Prosím o kontrolu - taskeng.exe Vyřešeno

[Kanovka]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8025009B-BDF5-472C-AE16-7EB57C5F5BD4}
Path REG_SZ \Microsoft\Windows\Media Center\UpdateRecordPath
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF000000000000000000214202484848482E977B9B484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 030000006D131655599DCA0100000000000000000000000000000000
Hash REG_BINARY EB28225E5ADAD1323F85643ABEC315B0F6F9F15D232F4DA9D56085F77D31388C

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81540B9F-B5BF-47EB-9C95-BE195BF2C664}
Path REG_SZ \Microsoft\Windows\NetTrace\GatherNetworkInfo
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000085400348484848A31C713A484848480048484848484848004848484848484804000000484848481000000048484848010200000000000520000000210200000000000048484848380000004848484800000000FFFFFFFF80F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000750070000000000000000000
DynamicInfo REG_BINARY 030000001CDF982E4104CA0100000000000000000000000000000000
Hash REG_BINARY 9E154171408F80E0D5CEB4D8F775758B345B3FD705AD0B3058B1732870BE807F

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88D86780-E99E-41C2-BE56-77BBA66FE47D}
Path REG_SZ \WPD\SqmUpload_S-1-5-21-3468492827-1949538206-1100751284-1003
Hash REG_BINARY C90D78A90A02309618297931740D898BF2E0530D32B187593AFD19D47BCD2AC7
Triggers REG_BINARY 150000000000000001F6DC010000000000A0ABD56D4CC80101F6DC01000000000080D8FCAD84D001D221C102484848480D5B8AF8484848480048484848484848004848484848484801000000484848481C000000484848480105000000000005150000001B00BDCE9E973374B4219C41EB030000484848481E000000484848484C00750063006B0061002D00500043005C004C00750063006B006100000048483800000048484848580200007043010084030000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD00000000000001F6DC010000000000A0ABD56D4CC80101F6DC01000000000080D8FCAD84D001000000000000000000000000000000000000000000000000FFFFFFFF0100000001000000000000000001000001000000100E000000000000
DynamicInfo REG_BINARY 03000000E90C2FBE0A63D00100000000000000000000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9029DB55-362D-4EF2-9CE2-667FBA2F4FBF}
Path REG_SZ \Microsoft\Windows\Setup\gwx\refreshgwxcontent
Hash REG_BINARY 20CF37CC427059DA9D20908DFB7AD588AEC862ECB92CEF7738174678091798E0
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000070260300000000FFFFFFFFFFFFFFFFC0214203484848482747FDA6484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD000000000000017026030000000000201676A646CE0100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF010000000100000000000000000100000100000080510100000000008888000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000007000001006900630065003A00000035003000
DynamicInfo REG_BINARY 0300000051A64FFE726ED00100000000000000000000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90C7F79C-7DC0-417E-900D-D5F08E6474F2}
Path REG_SZ \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline
Triggers REG_BINARY 1500000000000000007D1602000000000050DD9337C6D001007D160200000000FFFFFFFFFFFFFFFFC821C20248484848B4256D80484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000513000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD000000000000007D1602000000000050DD9337C6D00100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF010000005A0000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 030000005586E72D2412CB0100000000000000000000000000000000
Hash REG_BINARY 3988CFAD7237D413B24E6C5739024BE83D91A75B33A9D21E2B0D7BB248CE6B7B

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9435F817-FED2-454E-88CD-7F78FDA62C48}
Path REG_SZ \Microsoft\Windows\WDI\ResolutionHost
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000085C003484848489D84F470484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000504000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF0A000000000000000000000000000000000000000000000000000000750070000000000000000000
DynamicInfo REG_BINARY 030000007C409B2E4104CA0100000000000000000000000000000000
Hash REG_BINARY 7678F283CD528277951D5955D00319DC3E404F5D6AD8E0806B80DC781E7181CA

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94B51E70-B4CA-4736-B13E-641F246C02D6}
Path REG_SZ \Microsoft\Windows\SideShow\SystemDataProviders
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF002102024848484888275990484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000513000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000540072000000000000000000AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF1E000000FFFFFFFF0000000000000000000000000000000001FED4010000000005000000000000000148484848484848
DynamicInfo REG_BINARY 0300000057221451599DCA0100000000000000000000000000000000
Hash REG_BINARY 8DFB2AAA49E262BC3CA3901D44152079D55567AAA637743E01E34DF36A5FB4C7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9708D205-C9EE-45FD-8E28-6217B824B6D5}
Path REG_SZ \CCleanerSkipUAC
Hash REG_BINARY 24532C423B6FAA46762001F2BA9E48F02176BAB5BCC5C2F5BF3C82DC63697060
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000805410148484848FBA2C579484848480048484848484848004848484848484801000000484848481C000000484848480105000000000005150000001B00BDCE9E973374B4219C41EB030000484848481E000000484848484C00750063006B0061002D00500043005C004C00750063006B00610000004848380000004848484800000000FFFFFFFF80F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}
Path REG_SZ \Microsoft\Windows\SystemRestore\SR
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001272FBFE070000FFFFFFFFFFFFFFFF5221420248484848EDD0741F484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848483800000048484848580200007043010080F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000220020000000000000000000DDDD000000000000011272FBFE0700000080E1017470C50100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF01000000010000000000000000010000010000000000000000000000FFFF000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF08070000FFFFFFFF0000000000000000000000000000000001000000000000000000000003000000
DynamicInfo REG_BINARY 03000000E9E1E22C4104CA0100000000000000000000000000000000
Hash REG_BINARY A2281A82814B04BF0AE2441991C482C4859EA3BFF19E695D72CDF0B8E25A481C

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9979CB83-103A-4105-9E5D-C74B0AF6D198}
Path REG_SZ \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF908500024848484824A4C7D0484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000504000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF070000003C00000005000000000000000000000000000000000000000000000000000000000000007777000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001FFFFFF020000000100100000000000070000000000000001484848484848487777000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001665300000000000000000000000000080000008573C0010148484848484848
DynamicInfo REG_BINARY 03000000DCA19D2E4104CA0100000000000000000000000000000000
Hash REG_BINARY F2CE6AB8C22DCF1780141867455A46FA6D08F08C5B5D482002372E5FDE059B43

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1DA1C7D-C02B-4955-8AFD-2FE4951FD41E}
Path REG_SZ \Microsoft\Windows\Media Center\PBDADiscoveryW2
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000004005420248484848215727BB484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484800000000FFFFFFFF100E0000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 030000001C84095B599DCA0100000000000000000000000000000000
Hash REG_BINARY D2B529269E9CD0C8E777506B13CBC3B9EC133ADCFA2160D03B795663C6D14D51

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A35BB7A6-5F0C-4C9F-8450-2B3BED532D51}
Path REG_SZ \Microsoft\Windows\WindowsColorSystem\Calibration Loader
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF0091000248484848A34B56BE484848480048484848484848004848484848484804000000484848481000000048484848010200000000000520000000210200000000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000750070000000000000000000AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000000000010041003B003B003B0042004100290001484848484848487777000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001002D0065006E00650072006700790001000000000070000148484848484848
DynamicInfo REG_BINARY 03000000CDD3012D4104CA0100000000000000000000000000000000
Hash REG_BINARY 1C5E72CB821B89108191AC5B7FD3157B5CCE0474EDD44C9D1CEC819787F288AB

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A48CABBF-24C8-4B87-B00F-9261807C3B43}
Path REG_SZ \Microsoft\Windows\AppID\PolicyConverter
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF000000000000000040110202484848483498017A484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 03000000D6017B2F4104CA0100000000000000000000000000000000
Hash REG_BINARY C645BB8F8D8C5DE3EA7A893D785BD95FC06FA4D7810745FE4E78E392009FFFB8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}
Path REG_SZ \Microsoft\Windows\Location\Notifications
Triggers REG_BINARY 1500000000000000001624FBFE0700000000000000000000001624FBFE070000FFFFFFFFFFFFFFFF0085400248484848DFDD7976484848480048484848484848004848484848484805000000484848480C0000004848484801010000000000050B000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000CCCC000000000000001624FBFE0700000000000000000000001624FBFE070000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001010000000000052000000000000000A4000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D0022004100700070006C00690063006100740069006F006E0022003E003C00530065006C00650063007400200050006100740068003D0022004100700070006C00690063006100740069006F006E0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D0027004C006F0063006100740069006F006E004E006F00740069006600690063006100740069006F006E00730027005D00200061006E00640020004500760065006E007400490044003D0031005D005D003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E000000484848484848000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 03000000D6017B2F4104CA0100000000000000000000000000000000
Hash REG_BINARY E2EEC5DC638B16A8DCF4E83A3514F28DC7FFB5CA04854176D252D9095C29B343

