Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vypadávání internetu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
nickzess
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 18 pro 2012 09:48

Vypadávání internetu

#1 Příspěvek od nickzess »

Ahoj,
poslední dobou, cca 30minut, po zapnutí PC se odpojím automaticky z netu. Když chci otevřít seznam wifi pripojení, tak se mně žádná seznam neukáže, musím dát odstranit potíže a až poté se mi seznam načte, tam si vyberu svoji síť a už to je OK a pak už net nevypadne.
Zároveň prosím o celkovou kontrolu PC.
Moc děkuji

Přikládám log:
Logfile of random's system information tool 1.16 (written by random/random)
Run by Honza at 2017-08-18 21:34:51
Microsoft Windows 10 Pro
System drive C: has 15 GB (7%) free of 227 GB
Total RAM: 1913 MB (23% free)
X86

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:32, on 18. 8. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.17443)
Boot mode: Normal

Running processes:
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Windows\System32\TpShocks.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\DynamicUSBTool\DynamicUSB.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe
C:\Users\Honza\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Honza\Desktop\RSIT.exe
C:\Program Files\trend micro\Honza_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O1 - Hosts: 212.80.69.80 test1.voyo.nova.cz
O2 - BHO: CtxIEInterceptorBHO - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\STAENP~1\PROZAB~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - (no file)
O2 - BHO: (no name) - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - (no file)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [DynamicUSB] "C:\Program Files\DynamicUSBTool\DynamicUSB.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Stažené programy\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynLenovoHelper] %ProgramFiles%\Synaptics\SynTP\SynLenovoHelper.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Honza\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'DefaultAppPool')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: PopTray.lnk = ?
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\Honza\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\STAENP~1\PROZAB~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\STAENP~1\PROZAB~1\SPYBOT~1\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{7a02f118-28a0-46bf-872a-bc305e62476f}: NameServer = 8.8.8.8
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Blackberry Device Manager - Research In Motion Limited - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @oem78.inf,%ibm.svcDesc0%;Lenovo PM Service (IBMPMSVC) - Lenovo. - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: FrontLine Drivers Auto Removal (v2) (sfrem02) - Protection Technology (StarForce) - C:\Windows\system32\sfrem02.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

--
End of file - 19631 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job - C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask
C:\WINDOWS\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -silentenumeration
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\WINDOWS\system32\tasks\DealPlyUpdate - C:\Program Files\DealPly\DealPlyUpdate.exe
C:\WINDOWS\system32\tasks\DiskUpdate - C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003Core - C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA - C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA1d1f58b4e24fe1d - C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Maxthon Update - "C:\Program Files\Maxthon\Bin\Maxthon.exe" -RunScheduledUpdate
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-1986333984-2678021812-3497317569-1003 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\PCDoctorBackgroundMonitorTask - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask
C:\WINDOWS\system32\tasks\PMTask - C:\PROGRA~1\ThinkPad\UTILIT~1\PwmIdTsv.exe
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1476557548 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Scheduled Update for Ask Toolbar - C:\Program Files\Ask.com\UpdateTask.exe
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - \Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\tasks\SystemToolsDailyTest - C:\Program Files\PC-Doctor\pcdr5cuiw32.exe -silentenumeration
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{02168ECA-2B1D-4227-81CB-2FC75AF17EDA} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{0358D376-0FCB-4D96-8B90-FF6905024FC3} - C:\Program Files\Stažené programy\Daemon\daemon4303-lite.exe
C:\WINDOWS\system32\tasks\{0BE9012F-C6E3-4E35-BF28-8170D35A5CAA} - C:\Program Files\Stažené programy\Hry\Need For Speed Shift - CZ - RELOADED\shift.exe
C:\WINDOWS\system32\tasks\{1063DE59-FEC0-46C1-BE69-88A2A05AE806} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Hry\S.T.A.L.K.E.R. Shadow of Chernobyl CZ\setup-bp.exe" -d "C:\Program Files\Stažené programy\Hry\S.T.A.L.K.E.R. Shadow of Chernobyl CZ"
C:\WINDOWS\system32\tasks\{265CAA97-921B-49C4-8E39-A578DC712C69} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Hry\Alarm für Cobra 11 - Crash Time - CZ\UN\setup.exe" -d "C:\Program Files\Stažené programy\Hry\Alarm für Cobra 11 - Crash Time - CZ\UN"
C:\WINDOWS\system32\tasks\{2DFAC0CE-3B0B-4137-98A6-31C9FEE85052} - C:\Users\Honza\Desktop\WM9Codecs.exe
C:\WINDOWS\system32\tasks\{3236AD53-896C-448B-B66B-E3C2539B57B6} - C:\Windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\OnLineRecovery.exe -d C:\Users\Honza\Desktop
C:\WINDOWS\system32\tasks\{36253562-2349-42FD-9572-EE17DB154F41} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Alwil Software\Avast5\aswRunDll.exe" -c "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
C:\WINDOWS\system32\tasks\{3F1A04D6-F2EA-4F73-9247-055C7F8D300A} - C:\Program Files\Stažené programy\Hry\Need For Speed Shift - CZ - RELOADED\shift.exe
