ----D---- G:\ProgramData\ProductData
2017-04-17 16:33:10 ----RD---- G:\Program Files
2017-04-17 16:30:25 ----D---- G:\Program Files (x86)\trend micro
2017-04-17 16:12:11 ----D---- G:\rsit
2017-04-17 14:21:18 ----SHD---- G:\System Volume Information
2017-04-17 13:46:24 ----D---- G:\Program Files (x86)\IObit
2017-04-17 13:46:11 ----D---- G:\WINDOWS\system32\drivers
2017-04-17 07:02:46 ----D---- G:\WINDOWS\system32\config
2017-04-17 06:59:30 ----D---- G:\WINDOWS\debug
2017-04-17 06:59:15 ----D---- G:\WINDOWS\Inf
2017-04-17 06:45:32 ----RD---- G:\WINDOWS\assembly
2017-04-17 06:39:28 ----D---- G:\Windows
2017-04-17 06:38:52 ----RD---- G:\WINDOWS\System32
2017-04-16 17:22:28 ----RD---- G:\Users
2017-04-16 16:26:33 ----D---- G:\WINDOWS\system32\catroot2
2017-04-16 10:50:42 ----SHD---- G:\WINDOWS\Installer
2017-04-16 10:45:43 ----RD---- G:\Program Files (x86)
2017-04-16 10:45:41 ----D---- G:\WINDOWS\Tasks
2017-04-16 08:24:30 ----D---- G:\WINDOWS\AppReadiness
2017-04-14 21:09:57 ----D---- G:\Program Files (x86)\McAfee
2017-04-14 20:13:15 ----D---- G:\Users\Zdeněk\AppData\Roaming\MPC-HC
2017-04-14 20:10:29 ----D---- G:\Program Files (x86)\Internet Explorer
2017-04-14 19:30:51 ----D---- G:\WINDOWS\system32\Macromed
2017-04-14 19:30:44 ----D---- G:\WINDOWS\SYSWOW64\Macromed
2017-04-14 18:17:02 ----D---- G:\WINDOWS\rescache
2017-04-14 10:04:08 ----A---- G:\WINDOWS\system32\PerfStringBackup.INI
2017-04-14 09:58:48 ----D---- G:\WINDOWS\WinSxS
2017-04-14 09:58:43 ----D---- G:\WINDOWS\SysWOW64
2017-04-14 09:57:31 ----D---- G:\WINDOWS\system32\DriverStore
2017-04-14 09:53:10 ----RD---- G:\WINDOWS\ToastData
2017-04-14 09:53:09 ----D---- G:\Program Files\Internet Explorer
2017-04-14 09:53:09 ----D---- G:\Program Files (x86)\Windows Defender
2017-04-14 09:53:08 ----D---- G:\WINDOWS\SYSWOW64\wbem
2017-04-14 09:53:08 ----D---- G:\WINDOWS\SYSWOW64\cs-CZ
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\wbem
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\drivers\cs-CZ
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\cs-CZ
2017-04-14 09:53:08 ----D---- G:\Program Files\Windows Defender
2017-04-14 09:52:51 ----D---- G:\WINDOWS\system32\MRT
2017-04-14 09:44:30 ----AC---- G:\WINDOWS\system32\MRT.exe
2017-04-14 09:44:24 ----D---- G:\WINDOWS\CbsTemp
2017-04-12 19:18:36 ----D---- G:\WINDOWS\system32\NDF
2017-04-09 21:41:12 ----D---- G:\Users\Zdeněk\AppData\Roaming\StartMenu