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}
Path REG_SZ \Microsoft\Windows\Application Experience\AitAgent
Triggers REG_BINARY 1500000000000000011272FBFE0700000004C51F5309C801001272FBFE070000FFFFFFFFFFFFFFFF7E214202484848482774D537484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848483800000048484848B40000006035010080F40300FFFFFFFF09000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD000000000000011272FBFE0700000004C51F5309C80100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF01000000010000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 030000005787842F4104CA0100000000000000000000000000000000
Hash REG_BINARY 9A13FF7FB54C9212AAC3663AEE2889A6AFB0BA6898ABC3F9A811E6216987B833

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC668097-4D6B-4093-AC14-014C09DBF820}
Path REG_SZ \Microsoft\Windows\Ras\MobilityManager
Triggers REG_BINARY 1500000000000000001624FBFE0700000000000000000000001624FBFE070000FFFFFFFFFFFFFFFF40054202484848484716FF88484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848480000000048484848CCCC000000000000001624FBFE0700000000000000000000001624FBFE070000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000000000010100000000000520000000000000002A010000000000003C00510075006500720079004C006900730074003E000A00200020002000200020002000200020002000200020002000200020003C00510075006500720079000A00200020002000200020002000200020002000200020002000200020002000200020002000490064003D002200300022000A0020002000200020002000200020002000200020002000200020002000200020002000200050006100740068003D0022004100700070006C00690063006100740069006F006E0022000A002000200020002000200020002000200020002000200020002000200020002000200020003E000A0020002000200020002000200020002000200020002000200020002000200020003C00530065006C00650063007400200050006100740068003D0022004100700070006C00690063006100740069006F006E0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D00270052006100730043006C00690065006E00740027005D00200061006E006400200028004C006500760065006C003D00340020006F00720020004C006500760065006C003D0030002900200061006E006400200028004500760065006E007400490044003D003200300032003800310029005D005D003C002F00530065006C006500630074003E000A00200020002000200020002000200020002000200020002000200020003C002F00510075006500720079003E000A002000200020002000200020002000200020002000200020003C002F00510075006500720079004C006900730074003E0000004848000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 0300000098CF922F4104CA0100000000000000000000000000000000
Hash REG_BINARY 472F2F6E40D88458D92B946C81BA9225D63C0BD045FBAB63CAEF1904BC35BA73

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0CBAB43-44FC-469B-A4CE-87426761FDCE}
Path REG_SZ \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF102182024848484803D61589484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848480000000048484848EEEE000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001000000000000000000000003000000DDDD000000000000011272FBFE0700000078BA3F01C2C80100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF01000000010000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 03000000F930952F4104CA0100000000000000000000000000000000
Hash REG_BINARY 8A4BC3FB22E943EDE5A98456CCAF3453D4DDD613D1A3265017967ABC8C779E7D

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2807388-763A-409F-BB10-DB9634341354}
Path REG_SZ \Microsoft\Windows\Media Center\StartRecording
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000004807420248484848FB7B73CB484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000514000000484848480000000048484848380000004848484858020000100E000080F40300FFFFFFFF070000000000000000000000000000000000000000000000000000002E0045000000000000000000
DynamicInfo REG_BINARY 03000000983C4D112A0ECB0100000000000000000000000000000000
Hash REG_BINARY 6F3251475E855FE31A519893A624488246E71775F85E8A3FF3D3B155D2685F76

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B533B790-846F-46B2-815D-F87A34316BA6}
Path REG_SZ \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000005420248484848BB353C89484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005140000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 0300000083875B5C599DCA0100000000000000000000000000000000
Hash REG_BINARY 0582C3DC8E70BC6FAEEB500EB43EEBB03B2D607B40B61B59C0BC46292F5BE42A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB03B6FE-4027-42AC-A5C9-15B9CB2B5B20}
Path REG_SZ \Microsoft\Windows\Media Center\OCURDiscovery
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF000000000000000000214202484848485C36CF06484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 030000004342AC53599DCA0100000000000000000000000000000000
Hash REG_BINARY 1FC092677FA581A6F0D9017D0F02E74681A0DA6B0AF0EEF0E204E92D1605757A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCE49BDB-1121-4402-96E2-2616D2915E4E}
Path REG_SZ \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser
Hash REG_BINARY 5E2884B957048F8DB9C65478FE036ED8126C7890562B93BD40762553740BF0A9
Triggers REG_BINARY 1500000000000000011D90010000000000B894F18D62CF01001D900100000000FFFFFFFFFFFFFFFFC0214202484848488476D4F9484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484800000000FFFFFFFF80F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD000000000000011D90010000000000B894F18D62CF0100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF0100000001000000000000000001000001000000201C000000000000
DynamicInfo REG_BINARY 030000000D10ED336F46D00100000000000000000000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDCB12A3-AB22-4AFD-A73B-FB1BE44BCD75}
Path REG_SZ \Adobe Flash Player Updater
Hash REG_BINARY F1FCE6F48970832796ECD3B3AF3877004BFF79F9582E1CE655BF4462274B480B
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF2821410048484848F3FE227F484848480048484848484848004848484848484801000000484848481C000000484848480105000000000005150000001B00BDCE9E973374B4219C41EB030000484848481E000000484848484C00750063006B0061002D00500043005C004C00750063006B00610000004848380000004848484800000000FFFFFFFF80F40300FFFFFFFF09000000000000000000000000000000000000000000000000000000000000000000000000000000AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF100E000000000000000000000000000001006900630065003A00000069002E000148484848484848
DynamicInfo REG_BINARY 03000000A1A3E602C01BCD01F0D91FCD3D8BD0010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE669C13-8165-4536-96D0-6D6C39292AAE}
Path REG_SZ \Microsoft\Windows\Diagnosis\Scheduled
Triggers REG_BINARY 1500000000000000011272FBFE0700000068B69402D0C301001272FBFE070000FFFFFFFFFFFFFFFF7289C00348484848AB8C36E4484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005040000004848484800000000484848483800000048484848580200008070000080F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD000000000000011272FBFE0700000068B69402D0C30100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF02000000010001000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 03000000419ADC2F4104CA0100000000000000000000000000000000
Hash REG_BINARY 82EBD60108500FCD357BF28CCE5952EFB6FF943B38E8250A3AF34507C6162FAE

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C016366B-7126-46CA-B36B-592A3D95A60B}
Path REG_SZ \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
Triggers REG_BINARY 1500000000000000011272FBFE07000000C05B5DC3D0C301001272FBFE070000FFFFFFFFFFFFFFFF4021420248484848F3FE730B484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848DDDD000000000000011272FBFE07000000C05B5DC3D0C3010000000000000000000000000000000000000000000000000000000000000000300B010000000000FFFFFFFF00000000000000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 03000000025DE12F4104CA0100000000000000000000000000000000
Hash REG_BINARY 555CD377BA0A0532A5630EBE96AE9DB1843E642B2A15BA07C40C8B67BE00E87F

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E}
Path REG_SZ \Microsoft\Windows\Registry\RegIdleBackup
Triggers REG_BINARY 1500000000000000011272FBFE07000000C07640094CC801001272FBFE070000FFFFFFFFFFFFFFFF4E20C20248484848C7925C29484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848483800000048484848B40000007043010000000000FFFFFFFF05000000000000000000000000000000000000000000000000000000750070000000000000000000DDDD000000000000011272FBFE07000000C07640094CC80100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF010000000A000000000000000001000001000000100E000000000000
DynamicInfo REG_BINARY 03000000A81C18304104CA0100000000000000000000000000000000
Hash REG_BINARY AE0DB2F31A30B208E0C50EF64C29948A828612AC605CA8F6B3E42F51EA6C09E1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186}
Path REG_SZ \Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF2811C2034848484866D894B3484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484858020000100E000080F40300FFFFFFFF0700000000000000000000000000000000000000000000000000000022436F6C0000000000000000CCCC000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF0F000000FFFFFFFF0000000000000000000000000000000001010000000000052000000000000000A5000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D002200530079007300740065006D0022003E003C00530065006C00650063007400200050006100740068003D002200530079007300740065006D0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D0027004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D00470072006F007500700050006F006C0069006300790027005D00200061006E00640020004500760065006E007400490044003D0031003500300032005D005D003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E000000484848480000000000000000000000000000000000000000000000008888000000000000001624FBFE0700000000000000000000001624FBFE070000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001000000000000000000000003000000
DynamicInfo REG_BINARY 03000000087E1A304104CA0100000000000000000000000000000000
Hash REG_BINARY 40F4A1B4CBF346720B7A186AAE912FCEA1FBE0DD82F48F51FCB9AD1A76BF2525