C:\WINDOWS\system32\tasks\{51C43EC8-167C-45CA-A5D8-16518A0E383A} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Hry\Alarm für Cobra 11 - Crash Time - CZ\CT_Setup.exe" -d "C:\Program Files\Stažené programy\Hry\Alarm für Cobra 11 - Crash Time - CZ"
C:\WINDOWS\system32\tasks\{543457B4-410F-4727-A1EB-ABD5CC846C33} - C:\Program Files\Lenovo\VeriFace\veriface.exe
C:\WINDOWS\system32\tasks\{584BA0CE-2400-477F-9FEC-43A9A1B55DA9} - C:\SWTOOLS\APPS\VeriFace\verifaceiii.20090312\VeriFaceIII.20090312.exe
C:\WINDOWS\system32\tasks\{5AB5BC9F-218F-4558-8B9E-AF00537225D4} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Pro zabezpečení\VeriFace\verifaceiii20090312.exe" -d "C:\Program Files\Stažené programy\Pro zabezpečení\VeriFace"
C:\WINDOWS\system32\tasks\{5DAB54A2-E2D5-4DA5-B28C-6603B1B0D9BC} - C:\Program Files\Stažené programy\Hry\Need For Speed Shift - CZ - RELOADED\shift.exe
C:\WINDOWS\system32\tasks\{5E40FB2E-E6E6-4EF3-B22F-4DEDAB674E68} - C:\Program Files\Lenovo\VeriFaceIII\VeriFace.exe
C:\WINDOWS\system32\tasks\{64D0E8C1-2199-42E7-B05B-5E1CCCD4269E} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Hry\Chameleon\Setup.exe" -d "C:\Program Files\Stažené programy\Hry\Chameleon"
C:\WINDOWS\system32\tasks\{66F80683-2C08-4767-B69D-266901D47ECE} - C:\SWTOOLS\APPS\VeriFace\verifaceiii.20090312\VeriFaceIII.20090312.exe
C:\WINDOWS\system32\tasks\{671CF5D5-FBED-47A9-8A5E-1A2D913C81F4} - C:\Windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\IN3STW01WW5.exe -d C:\Users\Honza\Desktop
C:\WINDOWS\system32\tasks\{6C94B17D-635C-4507-BE6D-9283ECFC56BF} - C:\Windows\system32\pcalua.exe -a "C:\Users\Honza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QBJHHIJM\vcredist_x64.exe" -d C:\Users\Honza\Desktop
C:\WINDOWS\system32\tasks\{6CC21FC3-3975-498A-8368-DE2EBBCC2A63} - C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\spybotsd162.exe
C:\WINDOWS\system32\tasks\{6DACAB32-5FF0-410E-B53E-86F3412B7E0A} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Nero\Nero Web\SetupX.exe" -d "C:\Program Files\Common Files\Nero\Nero Web\" -c -ScParameter=65 MODE="update"
C:\WINDOWS\system32\tasks\{724ABBB4-4901-465E-82A6-512AAE179AAE} - C:\Program Files\Mafia\Game.exe
C:\WINDOWS\system32\tasks\{74F2178F-EA7D-49B3-B3C4-E052DCA4F2E7} - C:\Users\Honza\Desktop\WM9Codecs.exe
C:\WINDOWS\system32\tasks\{7883B547-D6A8-40D9-9C1F-AD8161546847} - C:\Windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\WM9Codecs.exe -d C:\Users\Honza\Desktop
C:\WINDOWS\system32\tasks\{7CCFF14A-B393-4124-92FE-09779F28DD18} - C:\Program Files\Stažené programy\Hry\S.T.A.L.K.E.R. Clear Sky Cz\Hra\bin\xrEngine.exe
C:\WINDOWS\system32\tasks\{829F34AA-AEEC-4DB9-A582-8BEBE43BB1C6} - C:\Windows\system32\pcalua.exe -a E:\WMCodec\WM9Codecs9x.exe -d E:\WMCodec
C:\WINDOWS\system32\tasks\{8A03160D-80A0-4FC6-888C-08A2E5147BC4} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\CENEGA CZECH\Chameleon\Setup.exe" -d "C:\Program Files\CENEGA CZECH\Chameleon"
C:\WINDOWS\system32\tasks\{9960928D-71BA-4636-8E05-5E26F50B8ED3} - "c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.5.0.101/cs/a ... rogressBar
C:\WINDOWS\system32\tasks\{9AA68FC7-8681-4A47-8BB8-650F1AABB2AD} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Pro zabezpečení\Ad-Aware\Ad-AwareInstallation.exe" -d "C:\Program Files\Stažené programy\Pro zabezpečení\Ad-Aware"
C:\WINDOWS\system32\tasks\{A1285FF2-40C2-4206-A989-64EB96EB0C20} - C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files\Lenovo\VeriFace\veriface.exe"
C:\WINDOWS\system32\tasks\{ACF7FCEF-21A0-4BB9-9882-8B2A8408D7A1} - C:\Program Files\Stažené programy\Hry\S.T.A.L.K.E.R. Clear Sky Cz\Hra\bin\xrEngine.exe
C:\WINDOWS\system32\tasks\{AE47ED6D-163A-4A0B-9ED1-DBF822413C69} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Stažené programy\Nero\Balíčky do Nero Vision\Templates_Basic_HD.exe" -d "C:\Program Files\Stažené programy\Nero\Balíčky do Nero Vision"
C:\WINDOWS\system32\tasks\{B48B183C-2D39-45A9-AF94-FFF31E9A1744} - C:\SWTOOLS\APPS\VeriFace\verifaceiii.20090312\VeriFaceIII.20090312.exe
C:\WINDOWS\system32\tasks\{EC42C2B7-FB1B-4BC2-AFCD-BB25EC8E72CF} - C:\Windows\system32\pcalua.exe -a "C:\Program Files\Mafia\Setup.exe" -d "C:\Program Files\Mafia"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-1986333984-2678021812-3497317569-1003 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\TVT\ChangePWD - %RR%\rrcmd.exe test
C:\WINDOWS\system32\tasks\TVT\LaunchRnR - %RR%\rrcmd.exe BACKUP location=L name="Scheduled" scheduled
C:\WINDOWS\system32\tasks\TVT\UpdateRnR - %TVTCOMMON%\Scheduler\tvtsetsched.exe rnrupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults - %systemroot%\system32\MusNotification.exe LogonUpdateResults
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant - %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:Th1Eos:{}
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun - %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:Th1Eos:{} /CalendarRun
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\rempl\shell - %ProgramFiles%\rempl\remsh.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\rempl\shell-unlock - %ProgramFiles%\rempl\remsh.exe /RunUsoScanOnly
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.151 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Citrix.com/npican]
"Description"=Citrix ICA Client Plugin
"Path"=C:\Program Files\Citrix\ICA Client\npicaN.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rim.com/npappworld]
"Description"=
"Path"=C:\Program Files\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3]
"Description"=DealPlyLive Update
"Path"=C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9]
"Description"=DealPlyLive Update
"Path"=C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\searchplugins\
bingp.xml