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; G:\WINDOWS\system32\drivers\aswbidsha.sys [2017-04-05 189768]
R0 aswblog;aswblog; G:\WINDOWS\system32\drivers\aswbloga.sys [2017-04-05 334088]
R0 aswbuniv;aswbuniv; G:\WINDOWS\system32\drivers\aswbuniva.sys [2017-04-05 48528]
R0 aswRvrt;aswRvrt; G:\WINDOWS\system32\drivers\aswRvrt.sys [2017-04-05 75704]
R0 aswVmm;aswVmm; G:\WINDOWS\system32\drivers\aswVmm.sys [2017-04-05 339696]
R1 aswbidsdriver;aswbidsdriver; G:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-04-05 307736]
R1 aswKbd;aswKbd; G:\WINDOWS\system32\drivers\aswKbd.sys [2017-04-05 32600]
R1 aswNetSec;aswNetSec; G:\WINDOWS\system32\drivers\aswNetSec.sys [2017-04-05 505880]
R1 aswRdr;aswRdr; G:\WINDOWS\system32\drivers\aswRdr2.sys [2017-04-05 101152]
R1 aswSnx;aswSnx; G:\WINDOWS\system32\drivers\aswSnx.sys [2017-04-05 1005048]
R1 aswSP;aswSP; G:\WINDOWS\system32\drivers\aswSP.sys [2017-04-05 556784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\G:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-14 26528]
R1 IMFCameraProtect;IMFCameraProtect; \??\G:\WINDOWS\system32\drivers\IMFCameraProtect.sys [2017-03-29 26272]
R1 SpyEmrg;Spy Emergency Driver; G:\WINDOWS\System32\Drivers\spyemrg.sys [2011-04-21 17240]
R2 aswMonFlt;aswMonFlt; G:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-04-05 127112]
R2 aswStm;aswStm; G:\WINDOWS\system32\drivers\aswStm.sys [2017-04-05 164064]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; G:\WINDOWS\system32\DRIVERS\RMCAST.sys [2015-11-05 145408]
R3 IMFDownProtect;IMFDownProtect; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [2017-03-08 21360]
R3 IMFFilter;IMFFilter; \??\H:\Instalované\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-12-22 22440]
R3 IMFForceDelete;IMFForceDelete; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [2017-03-29 16216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); G:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-11-15 5310472]
R3 nvlddmkm;nvlddmkm; G:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-08-28 13585736]
R3 NVNET;@netnvm64.inf,%NVENETFD.Service.DispName%;Ovladač Ethernet NVIDIA nForce; G:\WINDOWS\system32\DRIVERS\nvmf6264.sys [2013-06-18 344192]
R3 NvStreamKms;NvStreamKms; \??\G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-12 20768]
R3 nvvad_WaveExtensible;@oem33.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); G:\WINDOWS\system32\drivers\nvvad64v.sys [2016-08-28 56384]
R3 RegFilter;RegFilter; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-11-03 34752]
R3 tap0901;@oem12.inf,%DeviceDescription%;TAP-Windows Adapter V9; G:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 Trufos;Trufos; G:\WINDOWS\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2016-02-15 32304]
S3 61883;@61883.inf,%61883_Unit.ServiceDesc%;61883 Unit Device; G:\WINDOWS\System32\drivers\61883.sys [2013-08-22 59904]
S3 aswHwid;aswHwid; G:\WINDOWS\system32\drivers\aswHwid.sys [2017-04-05 38296]
S3 aswTap;@oem26.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; G:\WINDOWS\system32\DRIVERS\aswTap.sys [2014-11-22 44640]
S3 Avc;@avc.inf,%Avc.ServiceDesc%;AVC Device; G:\WINDOWS\System32\drivers\avc.sys [2013-08-22 48000]
S3 dg_ssudbus;@oem3.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); G:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem7.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; G:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem8.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; G:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem7.inf,%DOT4USB_NAME%;Dot4USB Filter; G:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 mfesapsn;McAfee Process Start Notification Service; \??\G:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
S3 MSDV;@msdv.inf,%DVCR.Capture%;Microsoft DV Camera and VCR; G:\WINDOWS\system32\DRIVERS\msdv.sys [2013-08-22 51584]
S3 nmwcd;@oem6.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; G:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem5.inf,%MFG% %SVC%;Nokia USB Communication Driver; G:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; G:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RTSUER;@oem25.inf,%RtsUER%;Realtek USB Card Reader - UER; G:\WINDOWS\system32\Drivers\RtsUer.sys [2016-08-28 413912]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; G:\WINDOWS\System32\Drivers\spyemrg_access.sys [2011-04-21 24408]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; G:\WINDOWS\System32\Drivers\spyemrg_guard.sys [2015-03-09 19768]
S3 ssudmdm;@oem4.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); G:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; G:\WINDOWS\system32\DRIVERS\usb8023x.sys [2015-04-25 20992]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); G:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; G:\WINDOWS\System32\drivers\usbscan.sys [2014-12-16 44544]
S3 usbser;USB Modem Driver; G:\WINDOWS\system32\drivers\usbser.sys [2014-12-16 33280]
S3 UsbserFilt;UsbserFilt; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); G:\WINDOWS\System32\Drivers\usbvideo.sys [2014-12-16 212736]
S3 VMSMP;VMSMP; G:\WINDOWS\system32\DRIVERS\vmswitch.sys [2013-09-30 685568]
S3 VMSP;VMSP; G:\WINDOWS\system32\DRIVERS\vmswitch.sys [2013-09-30 685568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; H:\Instalované\AVAST Software\Avast\AvastSvc.exe [2017-04-05 261712]
R2 avast! Firewall;Avast Firewall Service; H:\Instalované\AVAST Software\Avast\afwServ.exe [2017-04-05 310496]
R2 avgsvc;AVG Service; H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe [2016-12-06 1146128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; G:\WINDOWS\System32\svchost.exe [2014-12-16 38792]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-04-07 33640]
R2 IMFservice;IMF Service; H:\Instalované\IObit Malware Fighter\IMFsrv.exe [2017-04-11 1764640]
R2 NvStreamSvc;NVIDIA Streamer Service; G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-12 5568288]
R2 nvsvc;NVIDIA Display Driver Service; G:\WINDOWS\system32\nvvsvc.exe [2015-01-31 878400]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; G:\WINDOWS\system32\svchost.exe [2014-12-16 38792]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2017-02-21 5906704]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; G:\WINDOWS\system32\svchost.exe [2014-12-16 38792]
R3 aswbIDSAgent;aswbIDSAgent; H:\Instalované\AVAST Software\Avast\x64\aswidsagenta.exe [2017-04-05 7398336]
S2 gupdate;Služba Aktualizace Google (gupdate); G:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-16 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; G:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-14 271448]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; G:\WINDOWS\System32\svchost.exe [2014-12-16 38792]
S3 gupdatem;Služba Aktualizace Google (gupdatem); G:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-16 153752]
S3 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; G:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2017-03-27 188264]
S3 SystemExplorerHelpService;System Explorer Service; H:\Instalované\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S4 IObitUnSvr;IObit Uninstaller Service; H:\Instalované\Uninstaller\IObit Uninstaller\IUService.exe [2017-03-28 360736]
S4 ServiceLayer;ServiceLayer; G:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service; G:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2017-03-16 3292416]
S4 TomTomHOMEService;TomTomHOMEService; H:\Instalované\TomTom\TomTom HOME 2\TomTomHOMEService.exe [2016-11-04 100088]

-----------------EOF-----------------

Re: PC se chová divně

Napsal: 19 dub 2017 17:42
od Rudy
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Re: PC se chová divně

Napsal: 19 dub 2017 19:18
od zsman
Tak jsem to provedl dle vašeho návodu.PC se restartoval sám a pak to napsalo tento texťák:
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Zdeněk
->Temp folder emptied: 76040322 bytes
->Temporary Internet Files folder emptied: 7865411 bytes
->FireFox cache emptied: 23812701 bytes
->Google Chrome cache emptied: 103742838 bytes
->Flash cache emptied: 1633 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 10801696 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 663110935 bytes
RecycleBin emptied: 16079790108 bytes

Total Files Cleaned = 16 179,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: UpdatusUser

User: Zdeněk
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04192017_200659

Files moved on Reboot...
G:\Users\Zdeněk\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. G:\WINDOWS\SysNative\OLD369E.tmp scheduled to be moved on reboot.
File move failed. G:\WINDOWS\SysNative\SETD363.tmp scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\opera_installer_20151231170142.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\opera_installer_20151231170143.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\opera_installer_20151231170211.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\opera_installer_20151231171337.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\opera_installer_20151231171338.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\opera_installer_20160207183148.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\opera_installer_20160207183149.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\opera_installer_20160207183202.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20160506222136.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20160506222137.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20160506222147.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20161109193705.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20161109193706.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20161109193716.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20161110194440.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20161110194441.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209151543.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209151546.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170209151619.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170218090724.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170218090725.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170313121858.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170313121900.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170315215507.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170315215518.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170317081857.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170317081902.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170406160036.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170406160039.log scheduled to be moved on reboot.
File move failed. G:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170406160051.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Pak jsem ještě spustil ten RSIT a tady je log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2017-04-19 20:14:41
Microsoft Windows 8.1 Pro
System drive G: has 97 GB (63%) free of 155 GB
Total RAM: 3840 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:54, on 19. 4. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
H:\Instalované\AVAST Software\Avast\AvastUI.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
H:\Instalované\AVGTuneUp\Framework\Common\avguix.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
H:\Instalované\Uninstaller\IObit Uninstaller\UninstallMonitor.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
G:\Program Files (x86)\Google\Chrome\Application\chrome.exe
H:\Instalované\IObit Malware Fighter\AutoUpdate.exe
H:\Instalované\totalcmd\TOTALCMD.EXE
G:\Program Files\trend micro\Zdeněk.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = G:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://tech-access.biz/wpad.dat?38ab839 ... cf28252110
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - G:\PROGRA~2\Spyware Terminator\STInternetGuard.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Instalované\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O2 - BHO: IObit Ads Removal - {FFCB3198-32F3-4E8B-9539-4324694ED664} - G:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll
O4 - HKLM\..\Run: [AvgUi] "H:\Instalované\AVGTuneUp\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [HP Software Update] G:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IObit Malware Fighter] "H:\Instalované\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Inbox Storage] "G:\Program Files (x86)\Inbox Storage\InboxStorage.exe" /STARTUP
O4 - Startup: Sledovat výstrahy inkoustu - HP DeskJet 4530 series.lnk = ?
O8 - Extra context menu item: Analyzovat LeechGetem - file://H:\Instalované\LeechGet 2009\\Parser.html
O8 - Extra context menu item: Download LeechGetem - file://H:\Instalované\LeechGet 2009\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://H:\Instalované\LeechGet 2009\\Wizard.html
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{67AEFBA0-2FD6-42D3-A93E-B44318293602}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{67AEFBA0-2FD6-42D3-A93E-B44318293602}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - G:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - G:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - G:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - H:\Instalované\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - H:\Instalované\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - H:\Instalované\AVAST Software\Avast\afwServ.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - G:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - G:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - G:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - G:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - G:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - H:\Instalované\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - G:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - G:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - G:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - G:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - G:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - G:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - H:\Instalované\System Explorer\service\SystemExplorerService64.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - G:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - G:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - G:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - G:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - G:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - G:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - G:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - G:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - G:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9266 bytes