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB5533AB-3565-42A9-9E94-9C93360CDDB5}
Path REG_SZ \RealUpgradeScheduledTaskS-1-5-21-3468492827-1949538206-1100751284-1003
Hash REG_BINARY 1D4312D369C16318AF20DBAAB24F21F0A81E86DE0D03ABC87A96ABC98065F4F3
Triggers REG_BINARY 15000000000000000184C9010000000080D7421FBFDDCF010084C90100000000FFFFFFFFFFFFFFFF382141004848484894648648484848480048484848484848004848484848484801000000484848481C000000484848480105000000000005150000001B00BDCE9E973374B4219C41EB030000484848481E000000484848484C00750063006B0061002D00500043005C004C00750063006B00610000004848380000004848484858020000100E000080F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD0000000000000184C9010000000080D7421FBFDDCF0100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF01000000070000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 03000000ED44585CAEDDCF0170185E4F3388D0010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB59A07C-1480-4A85-A8E5-276443A8223E}
Path REG_SZ \Microsoft\Windows\Media Center\PBDADiscoveryW1
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF0000000000000000400542024848484820231FCE484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484800000000FFFFFFFF100E0000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 0300000090C7A05A599DCA0100000000000000000000000000000000
Hash REG_BINARY ED6C3AF77BC32514D0E4A46115FB377242E60FDE46F8FF3785AF624B20462691

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}
Path REG_SZ \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF00A0C00248484848F1D7B9294848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848480000000048484848CCCC000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF00000000FFFFFFFF000000000000000000000000000000000101000000000005200000000000000099000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D002200530079007300740065006D0022003E003C00530065006C00650063007400200050006100740068003D002200530079007300740065006D0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D0027004100700070006C00690063006100740069006F006E00200050006F0070007500700027005D00200061006E00640020004500760065006E007400490044003D0031003800300031005D005D003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E00000048484848000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 0300000068DF1C304104CA0100000000000000000000000000000000
Hash REG_BINARY 39D0B04F356DF6650E076076255CE26CE27591428740C759241D2B1AEE37F612

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}
Path REG_SZ \Microsoft\Windows\Windows Error Reporting\QueueReporting
Triggers REG_BINARY 1500000000000000001624FBFE0700000000000000000000001624FBFE070000FFFFFFFFFFFFFFFF40854002484848488A154A60484848480048484848484848004848484848484804000000484848481000000048484848010200000000000520000000210200000000000048484848380000004848484800000000FFFFFFFF80F40300FFFFFFFF05000000000000000000000000000000000000000000000000000000750070000000000000000000AAAA000000000000001624FBFE0700000000000000000000001624FBFE070000FFFFFFFFFFFFFFFF0C030000FFFFFFFF00000000000000000000000000000000010000000000000000000000030000000148484848484848
DynamicInfo REG_BINARY 030000002D35042D4104CA0100000000000000000000000000000000
Hash REG_BINARY 6EB7D50A0F0E813EF39052146B2AB58692ED68D82E0E8E733043ECC9334D16D1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D232EDDF-89F1-4363-898F-F2A9A645EB0E}
Path REG_SZ \{9C3A888E-0D7F-4847-B562-75456714FFA1}
Hash REG_BINARY 77F4344500DF261060C3DE3221F32776112340130E7285C6A3AABF52FDDDC278
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF282141004848484851E216A9484848480048484848484848004848484848484801000000484848481C000000484848480105000000000005150000001B00BDCE9E973374B4219C41EB030000484848481E000000484848484C00750063006B0061002D00500043005C004C00750063006B00610000004848380000004848484858020000100E000080F40300FFFFFFFF070000000000000000000000000000000000000000000000000000000000000000000000000000008888000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF00000000000000000000000000070000010042003000390035007D0000003000
DynamicInfo REG_BINARY 0300000087BDAA82CD42CF01B832AB82CD42CF010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7B6E81D-3CF4-432C-84D2-24213F4316E6}
Path REG_SZ \Microsoft\Windows\Autochk\Proxy
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF4221420248484848B1B1AB59484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848483800000048484848580200008033E10180F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000FFFF000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF08070000FFFFFFFF0000000000000000000000000000000001000000000000000000000003000000
DynamicInfo REG_BINARY 030000004A43E52C4104CA0100000000000000000000000000000000
Hash REG_BINARY 02E603F0F0B98221F070DD81A88B3DB67CE5DA315BC568423732F9EED15F3F79

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA41DE71-8431-42FB-9DB0-EB64A961DEAD}
Path REG_SZ \Microsoft\Windows\Maintenance\WinSAT
Triggers REG_BINARY 150000000000000001639F010000000000283BA2114CC80100639F0100000000FFFFFFFFFFFFFFFF3AA1400348484848CF58B3E3484848480048484848484848004848484848484804000000484848481000000048484848010200000000000520000000200200000000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD00000000000001639F010000000000283BA2114CC80100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF02000000010001000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 03000000C9401F304104CA0100000000000000000000000000000000
Hash REG_BINARY 3DF5B3E5476EEDF9879FEF7C778458C11D1D808E0F501F03C4C0F19FA0CE2D69

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA5912ED-6901-44F2-96E3-A475BCAB877E}
Path REG_SZ \OfficeSoftwareProtectionPlatform\SvcRestartTask
Hash REG_BINARY 92F2E9D6862C71BBE2BF916CACB2355364BB50257DCC1FFC146D5FB3C8A5AA47
Triggers REG_BINARY 1500000000000000012F2F02000000000000F232FACFC301002F2F0200000000FFFFFFFFFFFFFFFF4821820248484848E4E64FB0484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000514000000484848480000000048484848380000004848484858020000100E000000000000FFFFFFFF070000003C0000000300000000000000000000000000000000000000000000000000000000000000DDDD000000000000012F2F02000000000000F232FACFC30100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF01000000010000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 030000005D08618AA484CF0100000000000000000000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD9F510C-95F4-499A-90C8-BAC5BC372FF4}
Path REG_SZ \Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Triggers REG_BINARY 1500000000000000011272FBFE0700000000F232FACFC301001272FBFE070000FFFFFFFFFFFFFFFF4021820248484848217B8E98484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000514000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF070000003C0000000300000000000000000000000000000000000000000000000000000000000000DDDD000000000000011272FBFE0700000000F232FACFC30100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF01000000010000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 0300000029A221304104CA0100000000000000000000000000000000
Hash REG_BINARY FD59AA8FA7E6D6C681945135C99BCEAC82F3DB23B037253C8DAD1617F5C5E425

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDFE4568-EF08-4908-B8C0-773F8F6CAC8E}
Path REG_SZ \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
Triggers REG_BINARY 15000000000000000137C001000000000068B69402D0C3010037C00100000000FFFFFFFFFFFFFFFF52218202484848488ACEFD74484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848DDDD0000000000000137C001000000000068B69402D0C30100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF02000000020001000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 03000000CD9B36631210CA0100000000000000000000000000000000
Hash REG_BINARY 9615D02C18C2E20A2C5D63731D4143F49CD173A5C6E09584EA1A72DC9A6CFF48