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\addons.json
Text Link - extension - {54BB9F3F-07E5-486c-9B39-C7398B99391C}

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\extensions.json
Avast Online Security - extension - wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF
Avast SafePrice - extension - sp@avast.com - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Text Link - extension - {54BB9F3F-07E5-486c-9B39-C7398B99391C} - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Firefox Screenshots - extension - screenshots@mozilla.org - C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Follow-on Search Telemetry - extension - followonsearch@mozilla.com - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\features\{7e401dae-5bc4-44a1-814a-0a2556932f82}\followonsearch@mozilla.com.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\features\{7e401dae-5bc4-44a1-814a-0a2556932f82}\shield-recipe-client@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\features\{7e401dae-5bc4-44a1-814a-0a2556932f82}\e10srollout@mozilla.org.xpi

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\pluginreg.dat
Plugin - Shockwave Flash - 26.0.0.151 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll

=========Google Chrome=========

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension dkncgicdohgfdncecojfiapgebmlnaoc 1 Seznam.cz 2016.3.15.38507
Extension ecmgkhgjmodembdmiimbacpjgcdimiek 1 Plná Peněženka Lištička 3.1.7
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 1 Adobe Acrobat 15.1.0.6
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.222
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 0.0.0.6
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension fjhemmolgagmlnmkijimihpihajekbdp 1 CloudCockpit Secure Logon 2016.3.15.39361
Extension fngmhnnpilhplaeedifhccceomclgfbg 1 EditThisCookie 1.4.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension ghgabhipcejejjmhhchfonmamedcbeod 1 Click&Clean 8.9.9.1
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 10.2.0.190
Extension kafhoidinlbamepifokmbjdkkciefhgh 1 Vyhledávání produktů podle obrazu na AliExpress.com 1.2.1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 2 Skype Click to Call 7.3.16540.9015
Extension mbemagncoffhaeakhjpmfhmdhifkjfoo 1 diskuze.pozary.cz 2016.3.17.37731
Extension mbiihbcjjmpoicibkilghglikmfcjbjd 0 Plus 25 1.0
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension mpochgjjobopmjeeoedohlnngbmlkloa 1 Portál ČHMÚ : Předpovědi : Předpovědi... 2016.3.17.37780
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.4
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh Google Now 1.2.0.1
Extension pglfllomkadlhgbopeenbggbfekpkmpf 1 Předpověď počasí - Mrakoplašova předp... 2016.3.16.48171
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6017.605.1.4
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gnlaniokgfckpjblpafbfchhghecmifi]
"Path"=C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{658CFA43-45F6-4A45-8A82-C93F0AB200FA}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox;
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4631FF-5CC8-4EBC-A0DF-34C92291759E}]
CtxIEInterceptorBHO Class - C:\Program Files\Citrix\ICA Client\IEInterceptor.dll [2012-04-05 85144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\STAENP~1\PROZAB~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9cf699ca-2174-4ed8-bec1-ba82095edce0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22 157232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-09-08 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-09-08 174104]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-09-08 151064]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
"TpShocks"=TpShocks.exe []
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [2009-10-14 36864]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2013-01-17 267792]
"ConnectionCenter"=C:\Program Files\Citrix\ICA Client\concentr.exe [2012-04-05 371864]
"DynamicUSB"=C:\Program Files\DynamicUSBTool\DynamicUSB.exe [2007-03-02 94208]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files\Stažené programy\QuickTime\QTTask.exe [2013-05-01 421888]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-03-06 205512]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-11-21 3519656]
"SynLenovoHelper"=C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [2015-11-21 126120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-05-04 601168]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2012-05-30 1842384]
"CCleaner Monitoring"=C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe [2014-11-21 5282584]
"OneDrive"=C:\Users\Honza\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-07-30 1536208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2017-07-28 27815896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessMouse]
C:\Program Files\Stažené programy\Myš SilverCrest 12018\English\StartAutorun.exe [2005-11-30 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PopTray.lnk]
C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe [2006-09-16 1666048]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
PopTray.lnk - C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe

C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Stažené programy\FlashGet\FlashGet3.exe"="C:\Program Files\Stažené programy\FlashGet\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files\Google\Chrome\Application\60.0.3112.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{A6EADE66-0000-0000-484E-7E8A45000000}]
"StubPath"="C:\WINDOWS\system32\Rundll32.exe" "C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-08-18 21:19:07 ----D---- C:\Program Files\trend micro
2017-08-18 21:19:06 ----D---- C:\rsit
2017-08-16 19:17:46 ----HD---- C:\$WINDOWS.~BT
2017-08-15 20:32:32 ----D---- C:\ProgramData\SWCUTemp
2017-08-01 21:15:11 ----D---- C:\Program Files\rempl

======List of files/folders modified in the last 1 month======

2017-08-18 21:30:59 ----AD---- C:\ProgramData\TEMP
2017-08-18 21:30:20 ----D---- C:\WINDOWS\Temp
2017-08-18 21:19:07 ----RD---- C:\Program Files
2017-08-18 21:11:43 ----D---- C:\WINDOWS\system32\NDF
2017-08-18 20:51:14 ----D---- C:\WINDOWS\System32
2017-08-18 20:43:56 ----SHD---- C:\WINDOWS\Installer
2017-08-18 20:43:55 ----SHD---- C:\Config.Msi
2017-08-18 20:43:17 ----SHD---- C:\System Volume Information
2017-08-18 20:40:43 ----D---- C:\WINDOWS\SoftwareDistribution
2017-08-18 20:40:42 ----D---- C:\Windows
2017-08-18 20:37:47 ----D---- C:\WINDOWS\system32\sru
2017-08-18 00:15:57 ----D---- C:\WINDOWS\system32\config
2017-08-17 23:39:54 ----D---- C:\WINDOWS\Microsoft.NET
2017-08-17 23:22:11 ----D---- C:\WINDOWS\system32\drivers
2017-08-17 20:38:57 ----HD---- C:\Program Files\WindowsApps
2017-08-17 20:38:50 ----D---- C:\WINDOWS\AppReadiness
2017-08-16 21:42:50 ----D---- C:\CitrixUSBStore
2017-08-16 21:34:36 ----D---- C:\Users\Honza\AppData\Roaming\vlc
2017-08-16 18:18:18 ----D---- C:\WINDOWS\Prefetch
2017-08-15 20:40:27 ----D---- C:\WINDOWS\system32\Tasks
2017-08-15 20:32:32 ----HD---- C:\ProgramData
2017-08-15 09:15:46 ----D---- C:\WINDOWS\debug
2017-08-15 09:06:11 ----D---- C:\WINDOWS\system32\MRT
2017-08-15 08:51:42 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-08-13 21:12:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-13 21:12:53 ----D---- C:\WINDOWS\INF
2017-08-13 19:42:46 ----D---- C:\Windows10Upgrade
2017-08-08 19:45:08 ----D---- C:\WINDOWS\system32\Macromed
2017-08-03 21:11:12 ----D---- C:\ProgramData\Skype
2017-07-30 22:46:06 ----A---- C:\WINDOWS\progress.ini
2017-07-30 21:56:16 ----HD---- C:\$GetCurrent