======Listing Processes======






wininit.exe
winlogon.exe


G:\WINDOWS\system32\svchost.exe -k DcomLaunch
G:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"H:\Instalované\IObit Malware Fighter\IMFsrv.exe"
"G:\WINDOWS\system32\nvvsvc.exe"
G:\WINDOWS\system32\nvvsvc.exe -session -first
G:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
G:\WINDOWS\system32\svchost.exe -k netsvcs
G:\WINDOWS\system32\svchost.exe -k LocalService
"G:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
G:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
G:\WINDOWS\system32\svchost.exe -k NetworkService

G:\WINDOWS\Explorer.EXE
G:\WINDOWS\System32\spoolsv.exe
G:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe
taskhostex.exe
G:\WINDOWS\System32\svchost.exe -k utcsvc
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
dashost.exe {2b29218b-a1fa-40f8-bf8288aa19f8c40d}
G:\WINDOWS\system32\svchost.exe -k imgsvc
"H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2324
"G:\Windows\System32\SettingSyncHost.exe" -Embedding
G:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
G:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" fbfc5f46-f43d-4d6a-88d3-695d16dc498e
\??\G:\WINDOWS\system32\conhost.exe 0x4
"G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
G:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
\??\G:\WINDOWS\system32\conhost.exe 0x4

G:\WINDOWS\system32\wbem\wmiprvse.exe
G:\WINDOWS\system32\SearchIndexer.exe /Embedding
"G:\WINDOWS\notepad.exe" G:\_OTM\MovedFiles\04192017_200659.log
"G:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
G:\Windows\System32\skydrive.exe -Embedding
AvastUI.exe /nogui
"H:\Instalované\IObit Malware Fighter\IMF.exe" /systemstart /autostart
G:\Windows\System32\RuntimeBroker.exe -Embedding
G:\WINDOWS\servicing\TrustedInstaller.exe
"H:\Instalované\IObit Malware Fighter\IMFTips.exe" /starttips
G:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=G:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0x134,0x138,0x13c,0x130,0x140,0x6c217dc8,0x6c217dbc,0x6c217dd4
/fmw.trayonly
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4576 --on-initialized-event-handle=488 --parent-handle=500 /prefetch:6
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1260 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x10de --gpu-device-id=0x03d0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.908 --gpu-driver-date=1-30-2015 --service-request-channel-token=B72968BD22E6F8457FCAC2F001D0C010 --mojo-platform-channel-handle=1280 --ignored=" --type=renderer " /prefetch:2
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1260 --primordial-pipe-token=835CBFC31AA2BD6D1D2085635296B5C9 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=835CBFC31AA2BD6D1D2085635296B5C9 --renderer-client-id=3 --mojo-platform-channel-handle=2184 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1260 --primordial-pipe-token=24ACEF225966B8599A74B667D0796EAB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=24ACEF225966B8599A74B667D0796EAB --renderer-client-id=4 --mojo-platform-channel-handle=1700 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1260 --primordial-pipe-token=CAECD7B85BC74B6D89CADCE8D381478A --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=CAECD7B85BC74B6D89CADCE8D381478A --renderer-client-id=5 --mojo-platform-channel-handle=2344 /prefetch:1
"G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --lang=cs --service-request-channel-token=4D44E82A96B3BA07170483C79C760EBD --mojo-platform-channel-handle=3628 --ignored=" --type=renderer " /prefetch:8
"H:\Instalované\Uninstaller\IObit Uninstaller\UninstallMonitor.exe"
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1260 --primordial-pipe-token=8F9E899CBFBFC23A976FC162DC11A98D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=8F9E899CBFBFC23A976FC162DC11A98D --renderer-client-id=9 --mojo-platform-channel-handle=4456 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1260 --primordial-pipe-token=173EA5663476FD4D02FC90C15F8679F8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=173EA5663476FD4D02FC90C15F8679F8 --renderer-client-id=13 --mojo-platform-channel-handle=5576 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1260 --primordial-pipe-token=A6F3A7562090C57AC6007E0492DDF593 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=A6F3A7562090C57AC6007E0492DDF593 --renderer-client-id=12 --mojo-platform-channel-handle=5772 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1260 --primordial-pipe-token=186D0018E61D9316E7CD6B8CA2C4C9B1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=186D0018E61D9316E7CD6B8CA2C4C9B1 --renderer-client-id=11 --mojo-platform-channel-handle=6280 /prefetch:1
"G:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1260 --primordial-pipe-token=9F0C476176A8110064F3C25B748E289D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=9F0C476176A8110064F3C25B748E289D --renderer-client-id=10 --mojo-platform-channel-handle=6808 /prefetch:1
"G:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "G:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"G:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
G:\WINDOWS\system32\svchost.exe -k WindowsMobile

G:\WINDOWS\system32\wbem\wmiprvse.exe
"H:\Instalované\IObit Malware Fighter\AutoUpdate.exe" /check
"H:\Instalované\totalcmd\TOTALCMD.EXE"

G:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"H:\Staženo z netu\RSITx64.exe"

======Scheduled tasks folder======

G:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - G:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_226_pepper.exe -check pepperplugin
G:\WINDOWS\tasks\Uninstaller_SkipUac_Zdeněk.job - H:\Instalované\Uninstaller\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer

=========Mozilla firefox=========

ProfilePath - G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "https://www.google.com/search"

"wrc@avast.com"=H:\Instalované\AVAST Software\Avast\WebRep\FF
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=G:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
"sp@avast.com"=H:\Instalované\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=G:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=G:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=G:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=G:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=G:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll