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E22A8667-F75B-4BA9-BA46-067ED4429DE8}
Path REG_SZ \Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF0010C20248484848170F4F6E484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484800000000FFFFFFFF80F40300FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000CCCC000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001010000000000052000000000000000D3000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D002200530079007300740065006D0022003E003C00530065006C00650063007400200050006100740068003D002200530079007300740065006D0022003E002A002F00530079007300740065006D002F00500072006F00760069006400650072005B0040004E0061006D0065003D0027005300650072007600690063006500200043006F006E00740072006F006C0020004D0061006E00610067006500720027005D00200061006E00640020002A002F00530079007300740065006D002F004500760065006E007400490044003D00270037003000340030002700200061006E00640020002A002F004500760065006E00740044006100740061002F0044006100740061005B0040004E0061006D0065003D00270070006100720061006D00340027005D003D00270042004600450027003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E000000000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 0300000029A221304104CA0100000000000000000000000000000000
Hash REG_BINARY CD3589987E9B5E1E6B4EEC849A5ADBBEECEA05CB35BB86B07AC66C4029EB0D6D

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2E6CEC3-CC1D-4F5B-86AB-C5A767D4DF59}
Path REG_SZ \Microsoft\Windows\Media Center\ehDRMInit
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000021420248484848E8DDC73B484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 03000000850BD154599DCA0100000000000000000000000000000000
Hash REG_BINARY 9B2BFF8825669B3C372748418CC0EB39C719BDAEBCD676CC7B39E1022601A0BF

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3163C33-301D-4730-A266-5518C5ED3967}
Path REG_SZ \Microsoft\Windows\Bluetooth\UninstallDeviceTask
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF000000000000000010054202484848480D99DFD7484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 03000000890324304104CA0100000000000000000000000000000000
Hash REG_BINARY 90A6903C079DE796E0B72C7C3B740EA1AD655883DF0AC5468E3EB70311B7E7F7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5957457-6753-4E51-B732-B07C4D71262D}
Path REG_SZ \Microsoft\Windows\Media Center\RegisterSearch
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000021420248484848A9A3FB23484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 030000007C609B55599DCA0100000000000000000000000000000000
Hash REG_BINARY 3C0B66D64686766827850B149B5AFB544220673B5B4D47CB5556EF2C868E2381

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EACA24FF-236C-401D-A1E7-B3D5267B8A50}
Path REG_SZ \Microsoft\Windows\RAC\RacTask
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF4021C20248484848E9C5E87D484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000513000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000CCCC000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001010000000000052000000000000000A8000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D0022004100700070006C00690063006100740069006F006E0022003E003C00530065006C00650063007400200050006100740068003D0022004100700070006C00690063006100740069006F006E0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D0027004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D00430045004900500027005D00200061006E00640020004500760065006E007400490044003D0031003000300037005D005D003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E000000484848484848000000000000000000000000000000000000000000000000DDDD000000000000001272FBFE0700000040A429C292C8010000000000000000000000000000000000000000000000000000000000000000100E000000000000FFFFFFFF00000000000000000000000000010000010000008403000000000000
DynamicInfo REG_BINARY 03000000890324304104CA0100000000000000000000000000000000
Hash REG_BINARY E59879E1FF87CB7D11142664C919E0ADF61F5A9687D697C3F1C204FA4C56E303

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}
Path REG_SZ \Microsoft\Windows\MUI\LPRemove
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF12214203484848489B41D2D8484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484858020000FFFFFFFF907E0000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000FFFF000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFFDC050000FFFFFFFF0000000000000000000000000000000001000000000000000000000003000000
DynamicInfo REG_BINARY 030000004A43E52C4104CA0100000000000000000000000000000000
Hash REG_BINARY 47D45B031C1994B39C49EF36D6FE80FBEC111F7D6EF3E282476EF5D77E097DAB

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB59F496-9123-4838-9893-F5AC001887D0}
Path REG_SZ \Microsoft\Windows\MUI\Lpksetup
Triggers REG_BINARY 150000000000000001639F0100000000800EF7A9BC0FCB0101639F010000000000C024BA1856E10148214200484848485FDF1351484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484858020000100E000080F40300FFFFFFFF07000000580200000500000000000000000000000000000000000000000000000000000000000000FFFF00000000000001639F0100000000800EF7A9BC0FCB0101639F010000000000C024BA1856E10100000000FFFFFFFF0000000000000000000000000007000001006E00530041005400000035003000
DynamicInfo REG_BINARY 03000000D220B4C3AB0FCB0185D45183138BD0010000000000000000
Hash REG_BINARY 7A13768A6D41AE1CC23BA50E6204BA6EA07CF7BE330B8B791726F4D96BEB2253

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED07DB77-0280-406B-96D2-2229A63E1BFC}
Path REG_SZ \Microsoft\Windows\Media Center\InstallPlayReady
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF000000000000000000054202484848484A08CFB1484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 03000000464FEC55599DCA0100000000000000000000000000000000
Hash REG_BINARY FA87213DE12B497A787F46A1863343D4C9578E30570573918454DF0528610310

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDBF2DAA-728E-429F-B6C5-AC36A2B3D997}
Path REG_SZ \Microsoft\Windows\Media Center\OCURActivate
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000021420248484848C7422EAF484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 030000007EEA9754599DCA0100000000000000000000000000000000
Hash REG_BINARY 21F0C71001FDAD4060D134F2914F036D1DAA814D9CF6206B8BBEA1D09AC5125B

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE647D61-A8B5-4353-97B7-88ED864A51F3}
Path REG_SZ \Microsoft\Windows\SideShow\SessionAgent
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00850002484848483D09F37D484848480048484848484848004848484848484804000000484848481000000048484848010200000000000520000000210200000000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000500054000000000000000000AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF0F000000FFFFFFFF00000000000000000000000000000000010061006B00650000000000000000000148484848484848
DynamicInfo REG_BINARY 030000002F5EEA51599DCA0100000000000000000000000000000000
Hash REG_BINARY DBC065695455F16521C1F2CCB4FBA71757C53FC6D38C9B87FE41BF26F286E159

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1687EBD-D655-4BEB-B266-CA97FE86CA31}
Path REG_SZ \Microsoft\Office\Office ClickToRun Service Monitor
Hash REG_BINARY 50FE944D2B7E7FCAFCE18A52A3376C6F67393FFFC208FC6471873C26EFBF9D15
Triggers REG_BINARY 15000000000000000180A103000000000060AAB5D59CCB010080A10300000000FFFFFFFFFFFFFFFF4021420148484848626DD390484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484800000000FFFFFFFF08070000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD0000000000000180A103000000000060AAB5D59CCB0100000000000000000000000000000000000000000000000000000000000000008051010000000000FFFFFFFF01000000010000000000000000010000010000006054000000000000
DynamicInfo REG_BINARY 0300000092A96C08BD83D0014D6BD8F7C88AD0010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5EF719C-1129-495D-B461-3AE364D8001D}
Path REG_SZ \Microsoft\Windows\Setup\gwx\launchtrayprocess
Hash REG_BINARY AF438B39098080EAE508EFCC064EC4A150ADB79E14DB05C858A0BDDD2E5BCF7D
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF40854002484848480C0E5EFD484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000504000000484848480000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000AAAA000000000000016B30020000000000201676A646CE010000000000000000FFFFFFFFFFFFFFFF0F000000FFFFFFFF00000000000000000000000000000000019E330200000000050000000000000001484848484848488888000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000007000001007000700072006100690073006500
DynamicInfo REG_BINARY 03000000D8FFA800736ED00100000000000000000000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6AD0326-D7B1-4654-9EA8-040BC8D7DD8F}
Path REG_SZ \Microsoft\Windows\MUI\Mcbuilder
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000137A0010000000000C024BA1856E10148214200484848484BB739B1484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484858020000100E000080F40300FFFFFFFF070000005802000005000000000000000000000000000000000000007600610000000000000000008888000000000000000000000000000000000000000000000137A0010000000000C024BA1856E10100000000FFFFFFFF000000000000000000000000000700000109A001000000000500000000000000
DynamicInfo REG_BINARY 03000000D1AD917E6210CB01D1AD917E6210CB010000000000000000
Hash REG_BINARY 1D1601A44EB1F59CFCBA4930FBCE627F790E19FE3F217533F9D21C27012A772A

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7E6E2D0-04CD-4AE5-B504-1045693A75C6}
Path REG_SZ \Microsoft\Windows\Media Center\ConfigureInternetTimeService
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000021420248484848334EC699484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005120000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 0300000015DE5F55599DCA0100000000000000000000000000000000
Hash REG_BINARY 1A61FB3046F2F771F436B66EDEC9EEC6E1E9E3F219AA4224495928E6BC347BEE