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [2017-03-06 148720]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [2017-03-06 267016]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [2017-03-06 41176]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-03-06 62152]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-03-14 278776]
R0 iaStor;@oem42.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2009-08-07 330264]
R0 sfdrv02;FrontLine Environment Driver (v2); C:\WINDOWS\system32\drivers\sfdrv02.sys [2006-09-11 67960]
R0 sfsync05;FrontLine Synchronization Driver (v5); C:\WINDOWS\system32\drivers\sfsync05.sys [2006-08-11 59776]
R0 Shockprf;Shockprf; C:\WINDOWS\System32\DRIVERS\Apsx86.sys [2009-06-29 117800]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [2017-03-06 257288]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-03-06 31064]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2017-03-06 355752]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-03-06 90336]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-03-06 756200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-03-21 465024]
R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2012-02-14 67960]
R1 lenovo.smi;Lenovo System Interface Driver; C:\WINDOWS\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-03-06 106392]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-03-06 118288]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-05-26 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-05-26 25888]
R2 regi;regi; C:\WINDOWS\system32\drivers\regi.sys [2007-04-18 11032]
R3 5U877;@oem28.inf,%USBVideo.SvcDesc%;USB Video Device; C:\WINDOWS\system32\DRIVERS\5U877.sys [2009-06-18 125568]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2015-07-10 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 102912]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 61952]
R3 btwaudio;@oem20.inf,%btaudio.SvcDesc%;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2013-12-18 86056]
R3 btwavdt;@oem19.inf,%btwavdt.SVCDESC%;Bluetooth AVDT Service; C:\WINDOWS\System32\drivers\btwavdt.sys [2013-12-18 108072]
R3 btwl2cap;@oem53.inf,%btwl2cap.SVCDESC%;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2011-05-05 29472]
R3 btwrchid;btwrchid; C:\WINDOWS\System32\drivers\btwrchid.sys [2013-12-18 18472]
R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2015-06-26 59216]
R3 IntcHdmiAddService;@oem49.inf,%IntelHDMIDriverForHDAudio.SvcDesc%;Intel(R) High Definition Audio HDMI; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2009-07-09 122880]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2009-05-18 119256]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2015-11-21 130048]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\WINDOWS\System32\drivers\NETwNs32.sys [2015-07-10 7518208]
R3 psadd;@oem24.inf,%psadd.SVCDESC%;Lenovo Parties Service Access Device Driver; C:\WINDOWS\System32\drivers\psadd.sys [2009-12-02 33088]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 129536]
R3 RimVSerPort;@oem3.inf,%RimVSerPort%;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2012-12-10 35840]
R3 rt640x86;@rt640x86.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x86.sys [2015-07-10 492032]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2015-11-21 26792]
S0 amdagp;@machine.inf,%amdagp_svcdesc%;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\drivers\amdagp.sys [2015-07-10 55648]
S0 sisagp;@machine.inf,%sisagp_svcdesc%;SIS AGP Bus Filter; C:\WINDOWS\System32\drivers\sisagp.sys [2015-07-10 54112]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-26 697328]
S2 Parvdm;Parvdm; C:\WINDOWS\System32\drivers\parvdm.sys [2015-07-10 9216]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-03-06 34136]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\aswTap.sys [2015-03-14 38984]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-11-21 725504]
S3 btusbflt;Bluetooth USB Filter; C:\WINDOWS\system32\drivers\btusbflt.sys [2013-12-18 45736]
S3 dtproscsibus;@oem4.inf,%DTPROSCSIBUS.DeviceDesc%;DAEMON Tools Pro Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [2017-04-14 26168]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 fssfltr;fssfltr; C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-07-10 22016]
S3 HyperVideo;HyperVideo; C:\WINDOWS\system32\DRIVERS\HyperVideo.sys [2015-07-10 19456]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-07-10 61936]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2015-07-10 80384]
S3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\C:\Program Files\PC-Doctor\pcdsrvc.pkms [2009-08-18 20848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-10-01 124192]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-10-01 242976]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-03-06 262736]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-03-06 278784]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-06-13 628000]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-22 858384]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IBMPMSVC;@oem78.inf,%ibm.svcDesc0%;Lenovo PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2015-06-26 113904]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-12-21 1872808]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2015-11-21 24576]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
R2 OneSyncSvc_Session5;Hostitel synchronizace_Session5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2013-01-12 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2013-01-12 107832]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-22 473360]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 Serviio;Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [2016-12-05 413696]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2009-09-25 15872]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-03-06 5545144]
R3 Blackberry Device Manager;Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-01-18 577536]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-07-10 135848]
S2 sfrem02;FrontLine Drivers Auto Removal (v2); C:\Windows\system32\sfrem02.exe [2006-05-11 358008]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-06-01 317400]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-02-09 651720]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-05-07 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-07-10 175560]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2007-11-28 53248]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2007-11-28 53248]
S3 PimIndexMaintenanceSvc_Session5;Data kontaktů_Session5; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2007-11-28 77824]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2016-03-15 45744]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vypadávání internetu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

nickzess
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 18 pro 2012 09:48

Re: Vypadávání internetu

#3 Příspěvek od nickzess »

# AdwCleaner 7.0.1.0 - Logfile created on Fri Aug 18 20:31:29 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 10 Pro (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: ICQ Service


***** [ Folders ] *****

Deleted: C:\Program Files\ICQ6Toolbar
Deleted: C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Deleted: C:\ProgramData\ICQ\ICQNewTab
Deleted: C:\ProgramData\Application Data\ICQ\ICQNewTab
Deleted: C:\Users\All Users\ICQ\ICQNewTab
Deleted: C:\Program Files\Ask.com
Deleted: C:\Program Files\Conduit
Deleted: C:\Users\Honza\AppData\Local\Conduit
Deleted: C:\Users\Honza\AppData\LocalLow\Conduit
Deleted: C:\Users\Honza\AppData\Roaming\OpenCandy
Deleted: C:\Program Files\DealPly
Deleted: C:\Users\Honza\AppData\Roaming\DealPly
Deleted: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Deleted: C:\ProgramData\DealPlyLive
Deleted: C:\ProgramData\Application Data\DealPlyLive
Deleted: C:\Program Files\DealPlyLive
Deleted: C:\Users\All Users\DealPlyLive
Deleted: C:\Users\Honza\AppData\Local\DealPlyLive
Deleted: C:\ProgramData\dealplylive
Deleted: C:\ProgramData\Application Data\dealplylive
Deleted: C:\Program Files\dealplylive
Deleted: C:\Users\All Users\dealplylive
Deleted: C:\Users\Honza\AppData\Local\dealplylive
Deleted: C:\Users\Honza\AppData\Local\FileViewPro
Deleted: C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}


***** [ Files ] *****

Deleted: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\searchplugins\bingp.xml


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: DealPlyUpdate
Deleted: Scheduled Update for Ask Toolbar


***** [ Registry ] *****

Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search [http:\\search.icq.com\search\results.php?q={searchTerms}&ch_id=sm]
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|IE9RunOnceCompletionTime [íଉnj:\\search.icq.com\search\results.php?q={searchTerms}&ch_id=sm]
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\AppDataLow\AskToolbarInfo
Deleted: [Key] - HKCU\Software\AppDataLow\AskToolbarInfo
Deleted: [Key] - HKLM\SOFTWARE\dt soft\daemon tools toolbar
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\UpToDown
Deleted: [Key] - HKCU\Software\UpToDown
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\YahooPartnerToolbar
Deleted: [Key] - HKCU\Software\YahooPartnerToolbar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{855F3B16-6D32-4FE6-8A56-BBB695989046}
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{066D89E6-B457-4A57-888A-B0AEB11D5BF1}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{0E8990F4-2FC9-403C-883B-535D6271E740}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{1644E2E1-E15E-4E9E-9B25-5668536DD6A7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2BA83048-8B7C-4186-843B-D97FC1A6AE95}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{469960F8-8172-4386-BBB1-DF3590027D58}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{753C5ED0-B9AB-4F1E-8DAC-668E701CA569}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{80995911-5CF2-483F-A260-C736E8D0C691}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{821ED2B3-866E-4177-870E-52D995D123D0}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9B4E4BF6-9346-4969-8428-C3CB81CD7A30}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BAC5A3B-33FD-4DB9-A4F1-B749498D4017}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A6670033-7A4B-4F59-B8A9-A7CEBF3CE960}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B1285825-F24F-4651-9F8A-2012460AD2FC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B3D38AE9-C808-4811-8417-F114839D6392}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B8E64931-27EF-42BC-AF3B-0E2B25D17567}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BE952BDF-6FDF-4A62-B318-E15D4487A2EF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C0233F6C-3110-4AEA-A798-C81DA43CED9E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{CC5B7648-AAF8-4642-B53D-B7B5E4AE7241}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{D325B617-D6F9-4C72-90B2-A38E6D15C16E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DF51AD29-5239-441A-B921-E655C8162060}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E515494B-7548-462A-B7E7-A3E6F8C4899C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E9ECFFF9-2011-439F-92EB-BE145ACD87DA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FBB92627-0DAA-4B69-97CC-9879236FE039}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Main|ICQ Search
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com\DealPlyLive Update;version=3
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com\DealPlyLive Update;version=9
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application\x-vnd.dpliveupdate.oneclickctrl.9
Deleted: [Key] - HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application\x-vnd.dpliveupdate.update3webcontrol.3
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\AppDataLow\Software\AskToolbar
Deleted: [Key] - HKCU\Software\AppDataLow\Software\AskToolbar
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Ask.com
Deleted: [Key] - HKCU\Software\Ask.com
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\AppDataLow\Software\ConduitSearchScopes
Deleted: [Key] - HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Deleted: [Key] - HKLM\SOFTWARE\ICQ\ICQToolbar
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\AppDataLow\Toolbar
Deleted: [Key] - HKCU\Software\AppDataLow\Toolbar
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Deleted: [Key] - HKLM\SOFTWARE\DealPlyLive
Deleted: [Key] - HKU\.DEFAULT\Software\DealPlyLive
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\DealPlyLive
Deleted: [Key] - HKU\S-1-5-18\Software\DealPlyLive
Deleted: [Key] - HKCU\Software\DealPlyLive
Deleted: [Key] - HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\InstallCore
Deleted: [Key] - HKCU\Software\InstallCore
Deleted: [Key] - HKLM\SOFTWARE\Classes\Toolbar.CT3067892