G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default\extensions\
{4BBDD651-70CF-4821-84F8-2B918CF89CA3}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - H:\Instalované\Uninstaller\IObit Uninstaller\UninstallExplorer.dll [2017-03-28 2478880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - G:\PROGRA~2\Spyware Terminator\STInternetGuard64.dll [2017-03-16 2021632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Instalované\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-05 895528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - g:\PROGRA~2\mcafee\siteadvisor\x64\mcieplg.dll [2017-03-27 189288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - G:\PROGRA~2\Spyware Terminator\STInternetGuard.dll [2017-03-16 1263368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Instalované\AVAST Software\Avast\aswWebRepIE.dll [2017-04-05 773920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - g:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll [2017-03-27 160192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
IObit Ads Removal - G:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll [2016-06-23 734632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=G:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-11-15 16696832]
"AvastUI.exe"=H:\Instalované\AVAST Software\Avast\AvLaunch.exe [2017-04-05 213824]
"SpywareTerminatorShield"=G:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2017-03-16 5349120]
"SpywareTerminatorUpdater"=G:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2017-03-16 5585672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Inbox Storage"=G:\Program Files (x86)\Inbox Storage\InboxStorage.exe [2015-08-31 4104552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"=H:\Instalované\AVGTuneUp\Framework\Common\avguirna.exe [2016-12-06 240400]
"HP Software Update"=G:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"IObit Malware Fighter"=H:\Instalované\IObit Malware Fighter\IMF.exe [2017-04-11 5296416]

G:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp
Sledovat výstrahy inkoustu - HP DeskJet 4530 series.lnk - G:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{31FB0306-1B45-11E7-8C20-64006A5CFC23}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=G:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - G:\Windows\System32\Notepad.exe %1
.js - open - G:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-04-19 20:06:59 ----D---- G:\_OTM
2017-04-18 21:16:20 ----D---- G:\AdwCleaner
2017-04-17 16:33:10 ----D---- G:\Program Files\trend micro
2017-04-17 13:46:11 ----A---- G:\WINDOWS\system32\drivers\IMFCameraProtect.sys
2017-04-17 06:38:52 ----A---- G:\WINDOWS\system32\FNTCACHE.DAT
2017-04-15 05:22:08 ----D---- G:\Program Files (x86)\Therlighrbocult
2017-04-14 23:11:29 ----D---- G:\Program Files (x86)\MIO
2017-04-14 22:30:45 ----D---- G:\Program Files (x86)\CStart8
2017-04-14 22:30:30 ----D---- G:\Users\Zdeněk\AppData\Roaming\Inbox Storage
2017-04-14 22:30:24 ----D---- G:\Program Files (x86)\Inbox Storage
2017-04-14 22:20:33 ----D---- G:\Users\Zdeněk\AppData\Roaming\Spyware Terminator
2017-04-14 22:20:33 ----D---- G:\ProgramData\Spyware Terminator
2017-04-14 22:20:25 ----D---- G:\Program Files (x86)\Spyware Terminator
2017-04-14 22:03:53 ----D---- G:\Users\Zdeněk\AppData\Roaming\Spy Emergency
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg_guard.sys
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg_access.sys
2017-04-14 22:03:49 ----A---- G:\WINDOWS\system32\drivers\spyemrg.sys
2017-04-14 22:03:46 ----D---- G:\ProgramData\NETGATE
2017-04-14 21:20:32 ----D---- G:\Program Files (x86)\Google
2017-04-14 14:00:39 ----D---- G:\Program Files\f09er35s
2017-04-14 10:00:41 ----HD---- G:\$AV_ASW
2017-04-14 10:00:04 ----D---- G:\Program Files\MK
2017-04-14 09:58:43 ----A---- G:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-04-14 09:58:32 ----D---- G:\Program Files\fdktzjhh
2017-04-14 09:41:32 ----A---- G:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2017-04-14 09:41:32 ----A---- G:\WINDOWS\system32\msvcp120_clr0400.dll
2017-04-14 09:41:29 ----A---- G:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2017-04-14 09:41:29 ----A---- G:\WINDOWS\system32\msvcr120_clr0400.dll
2017-04-13 12:35:36 ----A---- G:\WINDOWS\system32\mshtml.dll
2017-04-13 12:35:33 ----A---- G:\WINDOWS\SYSWOW64\mshtml.dll
2017-04-13 12:35:31 ----A---- G:\WINDOWS\system32\ieframe.dll
2017-04-13 12:35:30 ----A---- G:\WINDOWS\SYSWOW64\ieframe.dll
2017-04-13 12:35:29 ----A---- G:\WINDOWS\SYSWOW64\jscript9.dll
2017-04-13 12:35:28 ----A---- G:\WINDOWS\system32\wuaueng.dll
2017-04-13 12:35:27 ----A---- G:\WINDOWS\system32\wininet.dll
2017-04-13 12:35:27 ----A---- G:\WINDOWS\system32\win32k.sys
2017-04-13 12:35:26 ----A---- G:\WINDOWS\SYSWOW64\wininet.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\SYSWOW64\storagewmi.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\system32\storagewmi.dll
2017-04-13 12:35:26 ----A---- G:\WINDOWS\system32\iertutil.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\SYSWOW64\mispace.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\SYSWOW64\iertutil.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\system32\ole32.dll
2017-04-13 12:35:25 ----A---- G:\WINDOWS\system32\mispace.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\urlmon.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\ole32.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\urlmon.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\rdpcorets.dll
2017-04-13 12:35:24 ----A---- G:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\SYSWOW64\gdi32.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\wuapi.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\win32spl.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\samsrv.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\quartz.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\netlogon.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\gdi32.dll
2017-04-13 12:35:23 ----A---- G:\WINDOWS\system32\drivers\WdFilter.sys
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\wuapi.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\SessEnv.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\SYSWOW64\quartz.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\WindowsCodecs.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\SessEnv.dll
2017-04-13 12:35:22 ----A---- G:\WINDOWS\system32\drivers\dxgmms1.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\SYSWOW64\netlogon.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\wucltux.dll
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\WdNisDrv.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\ndis.sys
2017-04-13 12:35:21 ----A---- G:\WINDOWS\system32\drivers\csc.sys
2017-04-13 12:35:20 ----A---- G:\WINDOWS\SYSWOW64\atmfd.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\ucrtbase.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\puiobj.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\msfeeds.dll
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\drivers\mrxsmb.sys
2017-04-13 12:35:20 ----A---- G:\WINDOWS\system32\atmfd.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\WinSCard.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\ScDeviceEnum.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\drivers\storport.sys
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\DafPrintProvider.dll
2017-04-13 12:35:19 ----A---- G:\WINDOWS\system32\certprop.dll
2017-04-13 12:35:18 ----A---- G:\WINDOWS\SYSWOW64\WinSCard.dll
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\WdBoot.sys
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\mrxsmb10.sys
2017-04-13 12:35:18 ----A---- G:\WINDOWS\system32\drivers\dfsc.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\http.sys
2017-04-13 12:35:17 ----A---- G:\WINDOWS\system32\drivers\BasicRender.sys
2017-04-13 12:35:16 ----A---- G:\WINDOWS\SYSWOW64\samlib.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\samlib.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\rdpudd.dll
2017-04-13 12:35:16 ----A---- G:\WINDOWS\system32\drivers\spaceport.sys
2017-04-13 12:35:15 ----A---- G:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-04-13 12:35:15 ----A---- G:\WINDOWS\SYSWOW64\asycfilt.dll
2017-04-13 12:35:15 ----A---- G:\WINDOWS\system32\wuauclt.exe
2017-04-13 12:35:15 ----A---- G:\WINDOWS\system32\drivers\storvsp.sys
2017-04-13 12:35:14 ----A---- G:\WINDOWS\system32\jscript.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\WUSettingsProvider.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\jscript9.dll
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-04-13 12:35:12 ----A---- G:\WINDOWS\system32\asycfilt.dll
2017-04-13 12:35:11 ----A---- G:\WINDOWS\SYSWOW64\msfeeds.dll
2017-04-13 12:35:11 ----A---- G:\WINDOWS\system32\webcheck.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\webcheck.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\mfmjpegdec.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\mfmjpegdec.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\iedkcs32.dll
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\ie4uinit.exe
2017-04-13 12:35:10 ----A---- G:\WINDOWS\system32\drivers\vpcivsp.sys
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wuwebv.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wudriver.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\wuapp.exe
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\vbscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\jscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\inetcomm.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\SYSWOW64\atmlib.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wuwebv.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wudriver.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\wuapp.exe
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\vbscript.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\inetcomm.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\ieapfltr.dll
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\drivers\scfilter.sys
2017-04-13 12:35:09 ----A---- G:\WINDOWS\system32\atmlib.dll
2017-04-12 20:27:17 ----D---- G:\ProgramData\BDLogging
2017-04-12 20:27:17 ----A---- G:\WINDOWS\system32\drivers\trufos.sys
2017-04-11 17:57:58 ----D---- G:\Users\Zdeněk\AppData\Roaming\Tujule
2017-04-11 17:57:57 ----D---- G:\Program Files (x86)\Hernoy Controls
2017-04-11 17:57:53 ----D---- G:\Users\Zdeněk\AppData\Roaming\Profiles
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswVmm.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswStm.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswSP.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswSnx.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswRvrt.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswRdr2.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswNetSec.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswMonFlt.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswKbd.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswHwid.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbuniva.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbloga.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbidsha.sys
2017-04-05 17:26:42 ----A---- G:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-04-05 17:26:14 ----A---- G:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2017-04-19 20:14:15 ----D---- G:\WINDOWS\Temp
2017-04-19 20:07:19 ----RD---- G:\WINDOWS\System32
2017-04-19 20:07:19 ----D---- G:\WINDOWS\SysWOW64
2017-04-19 20:06:40 ----D---- G:\WINDOWS\Prefetch
2017-04-19 20:00:00 ----D---- G:\WINDOWS\system32\sru
2017-04-19 18:09:06 ----D---- G:\WINDOWS\Microsoft.NET
2017-04-19 18:04:50 ----SHD---- G:\System Volume Information
2017-04-19 17:47:42 ----HD---- G:\ProgramData
2017-04-19 15:56:57 ----D---- G:\WINDOWS\system32\config
2017-04-18 22:05:37 ----D---- G:\ProgramData\ProductData
2017-04-18 21:58:13 ----D---- G:\WINDOWS\system32\Tasks
2017-04-18 21:57:27 ----D---- G:\ProgramData\IObit
2017-04-18 21:57:10 ----D---- G:\Users\Zdeněk\AppData\Roaming\IObit
2017-04-17 16:33:10 ----RD---- G:\Program Files
2017-04-17 16:30:25 ----D---- G:\Program Files (x86)\trend micro
2017-04-17 16:12:11 ----D---- G:\rsit
2017-04-17 13:46:24 ----D---- G:\Program Files (x86)\IObit
2017-04-17 13:46:11 ----D---- G:\WINDOWS\system32\drivers
2017-04-17 06:59:30 ----D---- G:\WINDOWS\debug
2017-04-17 06:59:15 ----D---- G:\WINDOWS\Inf
2017-04-17 06:45:32 ----RD---- G:\WINDOWS\assembly
2017-04-17 06:39:28 ----D---- G:\Windows
2017-04-16 17:22:28 ----RD---- G:\Users
2017-04-16 16:26:33 ----D---- G:\WINDOWS\system32\catroot2
2017-04-16 10:50:42 ----SHD---- G:\WINDOWS\Installer
2017-04-16 10:45:43 ----RD---- G:\Program Files (x86)
2017-04-16 10:45:41 ----D---- G:\WINDOWS\Tasks
2017-04-16 08:24:30 ----D---- G:\WINDOWS\AppReadiness
2017-04-14 21:09:57 ----D---- G:\Program Files (x86)\McAfee
2017-04-14 20:13:15 ----D---- G:\Users\Zdeněk\AppData\Roaming\MPC-HC
2017-04-14 20:10:29 ----D---- G:\Program Files (x86)\Internet Explorer
2017-04-14 19:30:51 ----D---- G:\WINDOWS\system32\Macromed
2017-04-14 19:30:44 ----D---- G:\WINDOWS\SYSWOW64\Macromed
2017-04-14 18:17:02 ----D---- G:\WINDOWS\rescache
2017-04-14 10:04:08 ----A---- G:\WINDOWS\system32\PerfStringBackup.INI
2017-04-14 09:58:48 ----D---- G:\WINDOWS\WinSxS
2017-04-14 09:57:31 ----D---- G:\WINDOWS\system32\DriverStore
2017-04-14 09:53:10 ----RD---- G:\WINDOWS\ToastData
2017-04-14 09:53:09 ----D---- G:\Program Files\Internet Explorer
2017-04-14 09:53:09 ----D---- G:\Program Files (x86)\Windows Defender
2017-04-14 09:53:08 ----D---- G:\WINDOWS\SYSWOW64\wbem
2017-04-14 09:53:08 ----D---- G:\WINDOWS\SYSWOW64\cs-CZ
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\wbem
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\drivers\cs-CZ
2017-04-14 09:53:08 ----D---- G:\WINDOWS\system32\cs-CZ
2017-04-14 09:53:08 ----D---- G:\Program Files\Windows Defender
2017-04-14 09:52:51 ----D---- G:\WINDOWS\system32\MRT
2017-04-14 09:44:30 ----AC---- G:\WINDOWS\system32\MRT.exe
2017-04-14 09:44:24 ----D---- G:\WINDOWS\CbsTemp
2017-04-12 19:18:36 ----D---- G:\WINDOWS\system32\NDF
2017-04-09 21:41:12 ----D---- G:\Users\Zdeněk\AppData\Roaming\StartMenu