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}
Path REG_SZ \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector
Triggers REG_BINARY 1500000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF00A0C00248484848AA4E8B9D4848484800484848484848480048484848484848040000004848484810000000484848480102000000000005200000002102000000000000484848480000000048484848CCCC000000000000001C24FBFE0700000000000000000000001C24FBFE070000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000000000001010000000000052000000000000000F4000000000000003C00510075006500720079004C006900730074003E003C00510075006500720079002000490064003D00220030002200200050006100740068003D0022004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D004B00650072006E0065006C002D00530074006F00720065004D00670072002F004F007000650072006100740069006F006E0061006C0022003E003C00530065006C00650063007400200050006100740068003D0022004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D004B00650072006E0065006C002D00530074006F00720065004D00670072002F004F007000650072006100740069006F006E0061006C0022003E002A005B00530079007300740065006D005B00500072006F00760069006400650072005B0040004E0061006D0065003D0027004D006900630072006F0073006F00660074002D00570069006E0064006F00770073002D004B00650072006E0065006C002D00530074006F00720065004D006700720027005D00200061006E00640020004500760065006E007400490044003D0036005D005D003C002F00530065006C006500630074003E003C002F00510075006500720079003E003C002F00510075006500720079004C006900730074003E000000484848484848000000000000000000000000000000000000000000000000
DynamicInfo REG_BINARY 03000000E96426304104CA0100000000000000000000000000000000
Hash REG_BINARY CBB12F1ED12986181801A365A6F75001D31D2BB3CF7441BA8541894267D4CC42

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA500187-F0F1-40E5-94DE-BE1E385BF2FD}
Path REG_SZ \Microsoft\Office\OfficeTelemetryAgentFallBack
Hash REG_BINARY 975209FC1D2EE6FB1BD52F7025FEFDBCD6C3B2736BA451FA9CF42577EB10B428
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF88A1400048484848EC1121E2484848480048484848484848004848484848484804000000484848481000000048484848010200000000000520000000210200000000000048484848380000004848484800000000FFFFFFFF00000000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000AAAA000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF08070000FFFFFFFFC0A8000000000000000000000000000001004100670065006E0074004C006F000148484848484848
DynamicInfo REG_BINARY 03000000F0D7B318BD83D001925FEC13188BD0010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA88272C-3B9E-413A-A1A6-340B4FF90C1A}
Path REG_SZ \Microsoft\Windows\Media Center\RecordingRestart
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF60050202484848483E01CFAF484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000514000000484848480000000048484848380000004848484800000000FFFFFFFF80F40300FFFFFFFF06000000000000000000000000000000000000000000000000000000000000000000000000000000FFFF000000000000000000000000000000000000000000000000000000000000FFFFFFFFFFFFFFFF00000000FFFFFFFF0000000000000000000000000007000001005200650063006F00720064006900
DynamicInfo REG_BINARY 03000000F3B07257599DCA0100000000000000000000000000000000
Hash REG_BINARY F5FE5470249EA95DE2CB01D9FA910FB31957ED0FB0F9E03208A37081A057AA08

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA9E5D62-346D-4664-BDAE-141076B9CE63}
Path REG_SZ \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
Triggers REG_BINARY 150000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FFFFFFFFFFFFFF00000000000000000005420248484848073581F7484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005140000004848484800000000484848480000000048484848
DynamicInfo REG_BINARY 030000009B7F165C599DCA0100000000000000000000000000000000
Hash REG_BINARY 0D7CE53B5DEDF3BB738E23E6AFCFF4829C8AF0A3B1179EFB42DD3DAFED865833

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB3C354D-297A-4EB2-9B58-090F6361906B}
Path REG_SZ \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Triggers REG_BINARY 1500000000000000011272FBFE0700000030118B3B4CC801001272FBFE070000FFFFFFFFFFFFFFFF4221420248484848D8D9932B484848480048484848484848004848484848484805000000484848480C0000004848484801010000000000051200000048484848000000004848484838000000484848482C010000201C00002C010000FFFFFFFF07000000000000000000000000000000000000000000000000000000750070000000000000000000DDDD000000000000011272FBFE0700000030118B3B4CC80100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF010000000E0000000000000000010000010000008070000000000000
DynamicInfo REG_BINARY 03000000AA272B304104CA0100000000000000000000000000000000
Hash REG_BINARY 9423B265CBAB426F81672F084E7D9866F685D983B62224712FF0DBC4FFEFE374

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD56C73-F0D5-41B6-B767-6EFFD7966428}
Path REG_SZ \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask
Triggers REG_BINARY 1500000000000000011272FBFE070000002C7103E30BC901001272FBFE070000FFFFFFFFFFFFFFFF5221C20248484848D3FA1AB0484848480048484848484848004848484848484805000000484848480C000000484848480101000000000005130000004848484800000000484848483800000048484848B400000010EF000080F40300FFFFFFFF070000008C0A00000100000000000000000000000000000000000000000000000000800000000000DDDD000000000000011272FBFE070000002C7103E30BC90100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF02000000010010000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 03000000AA272B304104CA0100000000000000000000000000000000
Hash REG_BINARY AEB03F1BC169236F2C3BF019F9D9ED3C213D1E4A568F8C67F1FC3F2EC08649A6

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE1BC75A-F46F-486A-BCE7-62B2DFCC9432}
Path REG_SZ \Opera scheduled Autoupdate 1385488906
Hash REG_BINARY 1C7EA81CC7DF8B546812A82707E9F2E4DB7080FCD045EFBF9E8F24652A64CDFB
Triggers REG_BINARY 15000000000000000180A10300000000800C9D83D181D0010080A10300000000FFFFFFFFFFFFFFFFC8214201484848488D623F55484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484858020000100E0000100E0000FFFFFFFF07000000000000000000000000000000000000000000000000000000000000000000000000000000DDDD0000000000000180A10300000000800C9D83D181D00100000000000000000000000000000000000000000000000000000000000000000000000000000000FFFFFFFF01000000010000000000000000010000010000000000000000000000FFFF0000000000000180A10300000000800C9D83D181D0010000000000000000FFFFFFFFFFFFFFFF2C010000FFFFFFFF0000000000000000000000000007000001FFF401000000000100000000000000
DynamicInfo REG_BINARY 03000000FAA67EC1C081D001F38F09BD2E8BD0010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF64ABA6-99F3-4C3C-ADF5-E40F577CE3A6}
Path REG_SZ \Microsoft\Office\Office Subscription Maintenance
Hash REG_BINARY 9AC3080130FF24538FD4869A8F235756D7F5F9A276121BB9D08D7302FA9C3863
Triggers REG_BINARY 15000000000000000168440200000000804B51A7398BCA010068440200000000FFFFFFFFFFFFFFFFC8214200484848480426A9BD484848480048484848484848004848484848484805000000484848480C00000048484848010100000000000512000000484848480000000048484848380000004848484800000000FFFFFFFF40380000FFFFFFFF070000003C0000000300000000000000000000000000000000000000000000000000000000000000DDDD0000000000000168440200000000804B51A7398BCA01000000000000000000000000000000000000000000000000000000000000000000000000000000004038000001000000010000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 03000000151F57340A81D00112453D9F9E8AD0010000000000000000

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF79CFF7-FBF7-47C2-B117-C2AC7E70ADDC}
Path REG_SZ \Microsoft Office 15 Sync Maintenance for Lucka-PC-Lucka Lucka-PC
Hash REG_BINARY 347C9B19716C23B7CBEA46E95BEB38385B53EAB24B3D7216E335DB155B59B602
Triggers REG_BINARY 1500000000000000000000000000000000000000000000000057E20100000000801379C9CC8FD0013009410248484848BEB7FC66484848480048484848484848004848484848484801000000484848481C000000484848480105000000000005150000001B00BDCE9E973374B4219C41EB030000484848481E000000484848484C00750063006B0061002D00500043005C004C00750063006B00610000004848380000004848484858020000100E000080F4030080C6130007000000000000000000000000000000000000000000000000000000000000000000000000000000AAAA000000000000000000000000000000000000000000000057E201000000008051AB15028FD0013C000000FFFFFFFF00000000000000000000000000000000010065002C002D0032003100390034000048484848484848004848484848484801000000484848481C000000484848480105000000000005150000001B00BDCE9E973374B4219C41EB030000484848481E000000484848484C00750063006B0061002D00500043005C004C00750063006B00610000004848EEEE000000000000000000000000000000000000000000000057E201000000008051AB15028FD00100000000FFFFFFFF00000000000000000000000000070000000053F9FE070000584253F9FE070000DDDD0000000000000057E20100000000805368F5DE8BD0010057E20100000000801379C9CC8FD001000000000000000000000000000000000000000000000000FFFFFFFF00000000000000000000000000010000010000000000000000000000
DynamicInfo REG_BINARY 0300000071D1D9E9656ED00100000000000000000000000000000000


========= End of CMD: =========


==== End of Fixlog 19:09:43

[Reklama]

[mople71]

Fajn, smažeme ducha:

Aplikuj prosím další fixlist pro FRST:

Kód: Vybrat vše

DeleteKey: HKLM\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{685378EF-C551-44E0-BD0D-E83F0C564A2C}
DeleteKey: HKLM\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D232EDDF-89F1-4363-898F-F2A9A645EB0E}


A řekni, jestli to vyřešilo problém.