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [14701 B] - [2017/8/18 20:13:48]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vypadávání internetu

#4 Příspěvek od Rudy »

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

nickzess
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 18 pro 2012 09:48

Re: Vypadávání internetu

#5 Příspěvek od nickzess »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-08-2017
Ran by Honza (administrator) on LENOVO (19-08-2017 19:09:38)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza & DefaultAppPool)
Platform: Microsoft Windows 10 Pro (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Maxthon) C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\System32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
() C:\Program Files\Serviio\bin\ServiioService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
() C:\Program Files\Serviio\bin\ServiioService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Lenovo) C:\Program Files\Lenovo\Access Connections\SvcGuiHlpr.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\System Update\SUService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Citrix Systems) C:\Program Files\DynamicUSBTool\DynamicUSB.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe
(Gadwin Systems, Inc) C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
(Piriform Ltd) C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Renier Crause) C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.25071.0_x86__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1604.21020.0_x86__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7612960 2009-07-10] (Realtek Semiconductor)
HKLM\...\Run: [TPHOTKEY] => C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [68976 2009-03-13] (Lenovo Group Limited)
HKLM\...\Run: [LENOVO.TPFNF6R] => C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [62752 2009-08-20] (Lenovo Group Limited)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [337184 2009-07-09] (Lenovo.)
HKLM\...\Run: [PWMTRV] => rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
HKLM\...\Run: [Message Center Plus] => C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-28] ()
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [36864 2009-10-14] ()
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [371864 2012-04-05] (Citrix Systems, Inc.)
HKLM\...\Run: [DynamicUSB] => C:\Program Files\DynamicUSBTool\DynamicUSB.exe [94208 2007-03-02] (Citrix Systems)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\Stažené programy\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-06] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3519656 2015-11-21] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [126120 2015-11-21] (Synaptics)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\...\Run: [Google Update] => C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-05-04] (Google Inc.)
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\...\Run: [Gadwin PrintScreen] => C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [1842384 2012-05-30] (Gadwin Systems, Inc)
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\Stažené programy\Pro zabezpečení\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [25600 2015-07-10] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~1\Citrix\ICACLI~1\RSHook.dll => C:\Program Files\Citrix\ICA Client\RSHook.dll [257176 2012-04-05] (Citrix Systems, Inc.)
Lsa: [Notification Packages] scecli ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-12-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PopTray.lnk [2010-04-21]
ShortcutTarget: PopTray.lnk -> C:\Program Files\Stažené programy\Oznámení pošty\PopTray.exe (Renier Crause)
Startup: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk [2015-03-15]
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7a02f118-28a0-46bf-872a-bc305e62476f}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7a02f118-28a0-46bf-872a-bc305e62476f}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
URLSearchHook: HKLM - (No Name) - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No File
SearchScopes: HKLM -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL =
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {938F3005-BFBA-4BC5-B8A9-3DD94A243DCB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_2
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {C5761109-66CB-4308-B879-BF8F6D89BB32} URL = hxxp://www.csfd.cz/hledani-filmu-hercu-reziser ... earchTerms}
BHO: CtxIEInterceptorBHO Class -> {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} -> C:\Program Files\Citrix\ICA Client\IEInterceptor.dll [2012-04-05] (Citrix Systems, Inc.)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Stažené programy\Pro zabezpečení\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: No Name -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> No File
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\Honza\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22] (Trend Media Group)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18] (Sun Microsystems, Inc.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> No Name - {1C68C940-1B2F-46EB-BD8C-2E1612FF6A58} - No File
Toolbar: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> hxxp://www.seznam.cz/