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; G:\WINDOWS\system32\drivers\aswbidsha.sys [2017-04-05 189768]
R0 aswblog;aswblog; G:\WINDOWS\system32\drivers\aswbloga.sys [2017-04-05 334088]
R0 aswbuniv;aswbuniv; G:\WINDOWS\system32\drivers\aswbuniva.sys [2017-04-05 48528]
R0 aswRvrt;aswRvrt; G:\WINDOWS\system32\drivers\aswRvrt.sys [2017-04-05 75704]
R0 aswVmm;aswVmm; G:\WINDOWS\system32\drivers\aswVmm.sys [2017-04-05 339696]
R1 aswbidsdriver;aswbidsdriver; G:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-04-05 307736]
R1 aswKbd;aswKbd; G:\WINDOWS\system32\drivers\aswKbd.sys [2017-04-05 32600]
R1 aswNetSec;aswNetSec; G:\WINDOWS\system32\drivers\aswNetSec.sys [2017-04-05 505880]
R1 aswRdr;aswRdr; G:\WINDOWS\system32\drivers\aswRdr2.sys [2017-04-05 101152]
R1 aswSnx;aswSnx; G:\WINDOWS\system32\drivers\aswSnx.sys [2017-04-05 1005048]
R1 aswSP;aswSP; G:\WINDOWS\system32\drivers\aswSP.sys [2017-04-05 556784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\G:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-14 26528]
R1 IMFCameraProtect;IMFCameraProtect; \??\G:\WINDOWS\system32\drivers\IMFCameraProtect.sys [2017-03-29 26272]
R1 SpyEmrg;Spy Emergency Driver; G:\WINDOWS\System32\Drivers\spyemrg.sys [2011-04-21 17240]
R2 aswMonFlt;aswMonFlt; G:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-04-05 127112]
R2 aswStm;aswStm; G:\WINDOWS\system32\drivers\aswStm.sys [2017-04-05 164064]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; G:\WINDOWS\system32\DRIVERS\RMCAST.sys [2015-11-05 145408]
R3 IMFDownProtect;IMFDownProtect; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [2017-03-08 21360]
R3 IMFForceDelete;IMFForceDelete; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [2017-03-29 16216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); G:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-11-15 5310472]
R3 nvlddmkm;nvlddmkm; G:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-08-28 13585736]
R3 NVNET;@netnvm64.inf,%NVENETFD.Service.DispName%;Ovladač Ethernet NVIDIA nForce; G:\WINDOWS\system32\DRIVERS\nvmf6264.sys [2013-06-18 344192]
R3 NvStreamKms;NvStreamKms; \??\G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-12 20768]
R3 nvvad_WaveExtensible;@oem33.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); G:\WINDOWS\system32\drivers\nvvad64v.sys [2016-08-28 56384]
R3 tap0901;@oem12.inf,%DeviceDescription%;TAP-Windows Adapter V9; G:\WINDOWS\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 Trufos;Trufos; G:\WINDOWS\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2016-02-15 32304]
S3 61883;@61883.inf,%61883_Unit.ServiceDesc%;61883 Unit Device; G:\WINDOWS\System32\drivers\61883.sys [2013-08-22 59904]
S3 aswHwid;aswHwid; G:\WINDOWS\system32\drivers\aswHwid.sys [2017-04-05 38296]
S3 aswTap;@oem26.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; G:\WINDOWS\system32\DRIVERS\aswTap.sys [2014-11-22 44640]
S3 Avc;@avc.inf,%Avc.ServiceDesc%;AVC Device; G:\WINDOWS\System32\drivers\avc.sys [2013-08-22 48000]
S3 dg_ssudbus;@oem3.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); G:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dot4;@oem7.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; G:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem8.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; G:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem7.inf,%DOT4USB_NAME%;Dot4USB Filter; G:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 IMFFilter;IMFFilter; \??\H:\Instalované\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-12-22 22440]
S3 mfesapsn;McAfee Process Start Notification Service; \??\G:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-06-06 46240]
S3 MSDV;@msdv.inf,%DVCR.Capture%;Microsoft DV Camera and VCR; G:\WINDOWS\system32\DRIVERS\msdv.sys [2013-08-22 51584]
S3 nmwcd;@oem6.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; G:\WINDOWS\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 nmwcdc;@oem5.inf,%MFG% %SVC%;Nokia USB Communication Driver; G:\WINDOWS\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; G:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RegFilter;RegFilter; \??\H:\Instalované\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-11-03 34752]
S3 RTSUER;@oem25.inf,%RtsUER%;Realtek USB Card Reader - UER; G:\WINDOWS\system32\Drivers\RtsUer.sys [2016-08-28 413912]
S3 SpyEmrgAccess;Spy Emergency OnAccess Driver; G:\WINDOWS\System32\Drivers\spyemrg_access.sys [2011-04-21 24408]
S3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver; G:\WINDOWS\System32\Drivers\spyemrg_guard.sys [2015-03-09 19768]
S3 ssudmdm;@oem4.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); G:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 upperdev;upperdev; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; G:\WINDOWS\system32\DRIVERS\usb8023x.sys [2015-04-25 20992]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); G:\WINDOWS\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; G:\WINDOWS\System32\drivers\usbscan.sys [2014-12-16 44544]
S3 usbser;USB Modem Driver; G:\WINDOWS\system32\drivers\usbser.sys [2014-12-16 33280]
S3 UsbserFilt;UsbserFilt; G:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); G:\WINDOWS\System32\Drivers\usbvideo.sys [2014-12-16 212736]
S3 VMSMP;VMSMP; G:\WINDOWS\system32\DRIVERS\vmswitch.sys [2013-09-30 685568]
S3 VMSP;VMSP; G:\WINDOWS\system32\DRIVERS\vmswitch.sys [2013-09-30 685568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; H:\Instalované\AVAST Software\Avast\AvastSvc.exe [2017-04-05 261712]
R2 avast! Firewall;Avast Firewall Service; H:\Instalované\AVAST Software\Avast\afwServ.exe [2017-04-05 310496]
R2 avgsvc;AVG Service; H:\Instalované\AVGTuneUp\Framework\Common\avgsvca.exe [2016-12-06 1146128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; G:\WINDOWS\System32\svchost.exe [2014-12-16 38792]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; G:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-04-07 33640]
R2 IMFservice;IMF Service; H:\Instalované\IObit Malware Fighter\IMFsrv.exe [2017-04-11 1764640]
R2 NvStreamSvc;NVIDIA Streamer Service; G:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-12 5568288]
R2 nvsvc;NVIDIA Display Driver Service; G:\WINDOWS\system32\nvvsvc.exe [2015-01-31 878400]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; G:\WINDOWS\system32\svchost.exe [2014-12-16 38792]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; H:\Instalované\AVGTuneUp\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2017-02-21 5906704]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; G:\WINDOWS\system32\svchost.exe [2014-12-16 38792]
R3 aswbIDSAgent;aswbIDSAgent; H:\Instalované\AVAST Software\Avast\x64\aswidsagenta.exe [2017-04-05 7398336]
S2 gupdate;Služba Aktualizace Google (gupdate); G:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-16 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; G:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-14 271448]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; G:\WINDOWS\System32\svchost.exe [2014-12-16 38792]
S3 gupdatem;Služba Aktualizace Google (gupdatem); G:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-16 153752]
S3 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; G:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2017-03-27 188264]
S3 SystemExplorerHelpService;System Explorer Service; H:\Instalované\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S4 IObitUnSvr;IObit Uninstaller Service; H:\Instalované\Uninstaller\IObit Uninstaller\IUService.exe [2017-03-28 360736]
S4 ServiceLayer;ServiceLayer; G:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S4 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service; G:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2017-03-16 3292416]
S4 TomTomHOMEService;TomTomHOMEService; H:\Instalované\TomTom\TomTom HOME 2\TomTomHOMEService.exe [2016-11-04 100088]