[Kanovka]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Lucka at 2015-05-10 19:22:14 Run:5
Running from C:\Users\Lucka\Desktop
Loaded Profiles: Lucka (Available profiles: Lucka)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
DeleteKey: HKLM\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{685378EF-C551-44E0-BD0D-E83F0C564A2C}
DeleteKey: HKLM\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D232EDDF-89F1-4363-898F-F2A9A645EB0E}

*****************

HKLM\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{685378EF-C551-44E0-BD0D-E83F0C564A2C} => Key not found.
HKLM\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D232EDDF-89F1-4363-898F-F2A9A645EB0E} => Key not found.

==== End of Fixlog 19:22:14 ====

[mople71]

Damn, já jsem taky šikula po večerech...

Nový fixlist:

Kód: Vybrat vše

DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{685378EF-C551-44E0-BD0D-E83F0C564A2C}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D232EDDF-89F1-4363-898F-F2A9A645EB0E}]


Díky za trpělivost se mnou.

[Kanovka]

ježiši v pohodě, já jsem ráda, že mi tu někdo takhle pomáhá, od začátku týhle dlouhý etapy čištění vidím na pc, že je o dost rychlejší než býval, tak to už je pro mě úspěch

[Kanovka]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by Lucka at 2015-05-10 19:27:00 Run:6
Running from C:\Users\Lucka\Desktop
Loaded Profiles: Lucka (Available profiles: Lucka)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{685378EF-C551-44E0-BD0D-E83F0C564A2C}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D232EDDF-89F1-4363-898F-F2A9A645EB0E}]

*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{685378EF-C551-44E0-BD0D-E83F0C564A2C} => Key Deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D232EDDF-89F1-4363-898F-F2A9A645EB0E} => Key Deleted successfully.

==== End of Fixlog 19:27:00 ====

[mople71]

Jo koukám, že se kolegové v tomto tématu vyřádili...


Konečně! Duch odmeten.

Vyzkoušej prosím, jestli to pomohlo.

[Kanovka]

takže taskeng.exe stále ve stejným stavu - po startu počítače se objeví na minutu až dvě, takže věřím, že i za tak půl hodiny problikne

[mople71]

Tak to je špatný, já doufal, že za to může ten orphan, ale evidentně to způsobuje něco jiného... Potom se ozvu s dalším postupem, teď si pozorně projdu všechny tvé logy.

[jaro3]

Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
msconfig
%SYSTEMDRIVE%\*.*
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
%systemroot%\system32\*.sys /90
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.exe /lockedfiles
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\*
%USERPROFILE%\..|smtmp;true;true;true /FP
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT


Klikni na Rychle prohledat ,neměň jiná nastavení a nech program pracovat až do konce.
Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem zkopíruj.

[Kanovka]

OTL logfile created on: 11.5.2015 10:51:40 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucka\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,87 Gb Total Physical Memory | 2,28 Gb Available Physical Memory | 58,87% Memory free
7,73 Gb Paging File | 5,76 Gb Available in Paging File | 74,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254,14 Gb Total Space | 59,58 Gb Free Space | 23,44% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 8,84 Gb Free Space | 30,47% Space Free | Partition Type: NTFS

Computer Name: LUCKA-PC | User Name: Lucka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Lucka\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Avast Software s.r.o.)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Avast Software s.r.o.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe (Fortinet Inc.)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe ()
PRC - C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe (AVerMedia Technologies, Inc.)
PRC - C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe (AVerMedia TECHNOLOGIES, Inc.)
PRC - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia)
PRC - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Alwil Software\Avast5\log.dll ()
MOD - C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0967cf5c31691f38d013263304d2dacb\System.Runtime.Remoting.ni.dll ()
MOD - C:\Program Files\Alwil Software\Avast5\libcef.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Unlocker\UnlockerHook.dll ()
MOD - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe ()
MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll ()
MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (Avast Software s.r.o.)
SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (RichVideo64) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe ()
SRV:64bit: - (Lenovo ReadyComm ConnSvc) -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)
SRV:64bit: - (Lenovo ReadyComm AppSvc) -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)
SRV:64bit: - (btwdins) -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FortiSslvpnDaemon) -- C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe (Fortinet Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AVerScheduleService) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe ()
SRV - (SnugTV Service) -- C:\Program Files (x86)\SnugTV\SnugTV Station\AMAServer.exe (AVerMedia Technologies, Inc.)
SRV - (AVerUpdateServer) -- C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe (AVerMedia TECHNOLOGIES, Inc.)
SRV - (AVerRemote) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe (AVerMedia)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (PS_MDP) -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)
SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)
SRV - (ReadyComm.DirectRouter) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (Avast Software s.r.o.)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (Avast Software s.r.o.)
DRV:64bit: - (aswVmm) -- C:\windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (Avast Software s.r.o.)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRvrt) -- C:\windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (Avast Software s.r.o.)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (USB_Ethernet_Adaptor) -- C:\Windows\SysNative\drivers\USB_Ethernet_Adaptor.sys (Corechip Semiconductor, Inc. Co Ltd.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (AVerAF35) -- C:\Windows\SysNative\drivers\AVerAF35.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (vm331avs) -- C:\Windows\SysNative\drivers\vm331avs.sys (Vimicro Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (pppop) -- C:\Windows\SysNative\drivers\pppop64.sys (Fortinet Inc.)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)
DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (zntport) -- C:\Windows\SysWOW64\drivers\zntport.sys (Zeal SoftStudio)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\SearchScopes,DefaultScope = {A6C454C5-930B-4CE7-8E16-3E9940CA7EF8}
IE - HKCU\..\SearchScopes\{A6C454C5-930B-4CE7-8E16-3E9940CA7EF8}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lucka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.18 10:17:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.18 10:17:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015.05.06 09:44:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015.05.06 09:17:02 | 000,000,000 | ---D | M]

[2015.05.10 09:28:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucka\AppData\Roaming\Mozilla\Extensions
[2015.05.10 09:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\2yzghyrg.default\extensions
[2012.06.18 10:17:19 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft® Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Lucka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