FireFox:
========
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default [2017-08-19]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\cw5pp30k.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\cw5pp30k.default -> hxxps://www.seznam.cz/
FF Keyword.URL: Mozilla\Firefox\Profiles\cw5pp30k.default -> hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Extension: (Text Link) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2017-03-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-08] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin: @Citrix.com/npican -> C:\Program Files\Citrix\ICA Client\npicaN.dll [2012-04-05] (Citrix Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @rim.com/npappworld -> C:\Program Files\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll [2014-03-03] ()
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-03] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: @powerchallenge.com/PowerLoader -> C:\Users\Honza\AppData\LocalLow\PowerChallenge\nppowerloader.dll [2009-09-21] (Power Challenge Sweden AB)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Honza\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-03-19] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1986333984-2678021812-3497317569-1003: google.com/WidevineMediaOptimizer -> C:\Users\Honza\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2017-08-19]
CHR Extension: (Prezentace Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-31]
CHR Extension: (Dokumenty Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-31]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-31]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Seznam.cz) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2016-03-15]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2017-07-14]
CHR Extension: (Adobe Acrobat) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Avast SafePrice) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-06-06]
CHR Extension: (Tabulky Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-31]
CHR Extension: (CloudCockpit Secure Logon) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhemmolgagmlnmkijimihpihajekbdp [2016-03-15]
CHR Extension: (EditThisCookie) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-04-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Click&Clean) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2017-07-31]
CHR Extension: (Vyhledávání produktů podle obrazu na AliExpress.com) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\kafhoidinlbamepifokmbjdkkciefhgh [2017-03-30]
CHR Extension: (diskuze.pozary.cz) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbemagncoffhaeakhjpmfhmdhifkjfoo [2016-03-17]
CHR Extension: (Plus 25) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbiihbcjjmpoicibkilghglikmfcjbjd [2017-06-27]
CHR Extension: (Portál ČHMÚ : Předpovědi : Předpovědi...) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpochgjjobopmjeeoedohlnngbmlkloa [2016-03-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Předpověď počasí - Mrakoplašova předp...) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pglfllomkadlhgbopeenbggbfekpkmpf [2016-03-16]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [124192 2009-10-01] (Lenovo)
R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [242976 2009-10-01] (Lenovo)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5545144 2017-03-06] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-06] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-06] (AVAST Software)
R3 Blackberry Device Manager; C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-09] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [45424 2009-07-03] (Lenovo Group Limited)
R2 MaxthonUpdateSvc; C:\Program Files\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-21] (Maxthon)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2007-11-28] (Sony Corporation) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2007-11-28] (Sony Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2013-01-12] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [107832 2013-01-12] ()
R2 Serviio; C:\Program Files\Serviio\bin\ServiioService.exe [413696 2016-12-05] () [File not signed]
S2 sfrem02; C:\Windows\system32\sfrem02.exe [358008 2006-05-11] (Protection Technology (StarForce))
S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2007-11-28] (Sony Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
R2 SUService; c:\Program Files\Lenovo\System Update\SUService.exe [15872 2009-09-25] (Lenovo Group Limited) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [208552 2015-11-21] (Synaptics Incorporated)
S2 ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1019904 2009-08-29] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [1474560 2009-09-04] (Lenovo Group Limited) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2017-06-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [257288 2017-03-06] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [148720 2017-03-06] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [267016 2017-03-06] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [41176 2017-03-06] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [34136 2017-03-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [31064 2017-03-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [106392 2017-03-06] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [355752 2017-03-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [90336 2017-03-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [62152 2017-03-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [756200 2017-03-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [465024 2017-03-21] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [118288 2017-03-06] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\DRIVERS\aswTap.sys [38984 2015-03-14] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [278776 2017-03-14] (AVAST Software)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [281760 2010-05-26] ()
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [26168 2017-04-14] (Disc Soft Ltd)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2010-05-26] ()
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7518208 2015-07-10] (Intel Corporation)
S3 PCDSRVC{C4B36920-79E24793-06000000}_0; C:\Program Files\PC-Doctor\pcdsrvc.pkms [20848 2009-08-18] (PC-Doctor, Inc.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [492032 2015-07-10] (Realtek )
R0 sfdrv02; C:\WINDOWS\System32\drivers\sfdrv02.sys [67960 2006-09-11] (Protection Technology (StarForce))
R0 sfsync05; C:\WINDOWS\System32\drivers\sfsync05.sys [59776 2006-08-11] (Protection Technology (StarForce))
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2015-11-21] (Synaptics Incorporated)
S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [697328 2010-05-26] (Duplex Secure Ltd.)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-19 19:09 - 2017-08-19 19:11 - 000032828 _____ C:\Users\Honza\Desktop\FRST.txt
2017-08-19 19:09 - 2017-08-19 19:09 - 000000000 ____D C:\FRST
2017-08-19 19:07 - 2017-08-19 19:07 - 000112640 _____ (forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
2017-08-19 19:00 - 2017-08-19 19:00 - 001792512 _____ (Farbar) C:\Users\Honza\Desktop\FRST.exe
2017-08-19 18:57 - 2017-08-19 18:57 - 000016148 _____ C:\WINDOWS\system32\LENOVO_Honza_HistoryPrediction.bin
2017-08-18 22:37 - 2017-08-18 22:37 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-18 22:07 - 2017-08-18 22:31 - 000000000 ____D C:\AdwCleaner
2017-08-18 22:05 - 2017-08-18 22:07 - 008185288 _____ (Malwarebytes) C:\Users\Honza\Desktop\adwcleaner_7.0.1.0.exe
2017-08-18 21:19 - 2017-08-18 21:34 - 000000000 ____D C:\Program Files\trend micro
2017-08-18 21:19 - 2017-08-18 21:20 - 000000000 ____D C:\rsit
2017-08-18 21:18 - 2017-08-18 21:18 - 001206272 _____ C:\Users\Honza\Desktop\RSIT.exe
2017-08-16 19:17 - 2017-08-16 19:17 - 000000000 ___HD C:\$WINDOWS.~BT
2017-08-08 22:55 - 2017-08-08 22:55 - 000000279 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koš.lnk
2017-08-01 21:15 - 2017-08-18 20:43 - 000000000 ____D C:\Program Files\rempl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-19 19:09 - 2017-03-26 23:30 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2017-08-19 15:51 - 2011-04-04 17:57 - 000000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job
2017-08-19 15:21 - 2015-07-10 10:28 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-18 22:58 - 2010-04-11 18:18 - 000000000 ____D C:\ProgramData\TEMP
2017-08-18 22:35 - 2017-07-13 20:04 - 000035042 _____ C:\Users\Public\Documents\AccConnAdvanced.dat
2017-08-18 22:35 - 2017-04-12 12:27 - 000069432 _____ C:\Users\Public\Documents\ACGinaWinlogon.dat
2017-08-18 22:34 - 2015-07-21 01:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-18 22:33 - 2015-07-10 08:59 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2017-08-18 22:30 - 2010-04-21 10:18 - 000000000 ____D C:\ProgramData\ICQ
2017-08-18 21:32 - 2011-10-16 23:33 - 000000000 ___RD C:\Users\Honza\Documents\Fotografie
2017-08-18 21:29 - 2015-11-21 14:44 - 000000000 ____D C:\Users\Honza
2017-08-18 21:25 - 2010-05-27 19:28 - 000000000 ___RD C:\Users\Honza\Filmy
2017-08-18 21:15 - 2015-11-23 22:24 - 000002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-18 21:15 - 2015-11-23 22:24 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-18 00:19 - 2015-08-16 23:07 - 000034092 _____ C:\Users\Honza\Desktop\udaje.txt
2017-08-17 23:32 - 2017-02-18 22:04 - 000027956 _____ C:\Users\Honza\Desktop\Slevomat-DámeJídlo.xlsx
2017-08-17 20:38 - 2015-07-10 10:28 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-17 20:38 - 2015-07-10 10:28 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-16 21:42 - 2012-09-25 22:50 - 000000000 ____D C:\CitrixUSBStore
2017-08-16 21:34 - 2011-11-19 21:07 - 000000000 ____D C:\Users\Honza\AppData\Roaming\vlc
2017-08-15 20:40 - 2016-10-15 20:52 - 000001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-15 09:06 - 2013-07-31 00:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-15 08:51 - 2010-04-15 22:50 - 137505280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-13 21:12 - 2015-11-21 14:43 - 001987308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-13 21:12 - 2015-09-10 06:00 - 000825926 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-13 21:12 - 2015-09-10 06:00 - 000184012 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-13 21:12 - 2015-07-10 10:27 - 000000000 ____D C:\WINDOWS\INF
2017-08-13 19:42 - 2017-06-05 18:48 - 000000000 ____D C:\Windows10Upgrade
2017-08-13 19:38 - 2017-07-13 16:53 - 000000820 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PomocnĂ­k s aktualizacĂ­ Windows 10.lnk
2017-08-13 19:38 - 2017-07-13 16:53 - 000000808 _____ C:\Users\Honza\Desktop\PomocnĂ­k s aktualizacĂ­ Windows 10.lnk
2017-08-12 21:30 - 2015-12-01 16:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-08 19:45 - 2015-07-10 10:28 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-05 20:19 - 2010-04-10 19:54 - 000000000 ____D C:\Users\Honza\AppData\Local\ElevatedDiagnostics
2017-08-03 21:11 - 2015-03-20 21:47 - 000000000 ____D C:\ProgramData\Skype
2017-07-31 00:12 - 2015-11-21 13:37 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2017-07-31 00:12 - 2015-11-21 13:37 - 000001908 _____ C:\WINDOWS\diagerr.xml
2017-07-30 22:46 - 2017-06-09 18:16 - 000000036 _____ C:\WINDOWS\progress.ini
2017-07-30 21:56 - 2017-06-05 18:53 - 000000000 ___HD C:\$GetCurrent
2017-07-30 18:42 - 2017-02-18 19:20 - 000002439 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-30 18:42 - 2015-11-21 15:37 - 000000000 ___RD C:\Users\Honza\OneDrive
2017-07-23 12:00 - 2009-12-02 03:44 - 000000340 _____ C:\WINDOWS\Tasks\SystemToolsDailyTest.job