-----------------EOF-----------------

Re: PC se chová divně

Napsal: 19 dub 2017 19:20
od Rudy
Log je již OK.

Re: PC se chová divně

Napsal: 19 dub 2017 19:24
od zsman
Takže PC je OK?

Re: PC se chová divně

Napsal: 19 dub 2017 20:12
od Rudy
Po stránce malware ano, vy jste ovšem napsl jen, že "PC se chová divně" bez bližšího upřesnění. Všechny problémy jsou pryč?

Re: PC se chová divně

Napsal: 19 dub 2017 20:43
od zsman
Všechno právě ne.Zatím přetrvává problém s googlem,nejdou nainstalovat rozšíření.Napíše to chyba sítě.Nejspíš to něco blokuje,ale nemohu přijít na to co.Ostatní problémy zjistím časem.Jednalo se o vyskakování nežádoucích oken a změna vyhledávače.To se dělo jak v googlu tak i ve firefoxu.Problém měl i program IObit Anti Malware. Sken jsem radši vždy ukončil,nejdelší trval 25 hodin. Ten zkusím zpustit až zítra,dnes už není čas. Jinak děkuji za váš čas.A přeji hezký večer.

Re: PC se chová divně

Napsal: 19 dub 2017 20:59
od Rudy
Není zač. Na vyčištění prohlížečů spusťte následující utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: PC se chová divně

Napsal: 22 dub 2017 18:05
od zsman
Hezký večer.Tak zoek po celo denní práci vytvořil toto:

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by ZdenŘk on p  21. 04. 2017 at 19:59:34,67.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode No Internet Access Detected
Launched: G:\Users\ZDENK~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

G:\zoek-results2017-04-20-195723.log 1523 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1923296849-2351948686-3859510446-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-1923296849-2351948686-3859510446-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from G:\Users\ZDENK~1\AppData\Roaming\Profiles\Gricspcnge.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668");
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "https://www.google.com/search");

Added to G:\Users\ZDENK~1\AppData\Roaming\Profiles\Gricspcnge.default\prefs.js:

Deleted from G:\Users\ZDENK~1\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\cyxr3vdk.default\prefs.js:

Added to G:\Users\ZDENK~1\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\cyxr3vdk.default\prefs.js:

Deleted from G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\50cvm44q.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668");
user_pref("browser.search.defaulturl", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.defaultenginename", "Bezpečné hledání");
user_pref("browser.search.selectedEngine", "Bezpečné hledání");
user_pref("browser.search.order.1", "Bezpečné hledání");

Added to G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\50cvm44q.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
user_pref("browser.search.defaulturl", "https://www.google.com/search");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "https://www.google.com/search");

Added to G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default\prefs.js:

Deleted from G:\Users\ZDENK~1\AppData\Roaming\TomTom\HOME\Profiles\p1e8rhon.default\prefs.js:

Added to G:\Users\ZDENK~1\AppData\Roaming\TomTom\HOME\Profiles\p1e8rhon.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Profiles\Gricspcnge.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201721.04._2330_.backup

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\cyxr3vdk.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201721.04._2330_.backup

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\50cvm44q.default

---- FireFox user.js and prefs.js backups ----

user_201721.04._2330_.backup
prefs_201721.04._2330_.backup

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201721.04._2330_.backup

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\TomTom\HOME\Profiles\p1e8rhon.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201721.04._2330_.backup

==== Deleting Files \ Folders ======================

G:\Users\ZDENK~1\.android deleted
G:\PROGRA~2\COMMON~1\Wondershare deleted
G:\install.exe deleted
G:\PROGRA~3\ProductData deleted
G:\PROGRA~3\Package Cache deleted
G:\Users\ZDENK~1\AppData\Local\Wondershare deleted
G:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
G:\Users\ZDENK~1\AppData\LocalLow\ADSRemoval deleted
G:\WINDOWS\SysNative\config\systemprofile\Searches deleted
G:\Users\ZDENK~1\AppData\Roaming\Profiles\Gricspcnge.default\jetpack deleted
G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\50cvm44q.default\jetpack deleted
G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default\jetpack deleted

==== Firefox Start and Search pages ======================

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\50cvm44q.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\TomTom\HOME\Profiles\p1e8rhon.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="H:\Instalovan‚\AVAST Software\Avast\SafePrice\FF" [09. 11. 2016 20:27]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="G:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [14. 02. 2017 17:07]