O1 HOSTS File: ([2015.05.05 11:02:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (Avast Software s.r.o.)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Reg Error: Key error. File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.0.5 172.16.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{09D7AE3C-8A01-4BC3-A5CC-FFD74403F727}: DhcpNameServer = 172.16.0.5 172.16.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83199F48-23FA-4236-949E-A530B31DC67D}: DhcpNameServer = 160.217.1.10 160.217.161.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4838177-D353-400C-BE75-5B0DF50BC612}: DhcpNameServer = 172.16.0.5 172.16.10.1
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe - (AVerMedia TECHNOLOGIES, Inc.)
MsConfig:64bit - StartUpFolder: C:^Users^Lucka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation)
MsConfig:64bit - StartUpReg: cz.seznam.software.autoupdate - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: cz.seznam.software.szndesktop - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: EA Core - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Lucka\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2015.05.10 12:03:42 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Desktop\SilentRunners
[2015.05.10 11:08:59 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Desktop\FRST-OlderVersion
[2015.05.09 23:45:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2015.05.09 22:50:21 | 000,000,000 | ---D | C] -- C:\_OTM
[2015.05.09 22:47:26 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTM.exe
[2015.05.08 16:00:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
[2015.05.08 15:56:25 | 000,221,384 | ---- | C] (ESET) -- C:\Users\Lucka\Desktop\ESETPoweliksCleaner.exe
[2015.05.08 14:07:49 | 005,200,384 | ---- | C] (AVAST Software) -- C:\Users\Lucka\Desktop\aswmbr.exe
[2015.05.08 14:07:07 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Desktop\backups
[2015.05.08 12:22:04 | 000,000,000 | ---D | C] -- C:\FRST
[2015.05.08 12:21:41 | 002,102,784 | ---- | C] (Farbar) -- C:\Users\Lucka\Desktop\FRST64.exe
[2015.05.08 11:47:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015.05.08 11:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015.05.08 11:44:12 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015.05.06 09:45:29 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\windows\SysNative\aswBoot.exe
[2015.05.06 09:44:56 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\windows\avastSS.scr
[2015.05.05 17:56:14 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Local\Seven Zip
[2015.05.05 11:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2015.05.04 23:30:13 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Local\CrashDumps
[2015.05.03 19:41:33 | 000,000,000 | ---D | C] -- C:\windows\temp
[2015.05.03 11:24:21 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2015.05.02 07:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2015.05.02 07:39:44 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Desktop\mbar
[2015.05.01 23:11:30 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.05.01 23:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015.05.01 23:10:56 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2015.05.01 23:10:56 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2015.05.01 23:10:56 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2015.05.01 23:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015.05.01 22:44:12 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015.05.01 22:35:18 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lucka\Desktop\HijackThis.exe
[2015.05.01 21:02:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DLLSuite
[2015.04.22 07:13:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.04.20 15:51:55 | 000,000,000 | --SD | C] -- C:\windows\SysWow64\Microsoft
[2015.04.19 21:37:27 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Documents\Mé dokumenty IDEA
[2015.04.19 21:37:27 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\CaseWare IDEA
[2015.04.19 17:42:53 | 006,525,440 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\windows\SysNative\cdintf450_64.dll
[2015.04.19 17:42:49 | 004,809,728 | ---- | C] (Amyuni Technologies
http://www.amyuni.com) -- C:\windows\SysWow64\cdintf450.dll
[2015.04.19 17:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDEA
[2015.04.19 17:38:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Audicon
[2015.04.19 17:37:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CaseWare IDEA
[2015.04.19 17:32:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2015.04.19 08:50:53 | 000,000,000 | ---D | C] -- C:\Users\Lucka\Desktop\finap
[2015.04.16 12:57:32 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Local\Startup
[2015.04.16 12:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Softland
[2015.04.16 12:40:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Softland
[2015.04.13 17:03:13 | 000,000,000 | ---D | C] -- C:\Users\Lucka\AppData\Roaming\Zeon
[2015.04.13 17:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\zeon
[2015.04.13 17:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zeon

========== Files - Modified Within 30 Days ==========

[2015.05.11 03:31:23 | 000,022,464 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.05.11 03:31:23 | 000,022,464 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.05.11 03:19:28 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat
[2015.05.11 03:19:07 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2015.05.10 19:53:56 | 001,038,804 | ---- | M] () -- C:\Users\Lucka\Desktop\fotka1.jpg
[2015.05.10 12:03:28 | 000,117,164 | ---- | M] () -- C:\Users\Lucka\Desktop\SilentRunners.zip
[2015.05.10 11:47:34 | 000,513,136 | ---- | M] () -- C:\Users\Lucka\Desktop\Silent Runners.vbs
[2015.05.10 11:32:58 | 000,084,900 | ---- | M] () -- C:\Users\Lucka\Desktop\Clipboard01.jpg
[2015.05.10 11:08:59 | 002,102,784 | ---- | M] (Farbar) -- C:\Users\Lucka\Desktop\FRST64.exe
[2015.05.10 10:55:18 | 000,001,077 | ---- | M] () -- C:\Users\Lucka\Desktop\internet.reg
[2015.05.09 22:47:26 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTM.exe
[2015.05.09 22:20:09 | 000,165,376 | ---- | M] () -- C:\Users\Lucka\Desktop\SystemLook_x64.exe
[2015.05.08 16:00:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucka\Desktop\OTL.exe
[2015.05.08 15:56:30 | 000,221,384 | ---- | M] (ESET) -- C:\Users\Lucka\Desktop\ESETPoweliksCleaner.exe
[2015.05.08 15:21:13 | 000,000,512 | ---- | M] () -- C:\Users\Lucka\Desktop\MBR.dat
[2015.05.08 14:07:57 | 005,200,384 | ---- | M] (AVAST Software) -- C:\Users\Lucka\Desktop\aswmbr.exe
[2015.05.08 11:55:08 | 001,468,046 | ---- | M] () -- C:\Users\Lucka\Documents\cc_20150508_115437.reg
[2015.05.08 11:44:13 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.05.06 09:45:09 | 000,137,288 | ---- | M] (Avast Software s.r.o.) -- C:\windows\SysNative\drivers\aswStm.sys
[2015.05.06 09:45:08 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\windows\SysNative\drivers\aswSP.sys
[2015.05.06 09:45:08 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\windows\SysNative\aswBoot.exe
[2015.05.06 09:45:08 | 000,272,248 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2015.05.06 09:45:08 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2015.05.06 09:45:08 | 000,089,944 | ---- | M] (Avast Software s.r.o.) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2015.05.06 09:45:08 | 000,065,736 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2015.05.06 09:45:08 | 000,029,168 | ---- | M] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2015.05.06 09:44:56 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\windows\avastSS.scr
[2015.05.06 09:44:14 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\windows\SysNative\drivers\aswSnx.sys
[2015.05.05 18:26:53 | 000,672,424 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2015.05.05 18:26:53 | 000,657,422 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015.05.05 18:26:53 | 000,142,988 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2015.05.05 18:26:53 | 000,123,234 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015.05.05 18:20:25 | 000,000,535 | ---- | M] () -- C:\windows\SysWow64\mapisvc.inf
[2015.05.05 11:26:56 | 159,428,216 | ---- | M] () -- C:\Users\Lucka\Desktop\Kaspersky_Virus_Removal_Tool_11.0.3.7_[28.08.2014].exe
[2015.05.05 11:22:35 | 000,012,629 | ---- | M] () -- C:\Users\Lucka\Desktop\hijackthis1
[2015.05.05 11:02:27 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2015.05.03 10:21:22 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.05.03 07:50:53 | 000,037,624 | ---- | M] () -- C:\windows\SysNative\drivers\TrueSight.sys
[2015.05.02 07:41:00 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.05.02 07:39:47 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2015.05.01 23:11:06 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.05.01 22:43:18 | 002,224,640 | ---- | M] () -- C:\Users\Lucka\Desktop\adwcleaner_4.202.exe
[2015.05.01 22:43:12 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2015.05.01 22:35:30 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lucka\Desktop\HijackThis.exe
[2015.04.28 18:26:19 | 000,131,084 | ---- | M] () -- C:\Users\Lucka\Desktop\Ukazkatestu1.pdf
[2015.04.22 17:01:44 | 001,724,548 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015.04.19 17:38:59 | 000,001,997 | ---- | M] () -- C:\Users\Lucka\Desktop\IDEA.lnk
[2015.04.18 22:29:54 | 000,339,868 | ---- | M] () -- C:\Users\Lucka\Desktop\státnicové otázky.pdf
[2015.04.17 22:00:29 | 001,981,116 | ---- | M] () -- C:\Users\Lucka\Documents\Diplomová práce17.4.pdf
[2015.04.16 03:33:20 | 001,700,198 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2015.04.14 09:37:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2015.04.14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2015.05.10 19:53:54 | 001,038,804 | ---- | C] () -- C:\Users\Lucka\Desktop\fotka1.jpg
[2015.05.10 12:03:42 | 000,513,136 | ---- | C] () -- C:\Users\Lucka\Desktop\Silent Runners.vbs
[2015.05.10 12:03:22 | 000,117,164 | ---- | C] () -- C:\Users\Lucka\Desktop\SilentRunners.zip
[2015.05.10 10:31:00 | 000,084,900 | ---- | C] () -- C:\Users\Lucka\Desktop\Clipboard01.jpg
[2015.05.10 10:29:26 | 000,001,077 | ---- | C] () -- C:\Users\Lucka\Desktop\internet.reg
[2015.05.09 22:20:09 | 000,165,376 | ---- | C] () -- C:\Users\Lucka\Desktop\SystemLook_x64.exe
[2015.05.08 15:21:13 | 000,000,512 | ---- | C] () -- C:\Users\Lucka\Desktop\MBR.dat
[2015.05.08 11:54:43 | 001,468,046 | ---- | C] () -- C:\Users\Lucka\Documents\cc_20150508_115437.reg
[2015.05.08 11:44:13 | 000,000,782 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.05.05 11:24:14 | 159,428,216 | ---- | C] () -- C:\Users\Lucka\Desktop\Kaspersky_Virus_Removal_Tool_11.0.3.7_[28.08.2014].exe
[2015.05.05 11:22:34 | 000,012,629 | ---- | C] () -- C:\Users\Lucka\Desktop\hijackthis1
[2015.05.03 07:50:15 | 000,037,624 | ---- | C] () -- C:\windows\SysNative\drivers\TrueSight.sys
[2015.05.01 23:11:06 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.05.01 22:43:01 | 002,224,640 | ---- | C] () -- C:\Users\Lucka\Desktop\adwcleaner_4.202.exe
[2015.04.28 18:26:19 | 000,131,084 | ---- | C] () -- C:\Users\Lucka\Desktop\Ukazkatestu1.pdf
[2015.04.19 17:38:59 | 000,001,997 | ---- | C] () -- C:\Users\Lucka\Desktop\IDEA.lnk
[2015.04.18 22:29:53 | 000,339,868 | ---- | C] () -- C:\Users\Lucka\Desktop\státnicové otázky.pdf
[2015.04.17 22:00:29 | 001,981,116 | ---- | C] () -- C:\Users\Lucka\Documents\Diplomová práce17.4.pdf
[2015.04.15 15:29:28 | 000,016,303 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2015.04.15 15:29:27 | 000,016,303 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2015.02.11 23:42:25 | 000,000,218 | ---- | C] () -- C:\Users\Lucka\AppData\Local\recently-used.xbel
[2011.01.29 09:12:14 | 000,007,597 | ---- | C] () -- C:\Users\Lucka\AppData\Local\Resmon.ResmonCfg
[2010.07.30 07:57:44 | 000,007,680 | ---- | C] () -- C:\Users\Lucka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.10 14:22:28 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[Kanovka]

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.12.28 18:34:11 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\.minecraft
[2012.02.17 11:16:18 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\602Installer
[2012.02.16 12:02:12 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\602XML
[2012.10.20 17:48:53 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\AlawarEntertainment
[2010.06.10 14:22:56 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\ArcSyncConfig
[2015.05.04 23:34:57 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Atari
[2012.08.15 19:30:27 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Audacity
[2013.10.23 07:31:13 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\AVAST Software
[2014.11.17 22:53:48 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\calibre
[2015.04.19 21:37:27 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\CaseWare IDEA
[2013.12.27 23:52:08 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\DAEMON Tools Lite
[2015.04.27 20:35:42 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Dropbox
[2012.04.02 19:37:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Exec
[2011.05.28 14:43:27 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GetRightToGo
[2014.06.05 22:12:02 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\GHISLER
[2013.12.02 22:34:02 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\gtk-2.0
[2013.09.27 20:27:45 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\ICQ
[2015.05.08 11:47:30 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\inkscape
[2013.02.07 14:15:03 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\IrfanView
[2011.09.16 19:24:27 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\langmaster.sz
[2013.08.22 19:05:18 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Leadertech
[2014.06.05 22:17:14 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\LockHunter
[2013.05.26 17:43:14 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\NetBeans
[2010.09.08 16:33:56 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Nvu
[2011.06.28 23:43:32 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Opera
[2013.11.26 20:02:08 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Opera Software
[2014.09.10 19:19:01 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Oracle
[2011.08.17 19:47:31 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Pavtube
[2015.05.04 23:27:15 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\pyramidak
[2015.05.04 23:33:18 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Seznam Browser
[2015.05.03 09:39:16 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Seznam.cz
[2011.09.18 20:06:52 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Shape games
[2010.07.02 17:13:19 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\SoftGate
[2015.04.17 21:58:28 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Softland
[2012.07.21 14:35:39 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Spacejock Software
[2011.09.27 12:12:34 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\StatSoft
[2015.05.08 11:47:46 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\TeamViewer
[2014.06.30 21:13:26 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Unity
[2011.08.22 09:39:10 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\VitySoft
[2010.07.23 07:16:39 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Windows Live Writer
[2015.04.13 17:03:13 | 000,000,000 | ---D | M] -- C:\Users\Lucka\AppData\Roaming\Zeon

========== Purity Check ==========



========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2011.09.18 13:07:57 | 000,003,229 | ---- | M] () -- C:\fftrlog.txt
[2015.05.11 03:19:07 | 3113,365,504 | -HS- | M] () -- C:\hiberfil.sys
[2015.04.19 18:15:14 | 001,611,562 | ---- | M] () -- C:\IDEAX86InstallLog.log
[2015.05.11 03:19:16 | 4151,156,736 | -HS- | M] () -- C:\pagefile.sys
[2015.04.19 17:12:36 | 000,055,234 | ---- | M] () -- C:\SafeNetLMx86Installation.log
[2012.08.14 13:04:45 | 000,000,447 | ---- | M] () -- C:\user.js

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.sys /90 >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\* >
[2009.07.14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2014.06.06 07:48:54 | 000,899,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2014.06.06 07:48:54 | 000,899,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2014.06.06 07:48:54 | 000,899,176 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [2014.06.06 06:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2014.06.06 06:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2014.06.06 06:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2015.04.28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2015.04.28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2015.04.28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2015.04.28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2015.04.02 02:17:44 | 000,813,744 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2015.04.02 01:49:48 | 000,815,288 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ShowIconsCommand [2013.07.14 14:47:43 | 000,879,456 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Opera\Opera.exe" /HideIconsCommand [2013.07.14 14:47:43 | 000,879,456 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Opera\Opera.exe" /ReInstallBrowser [2013.07.14 14:47:43 | 000,879,456 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\Program Files (x86)\Opera\Opera.exe" [2013.07.14 14:47:43 | 000,879,456 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaStable\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Opera\Launcher.exe" --showicons [2015.04.17 10:13:12 | 000,888,440 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaStable\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Opera\Launcher.exe" --hideicons [2015.04.17 10:13:12 | 000,888,440 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaStable\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Opera\Launcher.exe" --makedefaultbrowser [2015.04.17 10:13:12 | 000,888,440 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaStable\shell\open\command\\: "C:\Program Files (x86)\Opera\Launcher.exe" [2015.04.17 10:13:12 | 000,888,440 | ---- | M] (Opera Software)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2014.06.06 07:48:54 | 000,899,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2014.06.06 07:48:54 | 000,899,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2014.06.06 07:48:54 | 000,899,176 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" [2014.06.06 06:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2014.06.06 06:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2014.06.06 06:38:12 | 000,275,568 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2015.04.28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2015.04.28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2015.04.28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2015.04.28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2015.03.13 05:08:16 | 000,720,384 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2015.03.13 05:08:16 | 000,720,384 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2015.03.13 05:08:16 | 000,720,384 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2015.04.02 02:17:44 | 000,813,744 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2015.04.02 01:49:48 | 000,815,288 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /SHOWICONSCOMMAND [2013.07.14 14:47:43 | 000,879,456 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /HIDEICONSCOMMAND [2013.07.14 14:47:43 | 000,879,456 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" /REINSTALLBROWSER [2013.07.14 14:47:43 | 000,879,456 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera\shell\open\command\\: "C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE" [2013.07.14 14:47:43 | 000,879,456 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaStable\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\LAUNCHER.EXE" --SHOWICONS [2015.04.17 10:13:12 | 000,888,440 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaStable\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\OPERA\LAUNCHER.EXE" --HIDEICONS [2015.04.17 10:13:12 | 000,888,440 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaStable\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\OPERA\LAUNCHER.EXE" --MAKEDEFAULTBROWSER [2015.04.17 10:13:12 | 000,888,440 | ---- | M] (Opera Software)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\OperaStable\shell\open\command\\: "C:\PROGRAM FILES (X86)\OPERA\LAUNCHER.EXE" [2015.04.17 10:13:12 | 000,888,440 | ---- | M] (Opera Software)

< End of report >