==================== Files in the root of some directories =======

2013-02-03 23:10 - 2008-03-09 08:25 - 000000236 ____H () C:\Program Files\Common Files\dx.reg
2013-02-03 23:10 - 2013-02-03 23:10 - 000002176 _____ () C:\Program Files\Common Files\unins000.dat
2013-02-03 23:10 - 2013-02-03 23:10 - 000728858 _____ () C:\Program Files\Common Files\unins000.exe
2010-04-20 19:43 - 2010-12-25 21:08 - 000000320 _____ () C:\Users\Honza\AppData\Roaming\lenovo_config.dat
2002-08-29 17:33 - 2002-08-29 17:33 - 000319488 ____R () C:\Users\Honza\AppData\Roaming\MafiaSetup.exe
2013-01-12 00:36 - 2013-01-12 00:36 - 000022328 _____ () C:\Users\Honza\AppData\Roaming\PnkBstrK.sys
2010-04-14 09:34 - 2010-04-14 09:38 - 000008192 _____ () C:\Users\Honza\AppData\Roaming\records_db
2011-01-03 20:09 - 2014-12-25 18:08 - 000000924 _____ () C:\Users\Honza\AppData\Roaming\Rim.Desktop.Exception.log
2011-01-03 20:08 - 2014-04-27 21:24 - 000003363 _____ () C:\Users\Honza\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-11-10 00:11 - 2014-12-25 18:08 - 000000539 _____ () C:\Users\Honza\AppData\Roaming\Rim.DesktopHelper.Exception.log
2011-09-05 22:23 - 2013-06-13 21:56 - 000010571 _____ () C:\Users\Honza\AppData\Roaming\SmarThruOptions.xml
2013-12-19 20:23 - 2015-03-25 14:07 - 000000161 _____ () C:\Users\Honza\AppData\Roaming\WB.CFG
2010-04-18 22:53 - 2010-04-18 22:53 - 000001478 _____ () C:\Users\Honza\AppData\Roaming\Microsoft\suspend.ico
2013-11-21 20:54 - 2014-01-04 13:33 - 000000346 ___SH () C:\Users\Honza\AppData\Local\70149b02515b3bb20dd492.47983420
2010-05-24 20:01 - 2010-05-24 20:01 - 000003584 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-04-12 17:36 - 2010-04-12 17:36 - 000000017 _____ () C:\Users\Honza\AppData\Local\resmon.resmoncfg
2010-05-13 17:31 - 2010-05-13 17:31 - 000004886 _____ () C:\ProgramData\kgkketov.ixb
2010-05-13 17:31 - 2010-05-13 17:31 - 000005000 _____ () C:\ProgramData\xqkcebzs.dik

Files to move or delete:
====================
C:\Users\Honza\FordM.EXE


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job => C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\pcdr5cuiw32.exeK-backgroundmon scripts\backgroundmon.xml
Task: C:\WINDOWS\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdr5cuiw32.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Honza\Desktop" je 17 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WireLessMouse
C:\Program Files\Sta§en‚ programy\Myç SilverCrest 12018\English\StartAutorun.exe MouseDrv.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Honza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PopTray.lnk
C:\Program Files\Sta§en‚ programy\Ozn menˇ poçty\PopTray.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Sta§en‚ programy\\FlashGet\\FlashGet3.exe"="C:\\Program Files\\Sta§en‚ programy\\FlashGet\\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001


==================== End Of Log ==============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vypadávání internetu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKLM -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL =
BHO: No Name -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
C:\Program Files\Microsoft\BingBar
C:\Program Files\Google\Google Toolbar
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\cw5pp30k.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\cw5pp30k.default -> hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
CHR HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\kgkketov.ixb
C:\ProgramData\xqkcebzs.dik
C:\Users\Honza\FordM.EXE

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

nickzess
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 18 pro 2012 09:48

Re: Vypadávání internetu

#7 Příspěvek od nickzess »

Fix result of Farbar Recovery Scan Tool (x86) Version: 19-08-2017
Ran by Honza (19-08-2017 21:36:59) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKLM -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox;
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-1986333984-2678021812-3497317569-1003 -> {658CFA43-45F6-4A45-8A82-C93F0AB200FA} URL =
BHO: No Name -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-07-06] (Google Inc.)
C:\Program Files\Microsoft\BingBar
C:\Program Files\Google\Google Toolbar
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\cw5pp30k.default -> Bing
FF Keyword.URL: Mozilla\Firefox\Profiles\cw5pp30k.default -> hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
CHR HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\kgkketov.ixb
C:\ProgramData\xqkcebzs.dik
C:\Users\Honza\FordM.EXE

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value removed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{658CFA43-45F6-4A45-8A82-C93F0AB200FA} => key removed successfully.
HKLM\Software\Classes\CLSID\{658CFA43-45F6-4A45-8A82-C93F0AB200FA} => key not found.
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key removed successfully.
HKLM\Software\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key not found.
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{658CFA43-45F6-4A45-8A82-C93F0AB200FA} => key removed successfully.
HKLM\Software\Classes\CLSID\{658CFA43-45F6-4A45-8A82-C93F0AB200FA} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key removed successfully.
HKLM\Software\Classes\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully.
HKLM\Software\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key removed successfully.
C:\Program Files\Microsoft\BingBar => moved successfully
C:\Program Files\Google\Google Toolbar => moved successfully
Firefox SearchEngineOrder.3 removed successfully.
Firefox "Keyword.URL" removed successfully.
HKU\S-1-5-21-1986333984-2678021812-3497317569-1003\SOFTWARE\Google\Chrome\Extensions\gnlaniokgfckpjblpafbfchhghecmifi => key removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1986333984-2678021812-3497317569-1003UA.job => moved successfully
C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\kgkketov.ixb => moved successfully
C:\ProgramData\xqkcebzs.dik => moved successfully
C:\Users\Honza\FordM.EXE => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11743804 B
Java, Flash, Steam htmlcache => 36220 B
Windows/system/drivers => 1646880 B
Edge => 2915577 B
Chrome => 162695978 B
Firefox => 20071333 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 83598 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 619454 B
NetworkService => 640 B
Honza => 20482487 B
DefaultAppPool => 75402 B

RecycleBin => 0 B
EmptyTemp: => 210.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:40:11 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vypadávání internetu

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

nickzess
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 18 pro 2012 09:48

Re: Vypadávání internetu

#9 Příspěvek od nickzess »

Bohužel, internet opět vypadnul :(
Navíc při otevření prohlížeče se mi otevřou 2 záložky s nějakým Cleanem... (hotcleaner.com)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vypadávání internetu

#10 Příspěvek od Rudy »

Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

nickzess
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 18 pro 2012 09:48

Re: Vypadávání internetu

#11 Příspěvek od nickzess »

Po Zoek restart neproběhl, ani se neobjevil log, nicméně jsem ho našel, tak posílám:

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Honza on ne 20. 08. 2017 at 20:31:13,12.
Microsoft Windows 10 Pro 10.0.10240 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Honza\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20. 8. 2017 20:37:18 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\Codemasters deleted successfully
C:\Program Files\Full Tilt Poker.Net deleted successfully
C:\Program Files\GUM6538.tmp deleted successfully
C:\Program Files\MetaGeek deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Common Files\eBay deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\PROGRA~2\Comms deleted successfully
C:\PROGRA~2\ICQ deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Honza\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Honza\AppData\Local\EmieSiteList deleted successfully
C:\Users\Honza\AppData\Local\EmieUserList deleted successfully
C:\Users\Honza\AppData\Local\ms-drivers deleted successfully
C:\Users\Honza\AppData\Local\NetworkTiles deleted successfully
C:\Users\Honza\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Honza\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{252403bd-2b83-472d-ea80-92cbfe84dcd2} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70e791cc-1dc4-4390-2299-f3b2e3acf2ca} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{1C68C940-1B2F-46EB-BD8C-2E1612FF6A58} deleted successfully
HKEY_USERS\S-1-5-21-1986333984-2678021812-3497317569-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{1C68C940-1B2F-46EB-BD8C-2E1612FF6A58} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SeaPort deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SeaPort deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\BBSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BBSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TPHDEXLGSVC deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");

Added to C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Program Files\Codemasters not found
C:\Program Files\Full Tilt Poker.Net not found
C:\Program Files\GUM6538.tmp not found
C:\Program Files\MetaGeek not found
C:\Program Files\DVDFab 8 Qt deleted
C:\WINDOWS\system32\appdata deleted
C:\Program Files\Maple 14 deleted
C:\Users\Honza\AppData\LocalLow\Miniclip deleted
C:\install.exe deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Honza\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Honza\AppData\LocalLow\Unity deleted
C:\WINDOWS\System32\tmp4107.tmp deleted
C:\WINDOWS\System32\tmp4117.tmp deleted
C:\WINDOWS\System32\tmp979D.tmp deleted
"C:\Users\Honza\AppData\Roaming\records_db" deleted
"C:\Users\Honza\AppData\Roaming\MoveFab" deleted
"C:\Users\Honza\AppData\Local\Unity" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [11. 10. 2016 19:51]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default
- Text Link - %ProfilePath%\extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\cw5pp30k.default
7E63C9FB4627BFFDCF88B57FACD45695 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_151.dll - Shockwave Flash
CD656126C7A56461A4A57BE0BC1FE0DA - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
D9F9ED68815333915D0F54F87FD9B375 - C:\WINDOWS\system32\Adobe\Director\np32dsw_1228198.dll - Shockwave for Director / Shockwave for Director
2D45A8274592D965EDFB62ACCB1150B1 - C:\Users\Honza\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll - Google Update
52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
25FA8C3B9789A26CA7D61C8E9B4EA799 - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll - RIM Handheld Application Loader
3538BD1667DE3AF6E6FD0AA62A6DB55C - C:\Program Files\Research In Motion Limited\BlackBerry World Browser Plugin\npappworld.dll - BlackBerry AppWorld
AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
C45A130CA14334073C0FF795897A1D22 - c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll - Silverlight Plug-In
B24F014C6DDA5A39CE7FCB2A8B862C5A - c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrlui.dll - Microsoft® Silverlight
1E96525AE85D402F9F8047F8CAEF5F06 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 6 U29
47AFF25B68CE4885FEC6CFDEF8FEBB5C - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.290.11
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
472B98790B5A7A048C58BA728A5372AB - C:\Program Files\Citrix\ICA Client\npicaN.dll - Citrix ICA Client
4A270804DC8AB72DCB4F694D050A3517 - C:\Users\Honza\AppData\Roaming\IDM\bin\npWidevineMediaOptimizer.dll - Widevine Media Optimizer
F34CD16B3BBB90B5B0A6565712598E2D - C:\Users\Honza\AppData\LocalLow\PowerChallenge\nppowerloader.dll - Power Challenge Loader
2D45A8274592D965EDFB62ACCB1150B1 - C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll - Google Update


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[]
gnlaniokgfckpjblpafbfchhghecmifi - C:\Users\Honza\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
fcfenmboojpjinhpgggodefccipikbpd - No path found[]

Seznam.cz - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc
Plná Peněženka Lištička - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek
Avast SafePrice - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
CloudCockpit Secure Logon - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjhemmolgagmlnmkijimihpihajekbdp
EditThisCookie - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg
diskuze.pozary.cz - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbemagncoffhaeakhjpmfhmdhifkjfoo
Plus 25 - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbiihbcjjmpoicibkilghglikmfcjbjd
Portál ČHMÚ : Předpovědi : Předpovědi... - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpochgjjobopmjeeoedohlnngbmlkloa
Předpověď počasí - Mrakoplašova předp... - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pglfllomkadlhgbopeenbggbfekpkmpf
Chrome Media Router - Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{10CFA866-3138-429D-BF75-F590E670B186}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{10CFA866-3138-429D-BF75-F590E670B186} Google Url="http://www.google.com/search?q={searchT ... NH_csCZ683"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"
{938F3005-BFBA-4BC5-B8A9-3DD94A243DCB} Seznam Url="http://search.seznam.cz/?q={searchTerms ... chmodule_2"
{C5761109-66CB-4308-B879-BF8F6D89BB32} ¬SFD Url="http://www.csfd.cz/hledani-filmu-hercu- ... earchTerms}"
{C5761109-66CB-4308-B879-BF8F6D89BB32} ¬SFD Url="http://www.csfd.cz/hledani-filmu-hercu- ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gnlaniokgfckpjblpafbfchhghecmifi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\Users\Honza\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Honza\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1989 folders=285 1261296676 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot



JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x86
Ran by Honza (Administrator) on ne 20. 08. 2017 at 21:55:30,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job (Task)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{938F3005-BFBA-4BC5-B8A9-3DD94A243DCB} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 20. 08. 2017 at 22:06:17,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vypadávání internetu

#12 Příspěvek od Rudy »

Vyčištěno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

nickzess
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 18 pro 2012 09:48

Re: Vypadávání internetu

#13 Příspěvek od nickzess »

Bohužel net stále vypadne cca po 30min po zapnutí, ale změna nyní byla alespoň v tom, že už se mi načte seznam wifi, takže si tam najdu jen svoji síť a připojím se... Což dříve nešlo, musel jsem přes odstranit potíže.
Ale proč to stále vypadává, to nevím...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118744
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Vypadávání internetu

#14 Příspěvek od Rudy »

Zkuste přeinstalovat ovladač síťového adaptéru. Pokud to nepomůže, restartujte modem, router a příp. další síť. prvky v datové cestě. Pokud ani pak nedosáhněte změny, obraťte se na providera.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

nickzess
Návštěvník
Návštěvník
Příspěvky: 66
Registrován: 18 pro 2012 09:48

Re: Vypadávání internetu

#15 Příspěvek od nickzess »

Na druhém PC problém není, takže to bude v PC, zkusím ten ovladač, každopádně vám moc díky za pomoc i vyčištění :)

Odpovědět