==== Firefox Extensions ======================

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Profiles\Gricspcnge.default
- Undetermined - G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
- FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
- Stop Ads - %ProfilePath%\extensions\@stopads.xpi
- Undetermined - %ProfilePath%\extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi
- IObit Surfing Protection amp; Ads Removal - %ProfilePath%\extensions\ascsurfingprotectionnew@iobit.com.xpi
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\cyxr3vdk.default
- CSS Stylesheet Editor - %ProfilePath%\extensions\csseditor@bluegriffon.com.xpi
- EyeDropper - %ProfilePath%\extensions\eyedropper@bluegriffon.com.xpi
- FontSquirrel Manager - %ProfilePath%\extensions\fs@bluegriffon.com.xpi
- Fullscreen - %ProfilePath%\extensions\fullscreen@bluegriffon.com.xpi
- Google Font Directory Manager - %ProfilePath%\extensions\gfd@bluegriffon.com.xpi
- Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@bluegriffon.org.xpi
- Deutsch DE Language Pack - %ProfilePath%\extensions\langpack-de@bluegriffon.org.xpi
- English US Language Pack - %ProfilePath%\extensions\langpack-en-US@bluegriffon.org.xpi
- Espaol Espaa Language Pack - %ProfilePath%\extensions\langpack-es-ES@bluegriffon.org.xpi
- Suomenkielinen FI Language Pack - %ProfilePath%\extensions\langpack-fi@bluegriffon.org.xpi
- Franais Language Pack - %ProfilePath%\extensions\langpack-fr@bluegriffon.org.xpi
- Galego Espaa Language Pack - %ProfilePath%\extensions\langpack-gl@bluegriffon.org.xpi
- Hebrew IL Language Pack - %ProfilePath%\extensions\langpack-he@bluegriffon.org.xpi
- Magyar HU Language Pack - %ProfilePath%\extensions\langpack-hu@bluegriffon.org.xpi
- Italiano IT Language Pack - %ProfilePath%\extensions\langpack-it@bluegriffon.org.xpi
- Japanese Language Pack - %ProfilePath%\extensions\langpack-ja@bluegriffon.org.xpi
- Korean KR Language Pack - %ProfilePath%\extensions\langpack-ko@bluegriffon.org.xpi
- Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@bluegriffon.org.xpi
- Polski Language Pack - %ProfilePath%\extensions\langpack-pl@bluegriffon.org.xpi
- Slovenski jezik Language Pack - %ProfilePath%\extensions\langpack-sl@bluegriffon.org.xpi
- sr Language Pack - %ProfilePath%\extensions\langpack-sr@bluegriffon.org.xpi
- Svenska SE Language Pack - %ProfilePath%\extensions\langpack-sv-SE@bluegriffon.org.xpi
- Chinese Simplified zh-CN Language Pack - %ProfilePath%\extensions\langpack-zh-CN@bluegriffon.org.xpi
- Traditional Chinese zh-TW Language Pack - %ProfilePath%\extensions\langpack-zh-TW@bluegriffon.org.xpi
- MathML - %ProfilePath%\extensions\mathml@bluegriffon.com.xpi
- Opquast Accessibility First Step - %ProfilePath%\extensions\op1@bluegriffon.com.xpi
- Snippets - %ProfilePath%\extensions\snippets@bluegriffon.com.xpi
- SVG-edit - %ProfilePath%\extensions\svg-edit@googlegroups.com.xpi
- Table Layouts - %ProfilePath%\extensions\tablelayout@bluegriffon.com.xpi
- One-click Templates - %ProfilePath%\extensions\templatesManager@bluegriffon.com.xpi
- Thumbnailer - %ProfilePath%\extensions\thumbnailer@bluegriffon.com.xpi
- Tip of the Day - %ProfilePath%\extensions\tipoftheday@bluegriffon.com.xpi

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\50cvm44q.default
- Undetermined - G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\50cvm44q.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
- Undetermined - %ProfilePath%\extensions\amcontextmenu@loucypher
- FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
- IObit Surfing Protection amp; Ads Removal - %ProfilePath%\extensions\ascsurfingprotectionnew@iobit.com.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- Image Zoom - %ProfilePath%\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- Image Toolbar - %ProfilePath%\extensions\{A4732521-77D9-447E-A557-B279AC923F06}.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default
- Undetermined - G:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\d6lkynf7.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
- FEBE - %ProfilePath%\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
- Stop Ads - %ProfilePath%\extensions\@stopads.xpi
- Undetermined - %ProfilePath%\extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi
- IObit Surfing Protection amp; Ads Removal - %ProfilePath%\extensions\ascsurfingprotectionnew@iobit.com.xpi
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: G:\Users\ZDENK~1\AppData\Roaming\TomTom\HOME\Profiles\p1e8rhon.default
- Undetermined - H:\Instalované\TomTom\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - H:\Instalované\TomTom\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com

==== Firefox Plugins ======================


==== Chromium Look ======================

IObit Surfing Protection & Ads Removal - ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
adaware ad block - ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmllgdnjnkbapbchnebiedipojhmnjej
DownloadHelper - ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk
Chrome Media Router - ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

G:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd deleted successfully
G:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bbmegnmpleoagolcnjnejdacakedpcgd deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz"
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.seznam.cz"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Seznam Url="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
{1C0F4B30-D958-49F9-A55E-C0A3C8A5F68F} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_16194"
{355BF4AA-052C-492F-85C4-4AFCCE7F94E4} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_16194"
{3DC26805-9B05-4292-B5E8-ACE0060F9FB9} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_16194"
{8B25B51C-6937-40A2-AECA-70AD789E7CC9} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194"
{A113B7A4-6457-4163-8E78-3E318820335B} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_16194"
{A2E6C97A-CF3C-4F8D-AD3D-071CC8889F63} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_16194"
{AC772F77-40DD-4043-B1B7-FEF6A922B4E7} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_16194"
{C6887B38-8EBA-4A30-871E-6B8CE973076A} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_16194"

==== Reset Google Chrome ======================

G:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
G:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
G:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
G:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

G:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
G:\Users\ZDENK~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
G:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
G:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
G:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
G:\Users\ZDENK~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
G:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
G:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

G:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== G:\zoek_backup content ======================

G:\zoek_backup (files=156 folders=81 37932330 bytes)

==== Empty Temp Folders ======================

G:\Users\Default\AppData\Local\Temp emptied successfully
G:\Users\Default User\AppData\Local\Temp emptied successfully
G:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
G:\Users\ZDENK~1\AppData\Local\Temp will be emptied at reboot
G:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
G:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
G:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

G:\WINDOWS\Temp successfully emptied
G:\Users\ZDENK~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

G:\$RECYCLE.BIN successfully emptied
G:\RECYCLER successfully emptied

==== EOF on so 22. 04. 2017 at 15:20:23,14 ======================

Ale ten JRT nevím jestli něco dělá.Už pět hodin mi to ukazuje toto:
JRT.jpg
JRT.jpg (55.87 KiB) Zobrazeno 3411 x

Re: PC se chová divně

Napsal: 22 dub 2017 18:37
od Rudy
Zoek něco smazal. JRT zkuste spustit v nouz. režimu. Mělo by to jít rychleji.

Re: PC se chová divně

Napsal: 23 dub 2017 19:41
od zsman
A jak se dostanu ve Windowsech 8.1 do nouzového režimu?
Tak program když jsem ho nechal ještě pokračoval.Napsal jestli chci ukončit práci a dal mi na výběr Ano nebo ne.Dal jsem ne.To vše čtyřikrát a pak pokračoval dále ještě asi čtyři řátky.Pak znova dotaz,dvakrát ne a pak napsal že nenašel složku JRT.txt.Vyskočilo okno jestli chci vytvořit nebo ne.Ať dám cokoli otevře se texťák a dál to nedělá nic.Ukončením texťáku zavřu i program.Tak nevím kde je chyba?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz